gooning.alphexo.dev - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is gooning.alphexo.dev.
TLS certificate: Issued by WE1 on August 21st 2024. Valid for: 3 months.

This is the only time gooning.alphexo.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	205.233.73.227 205.233.73.227	11605 (FLUIDSOFT-14) (FLUIDSOFT-14)
1 6	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2

1 205.233.73.227 (United States) 1 redirects

ASN11605 (FLUIDSOFT-14, US)
PTR: thoren.patrickdk.com

krystal.thororen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gooning.alphexo.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	alphexo.dev 1 redirects gooning.alphexo.dev	10 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 670	7 KB
1	thororen.com 1 redirects krystal.thororen.com	512 B
6	3

	Domain	Requested by
6	gooning.alphexo.dev	1 redirects static.cloudflareinsights.com gooning.alphexo.dev
1	static.cloudflareinsights.com	gooning.alphexo.dev
1	krystal.thororen.com	1 redirects
6	3

This site contains no links.

Subject Issuer	Validity	Valid
alphexo.dev WE1	`2024-08-21` - `2024-11-19`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://gooning.alphexo.dev/
Frame ID: 5E06B95A3907763E5EEBDC9A6FE51F02
Requests: 4 HTTP requests in this frame

Frame: https://gooning.alphexo.dev/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js
Frame ID: D01D5740028F6F48FEF56A83016E48F2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Best Site Ever

Page URL History Show full URLs

http://krystal.thororen.com/ HTTP 307
https://krystal.thororen.com/ HTTP 301
http://gooning.alphexo.dev/ HTTP 307
https://gooning.alphexo.dev/ Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

6
Requests

83 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

17 kB
Transfer

33 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://krystal.thororen.com/ HTTP 307
https://krystal.thororen.com/ HTTP 301
http://gooning.alphexo.dev/ HTTP 307
https://gooning.alphexo.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://gooning.alphexo.dev/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://gooning.alphexo.dev/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gooning.alphexo.dev/
Redirect Chain

http://krystal.thororen.com/
https://krystal.thororen.com/
http://gooning.alphexo.dev/
https://gooning.alphexo.dev/

2 KB
2 KB

300ms
147ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gooning.alphexo.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f23c770900088858924434b5fa42b3619f834fef0ce0bb0078dcede9380f01fd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 0
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8c4fa56ceaa6d3b5-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 18 Sep 2024 07:33:09 GMT
expires: Wed, 18 Sep 2024 07:43:09 GMT
last-modified: Tue, 17 Sep 2024 21:12:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JmS0%2FZju0ZT%2BEq9TBSIUG17T7sa%2FjNz1cbs5zC87YyhEy6r4fE3BQTBecx3LOkWEumIJ%2Ba9Ktj6fbOP1%2BVDqIJhaoTsd6SL1Qj07NkqGbscHBqexnnQj%2Bk%2FBZQaXOj6mezUCGZdw%2FGvU3%2FW8a21RPpV%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-fastly-request-id: 5a8af59606c51259cb587d6db7354bfdd47a3f9e
x-github-request-id: 5C8A:5DA83:6DA324E:70101E2:66EA8235
x-proxy-cache: MISS
x-served-by: cache-fra-eddf8230049-FRA
x-timer: S1726644789.285264,VS0,VE105

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://gooning.alphexo.dev/
Non-Authoritative-Reason: HSTS

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 94ms
40ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: gooning.alphexo.dev
URL: https://gooning.alphexo.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://gooning.alphexo.dev
Referer: https://gooning.alphexo.dev/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8c4fa56e4d21d38e-FRA
access-control-allow-origin: *
date: Wed, 18 Sep 2024 07:33:09 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2

200

main.js Show response
gooning.alphexo.dev/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/ Frame D01D
Redirect Chain

https://gooning.alphexo.dev/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://gooning.alphexo.dev/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?

8 KB
4 KB

24ms
24ms

Script
application/javascript

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gooning.alphexo.dev/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?

Protocol

H2

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f11ba655e6037542f197bb8b1e41ff08da6b5e9fefdaa433584a0dfd4a8214f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KdO6u8OEdq2jkxxaqO5MHcLz55SP41IJ6F%2B07xPXSfY7qxMkyzfwNYl44Qzaob5nVdHk2s6unX8QcM%2BzPk3yk4QuSO%2B8mQhS5DwOO1uQE0x1qRpxYJbdftELQFQ9AGdbuD1wM7lZBvh7CZvlzjViXPYk"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8c4fa56ebf0ad3b5-FRA
date: Wed, 18 Sep 2024 07:33:09 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oXjY4ox7RXuRlvzc02gNsvYZy%2F6pcdFG%2BLirY2AmazKf81T7Mt6N3nEOS8xdq%2BV0K%2BwXgrOjgoXeNzU0aUsjccF8VNIMrsXvHb5kJuaWCW%2BspokATuQ6amvXb%2FDW%2BsqYDPvxm1rIj8pJu8iBdPEDg58e"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c4fa56e9e9cd3b5-FRA
access-control-allow-origin: *
content-length: 0
date: Wed, 18 Sep 2024 07:33:09 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 204 rum Show response
gooning.alphexo.dev/cdn-cgi/ 0
185 B 23ms
21ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gooning.alphexo.dev/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://gooning.alphexo.dev/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8c4fa56e9eaad3b5-FRA
access-control-allow-origin: https://gooning.alphexo.dev
date: Wed, 18 Sep 2024 07:33:09 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H2 200 glorp.ico
gooning.alphexo.dev/Images/VeryillegalContent/ 4 KB
3 KB 142ms
142ms Other
image/vnd.microsoft.icon 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gooning.alphexo.dev/Images/VeryillegalContent/glorp.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35177787a3570421a9e32e595450b8217690d27aeebaf278dd95065cd5fe2b95

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gooning.alphexo.dev/

Response headers

x-fastly-request-id: ce31dc7ccb4864f6b7abe8e5d9eb9165e9abe709
content-encoding: gzip
cf-cache-status: MISS
etag: W/"66e9f0c5-10be"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W6tdtZPUaZ%2F8LN8gjTLA%2BpDEvtvTvAltTD1MjJwBbNkDMCYHel9lHlDX5D7pOn0U0ErbyVCEtFzDdbyTtqG4%2FoGA%2FehDI%2F4DdKtpZtLo2kNeqP4w1jRWo5MjCgWtQBl5jauux5BgFBXjI0KyisKtpJJA"}],"group":"cf-nel","max_age":604800}
x-github-request-id: CBD6:0E6A:1F748E7:200FE32:66EA8235
expires: Wed, 18 Sep 2024 07:43:09 GMT
x-proxy-cache: MISS
x-cache: MISS
date: Wed, 18 Sep 2024 07:33:09 GMT
content-type: image/vnd.microsoft.icon
last-modified: Tue, 17 Sep 2024 21:12:37 GMT
x-served-by: cache-fra-eddf8230075-FRA
x-cache-hits: 0
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1726644790.550266,VS0,VE106
via: 1.1 varnish
cf-ray: 8c4fa56e9eb1d3b5-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3066
server: cloudflare

POST
H2 200 8c4fa56ceaa6d3b5 Show response
gooning.alphexo.dev/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame D01D 0
908 B 49ms
45ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gooning.alphexo.dev/cdn-cgi/challenge-platform/h/b/jsd/r/8c4fa56ceaa6d3b5
Requested by: Host: gooning.alphexo.dev
URL: https://gooning.alphexo.dev/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

cf-ray: 8c4fa56fda0ed3b5-FRA
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 0
date: Wed, 18 Sep 2024 07:33:09 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fTXt%2FjtSwsqm07HiEMrpSfcXZ1GfCvirkmIYEVAB%2FGVQBvZlLHjp%2FNGBiyfGwzoipnzeKEUze1BgHAPK4SdluI7dHfYR9Tgtc3kF805YCi%2BAJ88ZAINtudaRGShkrs%2Bjc%2F3HlqbYFHiBgXOH%2FKwfibrc"}],"group":"cf-nel","max_age":604800}

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __cfBeacon

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.alphexo.dev/	1970-01-21 08:23:00	Name: cf_clearance Value: O.3hfsza0UZaUfg82TFxBv4gSy8FGGMcw7IMWmabBss-1726644789-1.2.1.1-Bk9S_PrYjuKEAfENCss93a7dnIZvYGM.rHOcuFjQU47gT.K_4hJUp4_VlL_lNOIdkij6GDwg2U8Pi7_4N657s7iakm6eVoHXPYrGVObV3Qxe7b2F6cF.W8RF5wlP00kN8ONmk5WrkSJFY0Qc8Y7yzAdPUFsgOQleIYl1Rrvboz8hG2ITBLg5rs3MN4.MP5wtjHcLR__92QvhrOzkvFnCRH_J40T3cSYl8HR2MZt_CLky6BeM2ChXiQ4TOjKoP8qB78_z4QlIyPrmJzdryzGHGfBSHj3L1WeVEaCk9Th28aPlf_YoVTd9CWOi3W93Jb3SM43Vx9.t6qnz25AzTa38GEaFmpcOQ1aqvcl8uArIYF3NFdpUHtuxzvkSyFT78tdH

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gooning.alphexo.dev
krystal.thororen.com
static.cloudflareinsights.com
205.233.73.227
2606:4700::6810:5049
2a06:98c1:3121::3
2f11ba655e6037542f197bb8b1e41ff08da6b5e9fefdaa433584a0dfd4a8214f
35177787a3570421a9e32e595450b8217690d27aeebaf278dd95065cd5fe2b95
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f23c770900088858924434b5fa42b3619f834fef0ce0bb0078dcede9380f01fd

gooning.alphexo.dev Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

83 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

17 kBTransfer

33 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

gooning.alphexo.dev Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

83 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

17 kB
Transfer

33 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions