urlscan.io logo urlscan.io
SecurityTrails logo

captcha.kra20.lat Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://krmp712.bot/
Effective URL: https://captcha.kra20.lat/
Submission: On December 12 via api from US — Scanned from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 18 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is captcha.kra20.lat.
TLS certificate: Issued by WE1 on November 17th 2024. Valid for: 3 months.
This is the only time captcha.kra20.lat was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
4 19 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
18 3
Apex Domain
Subdomains		 Transfer
19 kra20.lat
kra20.lat
captcha.kra20.lat
41 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 krmp712.bot
krmp712.bot
730 B
0 gstatic.com Failed
fonts.gstatic.com Failed
18 4
Domain Requested by
10 captcha.kra20.lat 2 redirects kra20.lat
captcha.kra20.lat
9 kra20.lat 2 redirects kra20.lat
1 fonts.googleapis.com captcha.kra20.lat
1 krmp712.bot 1 redirects
0 fonts.gstatic.com Failed fonts.googleapis.com
18 5

This site contains no links.

Subject Issuer Validity Valid
kra20.lat
WE1		 2024-11-17 -
2025-02-15		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://captcha.kra20.lat/
Frame ID: CF5988E90C6B36F689D42CB77E7F7C9F
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Captcha

Page URL History Show full URLs

  1. https://krmp712.bot/ HTTP 302
    https://kra20.lat/ Page URL
  2. https://kra20.lat/ HTTP 302
    https://kra20.lat/ Page URL
  3. https://kra20.lat/?cf_captcha_success=1 HTTP 302
    https://captcha.kra20.lat/ Page URL
  4. https://captcha.kra20.lat/ HTTP 302
    https://captcha.kra20.lat/ HTTP 302
    https://captcha.kra20.lat/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

18
Requests

89 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

3
IPs

2
Countries

39 kB
Transfer

95 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://krmp712.bot/ HTTP 302
    https://kra20.lat/ Page URL
  2. https://kra20.lat/ HTTP 302
    https://kra20.lat/ Page URL
  3. https://kra20.lat/?cf_captcha_success=1 HTTP 302
    https://captcha.kra20.lat/ Page URL
  4. https://captcha.kra20.lat/ HTTP 302
    https://captcha.kra20.lat/ HTTP 302
    https://captcha.kra20.lat/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://krmp712.bot/ HTTP 302
  • https://kra20.lat/
Request Chain 4
  • https://kra20.lat/ HTTP 302
  • https://kra20.lat/
Request Chain 8
  • https://kra20.lat/?cf_captcha_success=1 HTTP 302
  • https://captcha.kra20.lat/

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
kra20.lat/
Redirect Chain
  • https://krmp712.bot/
  • https://kra20.lat/
718 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kra20.lat/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f0f4578efcceb4c-CPH
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 12 Dec 2024 17:00:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K6d3eb4Evp4czHjBTfdfw8TA3AcotoPkMQdgn7qJMmhMwDiZTySEU%2BJo9j4oJmwUgQpcM4Cfrw6jvts1x04lcBGlxPnM%2Bq%2BHQtWw9dpw9xNvXUaXRQEn3FYzOXRni%2FKc%2BGJ0NL54Zf4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=36771&min_rtt=34156&rtt_var=11733&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4193&recv_bytes=4427&delivery_rate=12875&cwnd=12000&unsent_bytes=0&cid=5c257cf7954bea8f&ts=469&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f0f45758a2892f8-CPH
content-type
text/html; charset=UTF-8
date
Thu, 12 Dec 2024 17:00:33 GMT
location
https://kra20.lat
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LzZIVAr6LPXuVoRRTSezLO3GhYbk8XnBSdpELqFpN1oBYbovQivGINv2m6hHCCJtd4xRC8lTP3LCLL6Xo7LltqW%2Bs1S5JOqycBvuMJViqVgwM%2FUfconpUxE9GwQC9jEBGsFVoQ8sZDuB1g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=46612&min_rtt=42490&rtt_var=10906&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4181&recv_bytes=5656&delivery_rate=12391&cwnd=12000&unsent_bytes=0&cid=463479e94d48ba2a&ts=231&x=1" cfExtPri cfHdrFlush;dur=0
connect.min.js
kra20.lat/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kra20.lat/js/connect.min.js?1
Requested by
Host: kra20.lat
URL: https://kra20.lat/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa0fd5b129cc1062500cf31c6be66f6617d829c3e4ccf0dc7cdba46f992632e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kra20.lat/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"2c0a-6243578862419-gzip"
age
1577
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xG1vtsMENqT4QrbdJZsoEsZYFvUpKYJDgOLcvykBsv15a7q%2BE9YYyAkQ%2FJ%2BMUJGwAjN63XqlVOHYA%2FO3pq%2FDJbQVcv0iuc1XK7H7fbnfjST1rywB1V257o2nq%2F8hjBvtHbG72Ysyl8U%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36556&min_rtt=34156&rtt_var=6972&sent=15&recv=13&lost=0&retrans=0&sent_bytes=5676&recv_bytes=4890&delivery_rate=41363&cwnd=12000&unsent_bytes=0&cid=5c257cf7954bea8f&ts=776&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 17:00:34 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 15:52:14 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f0f457b1beeeb4c-CPH
accept-ranges
bytes
content-length
2923
server
cloudflare
take_server.php
kra20.lat/modules/onion_servers/ 		0
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kra20.lat/modules/onion_servers/take_server.php
Requested by
Host: kra20.lat
URL: https://kra20.lat/js/connect.min.js?1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
X-Requested-With
XMLHttpRequest

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xk0UPFqFdUqxANMplTJkfKPsLDC%2BIa%2BhUl%2BbdxdyaXmnZX2BG2vuPh0ZCt6USpNvpVfvE7ceAkYdhGNS3NmJKq2Q3viD5tMHTyOL%2FqXgfCM7ND78COgItPX1GSfA%2BKEIW5UcLAIA7B4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0f45818832eb4c-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=59073&min_rtt=34156&rtt_var=38370&sent=24&recv=18&lost=0&retrans=1&sent_bytes=12015&recv_bytes=5906&delivery_rate=35168&cwnd=12000&unsent_bytes=0&cid=5c257cf7954bea8f&ts=1825&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 17:00:35 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=1,i
favicon.ico
kra20.lat/ 		598 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://kra20.lat/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"256-624357819dd6a"
age
2741
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ouvm4W77I8GWuJhIEmyraIYz%2BwAMcrGXsPeZFkSIt65WjWqUoAuSLSIxyE7vN%2Fg3IReC1xC%2FJfjuYS%2BayPR10AT%2BnfqIjSur7T3bmJR%2FyTkTutp4o%2BR4QRPLEc2J7x5%2BSi%2BjNVAqGvs%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=59073&min_rtt=34156&rtt_var=38370&sent=22&recv=18&lost=0&retrans=1&sent_bytes=10643&recv_bytes=5906&delivery_rate=35168&cwnd=12000&unsent_bytes=0&cid=5c257cf7954bea8f&ts=1808&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 17:00:35 GMT
content-type
image/vnd.microsoft.icon
last-modified
Fri, 11 Oct 2024 15:52:07 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f0f45818835eb4c-CPH
server
cloudflare
/
kra20.lat/
Redirect Chain
  • https://kra20.lat/
  • https://kra20.lat/
14 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kra20.lat/
Requested by
Host: kra20.lat
URL: https://kra20.lat/js/connect.min.js?1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2642c93f7c953706fe5d298539c927d1dc5ddd9991a2e9a701595a7c2f01728

Request headers

Referer
https://kra20.lat/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f0f4582b9f9eb4c-CPH
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 12 Dec 2024 17:00:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=STplQMI9kBLq8ZTFPpqehIfPR8eOlFv4nBIzK2TlSAtNA5LLJ%2FfyJ1wabKbbtMO%2BPBRVEKbuaIN6sO3ft1eGxDMufjJgkyvljwaUP1x2Wa0ysUqknhtqW5enKrmSJ1m05fpFmfLiWvA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=60162&min_rtt=34156&rtt_var=22856&sent=28&recv=23&lost=0&retrans=1&sent_bytes=13583&recv_bytes=7072&delivery_rate=8420&cwnd=12000&unsent_bytes=0&cid=5c257cf7954bea8f&ts=2022&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f0f45822903eb4c-CPH
content-type
text/html; charset=UTF-8
date
Thu, 12 Dec 2024 17:00:35 GMT
location
/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hYQKWGDbhjnsAUl5rObYYfpcQUK3YKJaPNWRlrX%2B%2Fa%2BJRAPCru902WGcHWdpAR8jnXmuZqGYasIwN4x4d3Fn%2F57oRwOXLPiO3dZwE%2FS7niM2z6aWg1fy9H22j%2FRo8a7Q9a%2BtKYkX1WE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=59027&min_rtt=34156&rtt_var=27447&sent=26&recv=21&lost=0&retrans=1&sent_bytes=12776&recv_bytes=6502&delivery_rate=46385&cwnd=12000&unsent_bytes=0&cid=5c257cf7954bea8f&ts=1922&x=1" cfExtPri cfHdrFlush;dur=0
truncated
/ 		586 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
transparent.gif
kra20.lat/cdn-cgi/images/trace/managed/nojs/ 		553 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kra20.lat/cdn-cgi/images/trace/managed/nojs/transparent.gif?ray=794d630be9c098f7
Requested by
Host: kra20.lat
URL: https://kra20.lat/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fc8caf11b83feb15665491d9f3d0d788299fa8a94adc7adbc256acc0917f5cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kra20.lat/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
cf-ray
8f0f4584ed80eb4c-CPH
date
Thu, 12 Dec 2024 17:00:35 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
favicon.ico
kra20.lat/ 		598 B
0 		Other
General
Check archive.org
Download Go to
Full URL
https://kra20.lat/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f0b7e5217318eedc1b42ca1ce5e128c649c97082912f1d800eec1325207ad96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kra20.lat/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"256-624357819dd6a"
age
2741
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ouvm4W77I8GWuJhIEmyraIYz%2BwAMcrGXsPeZFkSIt65WjWqUoAuSLSIxyE7vN%2Fg3IReC1xC%2FJfjuYS%2BayPR10AT%2BnfqIjSur7T3bmJR%2FyTkTutp4o%2BR4QRPLEc2J7x5%2BSi%2BjNVAqGvs%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=59073&min_rtt=34156&rtt_var=38370&sent=22&recv=18&lost=0&retrans=1&sent_bytes=10643&recv_bytes=5906&delivery_rate=35168&cwnd=12000&unsent_bytes=0&cid=5c257cf7954bea8f&ts=1808&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 17:00:35 GMT
content-type
image/vnd.microsoft.icon
last-modified
Fri, 11 Oct 2024 15:52:07 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f0f45818835eb4c-CPH
server
cloudflare
/
captcha.kra20.lat/
Redirect Chain
  • https://kra20.lat/?cf_captcha_success=1
  • https://captcha.kra20.lat/
718 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://captcha.kra20.lat/
Requested by
Host: kra20.lat
URL: https://kra20.lat/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://kra20.lat/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f0f45925d9aeb4c-CPH
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 12 Dec 2024 17:00:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mn9hfGpjSeLTgRzV4O%2FWoWnxpGgnZMxNZZdKNPAAznWuDNQM8hmZzQOAkFEesdwwrb0gvQX9nong7EFI1C8dD%2FUjneEfV5MzDobwEbRqEniowxNtZqa4XsIHvDcrUIQ03Xbl1fbAwtKMfHW%2FpDMGpg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=71765&min_rtt=34156&rtt_var=24216&sent=40&recv=32&lost=0&retrans=1&sent_bytes=22192&recv_bytes=8804&delivery_rate=5833&cwnd=12000&unsent_bytes=0&cid=5c257cf7954bea8f&ts=4544&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f0f45919c62eb4c-CPH
content-type
text/html; charset=UTF-8
date
Thu, 12 Dec 2024 17:00:38 GMT
location
https://captcha.kra20.lat
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f7L6KHtC1AuyS6dLSHUnMHX3vTstW3OPvUKPFQS25MJEfxUftKSf8B3NyT95urwAXeqM8OxHjC8yYvMcH9%2FCzjTdlDQTwWsRHb5UhqbbrtG%2BCV4W5jlokDXedn327624y0BrxlvG6XM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=67687&min_rtt=34156&rtt_var=21413&sent=38&recv=30&lost=0&retrans=1&sent_bytes=21437&recv_bytes=8374&delivery_rate=3719&cwnd=12000&unsent_bytes=0&cid=5c257cf7954bea8f&ts=4395&x=1" cfExtPri cfHdrFlush;dur=0
connect.min.js
captcha.kra20.lat/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.kra20.lat/js/connect.min.js?1
Requested by
Host: captcha.kra20.lat
URL: https://captcha.kra20.lat/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://captcha.kra20.lat/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"2c0a-6243578862419-gzip"
age
4284
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OkiqsSHo9wf3SP57mz0ugspWhIK28DbSkjG5HG8LSd4UUDwIC0ncFNm8KLiONPDpHB6hfWIgEmNA3X%2BdDH5gsBomaiBN8IxE3GfowksuXvERa0nsQ%2BLEZzkAqgPXgJxrjGx1NTLeD6%2BB70eiO217ag%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=74645&min_rtt=34156&rtt_var=23922&sent=43&recv=34&lost=0&retrans=1&sent_bytes=23648&recv_bytes=9236&delivery_rate=15113&cwnd=12000&unsent_bytes=0&cid=5c257cf7954bea8f&ts=4725&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 17:00:38 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 15:52:14 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f0f4593c862eb4c-CPH
accept-ranges
bytes
content-length
2923
server
cloudflare
take_server.php
captcha.kra20.lat/modules/onion_servers/ 		0
729 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://captcha.kra20.lat/modules/onion_servers/take_server.php
Requested by
Host: captcha.kra20.lat
URL: https://captcha.kra20.lat/js/connect.min.js?1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
X-Requested-With
XMLHttpRequest

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=atxKBGhqy2ZwEMc%2BzIuWXQmD5EKH%2FdBSN2sX6%2FURJ99BUnMzWr6C6tulf7WCvOhXhaqW4J8PSEklm%2FojDwI59ibngryu6NIXL3dXGWgUyxpkVZImnJVz2QNA0SGeyJsnJlLZBHYuUry%2BZ%2Fg4xlgh%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0f4594ea36eb4c-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=67804&min_rtt=34156&rtt_var=25314&sent=48&recv=37&lost=0&retrans=1&sent_bytes=27392&recv_bytes=9767&delivery_rate=81871&cwnd=12000&unsent_bytes=0&cid=5c257cf7954bea8f&ts=4931&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 17:00:38 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=1,i
Primary Request /
captcha.kra20.lat/
Redirect Chain
  • https://captcha.kra20.lat/
  • https://captcha.kra20.lat/
  • https://captcha.kra20.lat/
19 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://captcha.kra20.lat/
Requested by
Host: captcha.kra20.lat
URL: https://captcha.kra20.lat/js/connect.min.js?1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc5f945e5ac8141f5a5bc7d735eb387e733b08c09f5634290e0fcfcb383c1bd4

Request headers

Referer
https://captcha.kra20.lat/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f0f45993ac5eb4c-CPH
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 12 Dec 2024 17:00:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eJthz%2BzFy1IFPpau1%2FT0to2LxHHm8L3QL3w4o53QBG50ZKaSVNdRtPM8FGmNenWq%2FL1FWO2ZX1Z7uOUSJ6glSWF6pOQlnlqkQkZhqEEVHpOl1UqNBlY6oZ%2Frodz6YeUY7veV49hEXjNqlVZxuQva3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=66985&min_rtt=34156&rtt_var=19673&sent=57&recv=44&lost=0&retrans=1&sent_bytes=31269&recv_bytes=11972&delivery_rate=6752&cwnd=12000&unsent_bytes=0&cid=5c257cf7954bea8f&ts=5891&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f0f45987976eb4c-CPH
content-type
text/html; charset=UTF-8
date
Thu, 12 Dec 2024 17:00:39 GMT
location
/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CXwS5AAcM8Htv1PWa36H2P8FUdfsj%2Fd2RhRhmIl63sFX7qEBBIg4BA5FDl7ELGWP%2B9MkYRhnr67J4W4iSPHjKVLjbFoYFhoHPsw1SsHsvXM85NXWE3kfXlpSbVi5Z7Ino7erJPlFb4NlYMFsB8UxBA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=68672&min_rtt=34156&rtt_var=21731&sent=55&recv=43&lost=0&retrans=1&sent_bytes=30385&recv_bytes=11413&delivery_rate=43418&cwnd=12000&unsent_bytes=0&cid=5c257cf7954bea8f&ts=5537&x=1" cfExtPri cfHdrFlush;dur=0
favicon.ico
captcha.kra20.lat/ 		598 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://captcha.kra20.lat/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"256-624357819dd6a"
age
6717
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hz3dF77b9IoZS50U6X%2BZoAGAYNSYNESn2yVBAlIBfBHED1HrItp6DVCpNJviLIdCdX2pysCf%2FUImTIyKf90ryBBbvdiqstyoS1I%2B%2FYyRabKcsIaruhKUinN41NMd1%2FCjM0FTHPknA0j44jBEeUOWMw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=67236&min_rtt=34156&rtt_var=20121&sent=50&recv=39&lost=0&retrans=1&sent_bytes=28167&recv_bytes=10279&delivery_rate=8519&cwnd=12000&unsent_bytes=0&cid=5c257cf7954bea8f&ts=5219&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 17:00:38 GMT
content-type
image/vnd.microsoft.icon
last-modified
Fri, 11 Oct 2024 15:52:07 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f0f4596eda0eb4c-CPH
server
cloudflare
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;700&display=swap
Requested by
Host: captcha.kra20.lat
URL: https://captcha.kra20.lat/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
13f2c0f493de32018abd6c456775db4b79c1d2ee56118f42a07a19d882d6dc6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://captcha.kra20.lat/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 17:00:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 17:00:40 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 12 Dec 2024 15:08:20 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
normalize.css
captcha.kra20.lat/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://captcha.kra20.lat/css/normalize.css
Requested by
Host: captcha.kra20.lat
URL: https://captcha.kra20.lat/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b1e238b3810eef313f24f098db4d880175b3ed1168f0c9faaaff9b53089c2fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://captcha.kra20.lat/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"116d-62435784bab63-gzip"
age
2741
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1I28TR0R3Zl%2FhJZIEFlLF%2BtxeLE5MW0e7czzoVRcEVPeaH4VlYvysSrEgR2%2FnQrgshRb8YVd5q7RAv5Gy2nKji%2FKAaJ1EshVSTYjWeGVDUfxuSPoyv2hBAfPm%2FHOU1A5qaiexl7SLRYGK8mgd1lgRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=54793&min_rtt=32957&rtt_var=26500&sent=72&recv=52&lost=0&retrans=1&sent_bytes=45332&recv_bytes=12795&delivery_rate=25632&cwnd=16800&unsent_bytes=0&cid=5c257cf7954bea8f&ts=6129&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 17:00:39 GMT
content-type
text/css
last-modified
Fri, 11 Oct 2024 15:52:10 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f0f459c9838eb4c-CPH
accept-ranges
bytes
content-length
1369
server
cloudflare
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c02b5c183a02f230de071632b4e105b92389dd98186b5041ea65834988951f97

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
connect.min.js
captcha.kra20.lat/js/ 		11 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.kra20.lat/js/connect.min.js?1
Requested by
Host: captcha.kra20.lat
URL: https://captcha.kra20.lat/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa0fd5b129cc1062500cf31c6be66f6617d829c3e4ccf0dc7cdba46f992632e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://captcha.kra20.lat/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"2c0a-6243578862419-gzip"
age
4284
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OkiqsSHo9wf3SP57mz0ugspWhIK28DbSkjG5HG8LSd4UUDwIC0ncFNm8KLiONPDpHB6hfWIgEmNA3X%2BdDH5gsBomaiBN8IxE3GfowksuXvERa0nsQ%2BLEZzkAqgPXgJxrjGx1NTLeD6%2BB70eiO217ag%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=74645&min_rtt=34156&rtt_var=23922&sent=43&recv=34&lost=0&retrans=1&sent_bytes=23648&recv_bytes=9236&delivery_rate=15113&cwnd=12000&unsent_bytes=0&cid=5c257cf7954bea8f&ts=4725&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 17:00:38 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 15:52:14 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f0f4593c862eb4c-CPH
accept-ranges
bytes
content-length
2923
server
cloudflare
take_server.php
captcha.kra20.lat/modules/onion_servers/ 		0
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://captcha.kra20.lat/modules/onion_servers/take_server.php
Requested by
Host: captcha.kra20.lat
URL: https://captcha.kra20.lat/js/connect.min.js?1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://captcha.kra20.lat/
X-Requested-With
XMLHttpRequest

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LmmFUAGaHFb8QjVZc9pU3bpxK8dTv6UIai66OSZCuqbT4o2ZUDKf7OcYTreRmyregkvVzCRUpo1MdaSMibKWl8vb4IYs3ZDQUaVM1Eubp2UdgKlmcC7UFTCqyi7GScM8iu8L13L%2FM8HlzgMUOGL4XA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0f459f5dddeb4c-CPH
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=55073&min_rtt=32957&rtt_var=20435&sent=75&recv=54&lost=0&retrans=1&sent_bytes=47478&recv_bytes=13390&delivery_rate=37218&cwnd=16800&unsent_bytes=0&cid=5c257cf7954bea8f&ts=6595&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 17:00:40 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=1,i
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 		0
0
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2
fonts.gstatic.com/s/inter/v18/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Domain
fonts.gstatic.com
URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0x145c93 function| MD5 function| M function| X function| V function| Y function| md5_cmn function| _0x4989 function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| safe_add function| bit_rol object| date function| _0x18d8 function| takeOnionServer function| httpGetAsync function| connectingStrHandler

19 Cookies

Domain/Path Name / Value
krmp712.bot/ Name: go
Value: 1
kra20.lat/ Name: tor_scheme_id
Value: 1734248558
kra20.lat/ Name: tor_port
Value: 9129
kra20.lat/ Name: session_id
Value: e45725da14bccd419ed307cc8f3c7dc6
kra20.lat/ Name: connecting_hash_lite_version
Value: 1734022834
kra20.lat/ Name: connecting_hash
Value: 9aae24752f84f39497d27897feab3995
kra20.lat/ Name: onion_server_id
Value: 8
kra20.lat/ Name: session_temp_active
Value: 1
kra20.lat/ Name: cf_check_x0_cptch
Value: 1
captcha.kra20.lat/ Name: tor_scheme_id
Value: 1734817636
captcha.kra20.lat/ Name: tor_port
Value: 9224
captcha.kra20.lat/ Name: session_id
Value: 9a66c7fd7b358901a3f671772d87449f
captcha.kra20.lat/ Name: connecting_hash_lite_version
Value: 1734022838
captcha.kra20.lat/ Name: connecting_hash
Value: eb616a5faa6600038390be150d5941d7
captcha.kra20.lat/ Name: onion_server_id
Value: 9
captcha.kra20.lat/ Name: session_temp_active
Value: 1
captcha.kra20.lat/ Name: proxy_cf_session_id
Value: 318484
captcha.kra20.lat/ Name: remote_route
Value: 2
captcha.kra20.lat/ Name: remote_server_id
Value: csrv_14

1 Console Messages

Source Level URL
Text
network error URL: https://kra20.lat/cdn-cgi/images/trace/managed/nojs/transparent.gif?ray=794d630be9c098f7
Message:
Failed to load resource: the server responded with a status of 404 ()