urlscan.io logo urlscan.io
SecurityTrails logo

brorsen.comet1go.com Open in urlscan Pro
104.21.65.146  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://zaberi-bonus.site/
Effective URL: https://brorsen.comet1go.com/pulsar?affb_id=91&al_id=2b5d0432bbbee5820bb4d52d58202ad7&r=u9Wa0Fmc0NXanVmc&stag=208911_65e9f00e...
Submission: On March 07 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 8 HTTP transactions. The main IP is 104.21.65.146, located in and belongs to CLOUDFLARENET, US. The main domain is brorsen.comet1go.com.
TLS certificate: Issued by GTS CA 1P5 on January 22nd 2024. Valid for: 3 months.
This is the only time brorsen.comet1go.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 31.220.106.124 47583 (AS-HOSTINGER)
1 1 104.21.46.241 13335 (CLOUDFLAR...)
1 1 172.67.147.69 13335 (CLOUDFLAR...)
4 104.21.65.146 13335 (CLOUDFLAR...)
2 104.17.3.184 13335 (CLOUDFLAR...)
8 4
1    31.220.106.124 (Manchester, United Kingdom)

ASN47583 (AS-HOSTINGER, CY)
zaberi-bonus.site
1    104.21.46.241 (None, )

ASN13335 (CLOUDFLARENET, US)
1go-irrs.com
1    172.67.147.69 (United States)

ASN13335 (CLOUDFLARENET, US)
1go-blrs.com
4    104.21.65.146 (None, )

ASN13335 (CLOUDFLARENET, US)
brorsen.comet1go.com
2    104.17.3.184 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
4 comet1go.com
brorsen.comet1go.com
94 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3697
13 KB
1 1go-blrs.com
1go-blrs.com
586 B
1 1go-irrs.com
1go-irrs.com
455 B
1 zaberi-bonus.site
zaberi-bonus.site
481 B
8 5
Domain Requested by
4 brorsen.comet1go.com zaberi-bonus.site
brorsen.comet1go.com
2 challenges.cloudflare.com brorsen.comet1go.com
challenges.cloudflare.com
1 1go-blrs.com 1 redirects
1 1go-irrs.com 1 redirects
1 zaberi-bonus.site
8 5

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
zaberi-bonus.site
ZeroSSL RSA Domain Secure Site CA		 2024-03-07 -
2024-06-05		 3 months crt.sh
comet1go.com
GTS CA 1P5		 2024-01-22 -
2024-04-21		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://brorsen.comet1go.com/pulsar?affb_id=91&al_id=2b5d0432bbbee5820bb4d52d58202ad7&r=u9Wa0Fmc0NXanVmc&stag=208911_65e9f00ed6f087f4c1f63e79
Frame ID: CA52139880DA055F8721EAB86E7738D7
Requests: 7 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ofthe/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 0A45DBF9477AE95167B17CE3E4DF6AD7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://zaberi-bonus.site/ Page URL
  2. https://1go-irrs.com/c4a336018 HTTP 301
    https://1go-blrs.com/c4a336018?&al_id=2b5d0432bbbee5820bb4d52d58202ad7 HTTP 302
    https://brorsen.comet1go.com/pulsar?affb_id=91&al_id=2b5d0432bbbee5820bb4d52d58202ad7&r=u9Wa0Fmc0NXanVmc&... Page URL

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

107 kB
Transfer

255 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://zaberi-bonus.site/ Page URL
  2. https://1go-irrs.com/c4a336018 HTTP 301
    https://1go-blrs.com/c4a336018?&al_id=2b5d0432bbbee5820bb4d52d58202ad7 HTTP 302
    https://brorsen.comet1go.com/pulsar?affb_id=91&al_id=2b5d0432bbbee5820bb4d52d58202ad7&r=u9Wa0Fmc0NXanVmc&stag=208911_65e9f00ed6f087f4c1f63e79 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
zaberi-bonus.site/ 		322 B
481 B 		Document
General
Check archive.org
Download Go to
Full URL
https://zaberi-bonus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.106.124 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
146
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Thu, 07 Mar 2024 16:49:18 GMT
etag
"142-65e9df32-3144401d80c85564;br"
last-modified
Thu, 07 Mar 2024 15:37:22 GMT
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
Primary Request pulsar
brorsen.comet1go.com/
Redirect Chain
  • https://1go-irrs.com/c4a336018
  • https://1go-blrs.com/c4a336018?&al_id=2b5d0432bbbee5820bb4d52d58202ad7
  • https://brorsen.comet1go.com/pulsar?affb_id=91&al_id=2b5d0432bbbee5820bb4d52d58202ad7&r=u9Wa0Fmc0NXanVmc&stag=208911_65e9f00ed6f087f4c1f63e79
17 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://brorsen.comet1go.com/pulsar?affb_id=91&al_id=2b5d0432bbbee5820bb4d52d58202ad7&r=u9Wa0Fmc0NXanVmc&stag=208911_65e9f00ed6f087f4c1f63e79
Requested by
Host: zaberi-bonus.site
URL: https://zaberi-bonus.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.65.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1c665bebd93de8ab19d63ad30f6cef8e0a6d6a233af25f33ed5e67acf8d803b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://zaberi-bonus.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
2r9N+Ny5UBRqcAcSzJCrhce5oJQAA3p+o5G1fPpZ+uVpI2s3vhz3NjIAAd2fLqYB2rXVK+ihlroTUSuyDRh3PDvQBfLzp4avIw0QgT+vAh21q95NEk5Ua1gdQb5L2Htq9eFF8bqgcJ1IXYImRFZbgA==$oh72DPvW/tt8DnTkJY58bQ==
cf-mitigated
challenge
cf-ray
860c1404bbf16aff-CLT
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Thu, 07 Mar 2024 16:49:20 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x34zWbao0%2F52xmtYEy3w9LHcQNVRAheYkmSakx8BK1cdPU8bJuxAhRGudrwn0hDMk1ShD3tJpxfbPYTcKT9%2FHXIATuXHfZBxfbRnm0NCGgrPk1tXKu5svPdt0jKj%2FnMDweoaYoAw1g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
860c13fc885a129c-CLT
content-type
text/html; charset=utf-8
date
Thu, 07 Mar 2024 16:49:19 GMT
location
https://brorsen.comet1go.com/pulsar?affb_id=91&al_id=2b5d0432bbbee5820bb4d52d58202ad7&r=u9Wa0Fmc0NXanVmc&stag=208911_65e9f00ed6f087f4c1f63e79
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ExuaiboJH52dPtVXDXs62SVehDEWW08PUyRvJlnW8ZwqRpqmfUFmUselpL5FvvgRebwe9%2FuO39dzZTwBO2%2BOtvjTfKa4B9c1ABJiPy0GnkYuJGXf3weqNDdH%2FaVUmw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
v1
brorsen.comet1go.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		170 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://brorsen.comet1go.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=860c1404bbf16aff
Requested by
Host: brorsen.comet1go.com
URL: https://brorsen.comet1go.com/pulsar?affb_id=91&al_id=2b5d0432bbbee5820bb4d52d58202ad7&r=u9Wa0Fmc0NXanVmc&stag=208911_65e9f00ed6f087f4c1f63e79
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.65.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6379c83ad3d0fb8bdaa6abd992ba1fc9b0a999d84fae85798b1803a02e3d8d50

Request headers

accept-language
en-US,en;q=0.9
Referer
https://brorsen.comet1go.com/pulsar?affb_id=91&al_id=2b5d0432bbbee5820bb4d52d58202ad7&r=u9Wa0Fmc0NXanVmc&stag=208911_65e9f00ed6f087f4c1f63e79&__cf_chl_rt_tk=FQOFTYE9hV8dFrSkmpAPwsCL9JhCF0a_pUOnrSy8FKQ-1709830160-0.0.1.1-1919
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 16:49:20 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DTEJcw5fYCqp3K%2FaG9dPD0W0o9t2%2FvgpTcYcJp9AUfYxhtysmfXk2WUhEWr%2BMRyK%2BYZFMTFFIekfttWIfoxfCfj0Z5dJ2Hya50UWbSicK0fr1K2HS4nlUmTxu2VmELh%2Bk%2BN6iheJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
860c14058d106aff-CLT
alt-svc
h3=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/b/aeb70db32f0f/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/aeb70db32f0f/api.js?onload=BQUvh4&render=explicit
Requested by
Host: brorsen.comet1go.com
URL: https://brorsen.comet1go.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=860c1404bbf16aff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24b0b6b49f8c5a46484d54380fd6a3afa16df10db6e3d4448c4cf9e76f4dd23c

Request headers

Referer
Origin
https://brorsen.comet1go.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 16:49:20 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
860c1406991412a4-CLT
alt-svc
h3=":443"; ma=86400
favicon.ico
brorsen.comet1go.com/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://brorsen.comet1go.com/favicon.ico
Requested by
Host: brorsen.comet1go.com
URL: https://brorsen.comet1go.com/pulsar?affb_id=91&al_id=2b5d0432bbbee5820bb4d52d58202ad7&r=u9Wa0Fmc0NXanVmc&stag=208911_65e9f00ed6f087f4c1f63e79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49c2ff977a97226386e1c23f2fc48b838782c5c64020cf39b14072017f09529b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://brorsen.comet1go.com/pulsar?affb_id=91&al_id=2b5d0432bbbee5820bb4d52d58202ad7&r=u9Wa0Fmc0NXanVmc&stag=208911_65e9f00ed6f087f4c1f63e79
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date
Thu, 07 Mar 2024 16:49:20 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
cf-chl-out
I0JvfrUN7e3L7hhE3mlBc57L9yy9Z0CDgbte4DavNjRna3BRU6dpGTtZ7gU4GlxOYgMi7oky7/9ln4GdmhRMkoH2kq/pgC/ROnvLnpB4/Dzgxm2xXWN1QEkGRCmsS7dWzn8wouS3S3lL7mtdv8KrLg==$uxEtaotgiRp6XoPo7sKaiQ==
referrer-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zASBRuymYgrtQy6wlFiRaqS6iQhxtkv3qNdlGbZbBDuYVpMq6Vi8yvQa0qFYqXkRhTsvtBLM1njUR%2FCxonewLEV6Gu5lbrxTrOL5V84RXx6SXZ1X1mefclIEfcEJG1JTvcxt1BDu3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
860c14064e346aff-CLT
expires
Thu, 01 Jan 1970 00:00:01 GMT
4835d99f-c8b2-4ae1-9013-8a4a50b907dd
https://brorsen.comet1go.com/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://brorsen.comet1go.com/4835d99f-c8b2-4ae1-9013-8a4a50b907dd
Requested by
Host: brorsen.comet1go.com
URL: https://brorsen.comet1go.com/pulsar?affb_id=91&al_id=2b5d0432bbbee5820bb4d52d58202ad7&r=u9Wa0Fmc0NXanVmc&stag=208911_65e9f00ed6f087f4c1f63e79
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language
en-US,en;q=0.9
Referer
https://brorsen.comet1go.com/pulsar?affb_id=91&al_id=2b5d0432bbbee5820bb4d52d58202ad7&r=u9Wa0Fmc0NXanVmc&stag=208911_65e9f00ed6f087f4c1f63e79
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
e80c53d21ecba1c
brorsen.comet1go.com/cdn-cgi/challenge-platform/h/b/flow/ov1/122758768:1709828721:gYq9b0B0mfmWFyOzFdzKfE2RHkzEpR5blsWWJLX7vK0/860c1404bbf16aff/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://brorsen.comet1go.com/cdn-cgi/challenge-platform/h/b/flow/ov1/122758768:1709828721:gYq9b0B0mfmWFyOzFdzKfE2RHkzEpR5blsWWJLX7vK0/860c1404bbf16aff/e80c53d21ecba1c
Requested by
Host: brorsen.comet1go.com
URL: https://brorsen.comet1go.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=860c1404bbf16aff
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.65.146 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e261b9677ea5d772b7acfdf82ebf32e4a0bdf9d50b41def3ea54cdf974042b45

Request headers

Referer
https://brorsen.comet1go.com/pulsar?affb_id=91&al_id=2b5d0432bbbee5820bb4d52d58202ad7&r=u9Wa0Fmc0NXanVmc&stag=208911_65e9f00ed6f087f4c1f63e79
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
CF-Challenge
e80c53d21ecba1c
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 07 Mar 2024 16:49:20 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FyB1ZWQXJfR2gGsY585mHFaDzNkm0rwjY1S7phvuIGM0teKO865%2FKRUkkoN5BQBVY13MPZfBbwym082IeLMnMMxw8XZ95VpMj0MIPAJzHFrc7YPGGEiHj1S%2Fe%2F81pjMz%2BFOXncW3yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
860c1406ff636aff-CLT
alt-svc
h3=":443"; ma=86400
cf-chl-gen
8UZQmZFHp6MA5oOQBSACf2itLlbsRvUSzhH1rNweApw61n02jaYFJFGpPXZTJpJS$Wfoy6TkKE0hA6F0hAR07Zw==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ofthe/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 0A45 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ofthe/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/aeb70db32f0f/api.js?onload=BQUvh4&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
860c14081821225c-CLT
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 07 Mar 2024 16:49:20 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _cf_chl_opt function| BQUvh4 boolean| UAwIvv0 function| hknc5 function| GFsHt1 function| LiykOr3 function| FVkT6 object| wMkD3 object| fPwV3 function| Mjpdw0 function| UMEQY4 function| Inue1 object| zcMZA3 object| turnstile boolean| myRBzi1 string| lvnyo3

2 Cookies

Domain/Path Name / Value
1go-blrs.com/ Name: 1da51b8d8ff98f6a48f8
Value: 65e9f00ed6f087f4c1f63e79
.comet1go.com/ Name: __cf_bm
Value: awxUBsp7PvJYC4IQr3QnU9DBRw8bXhRzIfGPOZkxD.I-1709830160-1.0.1.1-hcepXcaBFfI3tjXTQovwSpZEzk1WYKzXsPocuGSAfeqr3wfxWjuvX6Bv1ufkqiQMBjpn_Kob22G9g8TOLDesyg

4 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://brorsen.comet1go.com/pulsar?affb_id=91&al_id=2b5d0432bbbee5820bb4d52d58202ad7&r=u9Wa0Fmc0NXanVmc&stag=208911_65e9f00ed6f087f4c1f63e79
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://brorsen.comet1go.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests