10q1n-microsf.sftrn.com Open in urlscan Pro
45.63.34.251 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nun.nu//51rwsc.csb.app/
Effective URL:
https://10q1n-microsf.sftrn.com/cgfy8
Submission: On March 09 via manual (March 9th 2023, 4:49:08 pm UTC) from IN — Scanned from JP

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 15 HTTP transactions. The main IP is 45.63.34.251, located in Seattle, United States and belongs to AS-CHOOPA, US. The main domain is 10q1n-microsf.sftrn.com.
TLS certificate: Issued by R3 on January 30th 2023. Valid for: 3 months.

This is the only time 10q1n-microsf.sftrn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	139.162.94.189 139.162.94.189	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1	2606:4700::68... 2606:4700::6812:603	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:772	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	20.241.70.12 20.241.70.12	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	45.63.34.251 45.63.34.251	20473 (AS-CHOOPA) (AS-CHOOPA)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	2606:4700::68... 2606:4700::6812:7b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	7

1 139.162.94.189 (Tokyo, Japan)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: 139-162-94-189.ip.linodeusercontent.com

nun.nu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:603 (United States)

ASN13335 (CLOUDFLARENET, US)

51rwsc.csb.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:772 (United States)

ASN13335 (CLOUDFLARENET, US)

codesandbox.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.241.70.12 (Chicago, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pgm.miklaserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cfkn.ascendstaffinq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.63.34.251 (Seattle, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 45.63.34.251.vultrusercontent.com

10q1n-microsf.sftrn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:7b9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 5459	117 KB
4	codesandbox.io codesandbox.io — Cisco Umbrella Rank: 71120	49 KB
2	miklaserv.com 2 redirects pgm.miklaserv.com	235 B
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2318	24 KB
1	sftrn.com 10q1n-microsf.sftrn.com	3 KB
1	ascendstaffinq.com cfkn.ascendstaffinq.com	1 KB
1	csb.app 51rwsc.csb.app	1 KB
1	nun.nu nun.nu	551 B
15	8

	Domain	Requested by
7	challenges.cloudflare.com	1 redirects 10q1n-microsf.sftrn.com challenges.cloudflare.com nun.nu
4	codesandbox.io	51rwsc.csb.app codesandbox.io
2	pgm.miklaserv.com	2 redirects
1	stackpath.bootstrapcdn.com	10q1n-microsf.sftrn.com
1	10q1n-microsf.sftrn.com	cfkn.ascendstaffinq.com
1	cfkn.ascendstaffinq.com	51rwsc.csb.app
1	51rwsc.csb.app	nun.nu
1	nun.nu
15	8

This site contains no links.

Subject Issuer	Validity	Valid
nun.nu R3	`2023-02-22` - `2023-05-23`	3 months	crt.sh
csb.app Cloudflare Inc ECC CA-3	`2023-01-30` - `2024-01-29`	a year	crt.sh
*.nodebox.codesandbox.io E1	`2023-03-08` - `2023-06-06`	3 months	crt.sh
cfkn.ascendstaffinq.com R3	`2023-02-09` - `2023-05-10`	3 months	crt.sh
*.sftrn.com R3	`2023-01-30` - `2023-04-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://10q1n-microsf.sftrn.com/cgfy8
Frame ID: F504535940CF1DEBB2D53AB1CD92AA45
Requests: 10 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/e8ci7/0x4AAAAAAABZhp0F10vp_gzv/auto/normal
Frame ID: 262C5703364BA6ADD9DF1559E713749A
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

...Redirecting

Page URL History Show full URLs

https://nun.nu//51rwsc.csb.app/ Page URL
https://51rwsc.csb.app/ Page URL
https://pgm.miklaserv.com/cfh HTTP 301
https://pgm.miklaserv.com/cfh/ HTTP 302
https://cfkn.ascendstaffinq.com/ Page URL
https://10q1n-microsf.sftrn.com/cgfy8 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

15
Requests

93 %
HTTPS

57 %
IPv6

8
Domains

8
Subdomains

7
IPs

2
Countries

196 kB
Transfer

620 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nun.nu//51rwsc.csb.app/ Page URL
https://51rwsc.csb.app/ Page URL
https://pgm.miklaserv.com/cfh HTTP 301
https://pgm.miklaserv.com/cfh/ HTTP 302
https://cfkn.ascendstaffinq.com/ Page URL
https://10q1n-microsf.sftrn.com/cgfy8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://pgm.miklaserv.com/cfh HTTP 301
https://pgm.miklaserv.com/cfh/ HTTP 302
https://cfkn.ascendstaffinq.com/

Request Chain 8

https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/af326ed3/api.js

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
nun.nu//51rwsc.csb.app/ 272 B
551 B 104ms
10ms Document
text/html 139.162.94.189
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://nun.nu//51rwsc.csb.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

139.162.94.189 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

139-162-94-189.ip.linodeusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

cache-control: max-age=0, private, no-store, no-cache, must-revalidate, no-transform
content-length: 272
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Thu, 09 Mar 2023 16:49:00 GMT
referrer-policy: same-origin
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 / Show response
51rwsc.csb.app/ 2 KB
1 KB 364ms
346ms Document
text/html 2606:4700::6812:603
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://51rwsc.csb.app/
Requested by: Host: nun.nu
URL: https://nun.nu//51rwsc.csb.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:603 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029715d69cc7d1648353b7adfb290e38ae8ca94ea224f99b989d75c5d4f2754f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7a54cf0c78b6f6d5-NRT
content-encoding: br
content-type: text/html
date: Thu, 09 Mar 2023 16:49:01 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 google
x-request-id: F0rONa7G0YbhsYwdv3uD

GET
H2 200 sse-hooks.f742b80f43c5a2e0e619b0d97b5886cd.js Show response
codesandbox.io/public/sse-hooks/ 172 KB
45 KB 34ms
14ms Script
application/javascript 2606:4700::6812:772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/public/sse-hooks/sse-hooks.f742b80f43c5a2e0e619b0d97b5886cd.js
Requested by: Host: 51rwsc.csb.app
URL: https://51rwsc.csb.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d32a15d4694a9a6cd245c8ce10acbb9ef6fe293331ca508a5ecc6ab78acc158

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://51rwsc.csb.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:49:01 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 17984294
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 13 Aug 2022 13:00:47 GMT
server: cloudflare
etag: W/"62f7a07f-2aeb3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7a54cf0eea46afc9-NRT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 banner.0b5d84a2b.js Show response
codesandbox.io/static/js/ 4 KB
2 KB 39ms
19ms Script
application/javascript 2606:4700::6812:772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/static/js/banner.0b5d84a2b.js
Requested by: Host: 51rwsc.csb.app
URL: https://51rwsc.csb.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 683fbdef88b2ebf85e44c498687952697f4093fb1ff40f884eb6a2f3c74d0bb7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://51rwsc.csb.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:49:01 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 263388
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 06 Mar 2023 08:37:20 GMT
server: cloudflare
etag: W/"6405a640-f37"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7a54cf0eea47afc9-NRT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 watermark-button.f4f9aed52.js Show response
codesandbox.io/static/js/ 3 KB
2 KB 1696ms
1676ms Script
application/javascript 2606:4700::6812:772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/static/js/watermark-button.f4f9aed52.js
Requested by: Host: 51rwsc.csb.app
URL: https://51rwsc.csb.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f74bf2cf5a8225beb66712ff4e859c5d4ba9c24123e6de2f427b4b9fde408928

Request headers

Referer: https://51rwsc.csb.app/
Origin: https://51rwsc.csb.app
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:49:02 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Mar 2023 14:39:40 GMT
server: cloudflare
etag: W/"6409efac-ae5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7a54cf0eefc7af61-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 phishing Show response
codesandbox.io/api/v1/sandboxes/51rwsc/ 33 B
510 B 266ms
265ms Fetch
application/vnd.github.v3+json 2606:4700::6812:772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/api/v1/sandboxes/51rwsc/phishing
Requested by: Host: codesandbox.io
URL: https://codesandbox.io/static/js/banner.0b5d84a2b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d91020394c232a07e303c0caff12346b174a759ed94de8bb0eac6c8b60e2660

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://51rwsc.csb.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:49:01 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: origin
content-type: application/vnd.github.v3+json; charset=utf-8
access-control-allow-origin: https://51rwsc.csb.app
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
cf-ray: 7a54cf0f1fedaf61-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33
x-request-id: F0rONcGY7Qs3AzAeCCOD

GET
H2

200

/ Show response
cfkn.ascendstaffinq.com/
Redirect Chain

https://pgm.miklaserv.com/cfh
https://pgm.miklaserv.com/cfh/
https://cfkn.ascendstaffinq.com/

2 KB
1 KB

1515ms
735ms

Document
text/html

20.241.70.12
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cfkn.ascendstaffinq.com/

Requested by

Host: 51rwsc.csb.app
URL: https://51rwsc.csb.app/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.241.70.12 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

c5b8129a26649c1838583eeba4ffb9f71e0315f80eddb7c3f514c2e18a2be8bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://51rwsc.csb.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 16:49:05 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 16:49:04 GMT
location: https://cfkn.ascendstaffinq.com
server: nginx
strict-transport-security: max-age=31536000

GET
H/1.1 200
OK Primary Request cgfy8 Show response
10q1n-microsf.sftrn.com/ 3 KB
3 KB 792ms
434ms Document
text/html 45.63.34.251
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://10q1n-microsf.sftrn.com/cgfy8
Requested by: Host: cfkn.ascendstaffinq.com
URL: https://cfkn.ascendstaffinq.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.63.34.251 Seattle, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.63.34.251.vultrusercontent.com
Software: /
Resource Hash: 37467003b7b30316d228ae9ecc4a33124ccf3d8221612f7623209fe1e04995c2

Request headers

Referer: https://cfkn.ascendstaffinq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Connection: close
Content-Type: text/html
Transfer-Encoding: chunked

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
24 KB 157ms
146ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: 10q1n-microsf.sftrn.com
URL: https://10q1n-microsf.sftrn.com/cgfy8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://10q1n-microsf.sftrn.com/
Origin: https://10q1n-microsf.sftrn.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:49:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 995
cdn-cachedat: 12/16/2022 14:21:18
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 928a489c6f8fcc9d3b5a9d7a1eb674e3
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 7a54cf31ce3de086-NRT
cdn-requestpullsuccess: True

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/af326ed3/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js
https://challenges.cloudflare.com/turnstile/v0/g/af326ed3/api.js

14 KB
5 KB

18ms
18ms

Script
application/javascript

2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/af326ed3/api.js
Requested by: Host: 10q1n-microsf.sftrn.com
URL: https://10q1n-microsf.sftrn.com/cgfy8
Protocol: H2
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a8fd792db45f6d5c2f3bb383b931fbdc61b483d2d9be455d62e11a4357f93e5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://10q1n-microsf.sftrn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:49:06 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7a54cf31dd1cf65d-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location: /turnstile/v0/g/af326ed3/api.js
date: Thu, 09 Mar 2023 16:49:06 GMT
cache-control: max-age=300, public
server: cloudflare
cf-ray: 7a54cf31cd16f65d-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
vary: accept-encoding

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/e8ci7/0x4AAAAAAABZhp0F10vp_gzv/auto/ Frame 262C 21 KB
7 KB 20ms
20ms Document
text/html 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/e8ci7/0x4AAAAAAABZhp0F10vp_gzv/auto/normal
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 232e0d971db30dca321d426251202480be63d240440c275c01d7dd2c113ea396

Request headers

Referer: https://10q1n-microsf.sftrn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7a54cf32cfdd1fa5-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 16:49:07 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 262C 154 KB
56 KB 22ms
22ms Script
application/javascript 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7a54cf32cfdd1fa5
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/e8ci7/0x4AAAAAAABZhp0F10vp_gzv/auto/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1e4eff4a12a46aa1144efb583c744f1a1fad6f1e22b233ca3e4b13aee8f651

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/e8ci7/0x4AAAAAAABZhp0F10vp_gzv/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:49:07 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7a54cf333fee1fa5-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

POST
H3 200 c8d0585172452fe Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/266959403:1678379244:RWwKkhbi36YxAuJ1B6zpJAxhNHQy-VC8Oez2vJaAPDs/7a54cf32cfdd1fa5/ Frame 262C 94 KB
48 KB 57ms
57ms XHR
text/plain 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/266959403:1678379244:RWwKkhbi36YxAuJ1B6zpJAxhNHQy-VC8Oez2vJaAPDs/7a54cf32cfdd1fa5/c8d0585172452fe
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7a54cf32cfdd1fa5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e684444395ad8ec6dec8c23bfe9f4d1edf06257f39c561a2ab99dbabea9866c6

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/e8ci7/0x4AAAAAAABZhp0F10vp_gzv/auto/normal
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: c8d0585172452fe
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 09 Mar 2023 16:49:07 GMT
content-encoding: br
cf_chl_gen: dHUrgBJDhEbQCy6VHiYnDM/atwPVVV2sb0XQ3OVPTs/5GJ0JHZKKarQ2aFl6Np7qXneBqRP7QVTTML7VE26IUXJwxv/Imx4XS+1HYzr+ZXOpoTeY92eDihK0PhDP89V7arGldaO255QWF7GZZTykDUtZC7Ou0AL5z9A7c/P0uncmIot4dCw7JhVZTTPsYzwTElv2JyeVIxSwCKmVYr9VBtVoNtNXt4IfZ/wyNoSHIafPCs+a9+wSaE5dQ0BKRBQj27lhyNGNbLbJIBxqdadlB34Ai3Eosk2e3UCFP2Ddegz+o/BRGdHTt/lP5CPc9q0G0pD+X9SeUzl7Yp/XpK+b306QMGJ6el/y22ccTvySnew=$/zC8VU4QJtkWLJrDgDYevQ==
server: cloudflare
cf-ray: 7a54cf34582b1fa5-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 8dCKQcgb_kikE7x
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7a54cf32cfdd1fa5/1678380547269/ Frame 262C 61 B
166 B 10ms
9ms Image
image/png 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7a54cf32cfdd1fa5/1678380547269/8dCKQcgb_kikE7x
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d36742c4f6cc2b181549b59a840f78d27060713dd43a8cd8a149b4ad8d148ec

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/e8ci7/0x4AAAAAAABZhp0F10vp_gzv/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:49:07 GMT
server: cloudflare
cf-ray: 7a54cf34e8451fa5-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/png

GET
H3 401 y7cTK44iwNj3icu Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a54cf32cfdd1fa5/1678380547272/02b865e5079f7fc6f6b03a0e78705d0ea436b53e40a2972e509e7f92abd2ed4b/ Frame 262C 1 B
645 B 10ms
10ms Fetch
text/plain 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a54cf32cfdd1fa5/1678380547272/02b865e5079f7fc6f6b03a0e78705d0ea436b53e40a2972e509e7f92abd2ed4b/y7cTK44iwNj3icu
Requested by: Host: nun.nu
URL: https://nun.nu//51rwsc.csb.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/e8ci7/0x4AAAAAAABZhp0F10vp_gzv/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:49:08 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gArhl5Qeff8b2sDoOeHBdDqQ2tT5AopcuUJ5_kqvS7UsAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtM36gtcQXzi5XpeTNxbMn5Uxk4ZQTSzSssfqmc92M35EvqVnBzWtAkZzNkM5nhKHweggvBeq3tfmiEKGO4UbUCDHDjNRiY0V-c7beLBsuZ5mSKHzOErYodfcpo0TmFcWETFqJIQta8mePmEsl6IQ4f3-FhDMPOBNcA_07xaVvdaMmpP5i6_0KHb-A5yJOAXW0tTZrPP1d-t_tTN69nQN4c5j2-Zg7g9pb_H5WvGlmfQ16JRFsCYSsaCXiwdvT9gI8f7hWhIy5PH-fnlNjbUWgVtVLPn-ygwPaofdcwATmdR-BgCHIGuH1yXxgr7P0JZubZChBIB96vOn1_3Bt2yRvwIDAQAB, max-age=20
server: cloudflare
cf-ray: 7a54cf39f96e1fa5-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| recaptchaCallback object| turnstile

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.codesandbox.io/	1969-12-31 23:59:59	Name: _cfuvid Value: 5idijtJmI4Q7PpfY6i8uc9sVD07LaW9b0aToUNI7Fx0-1678380541278-0-604800000
			.sftrn.com/	1970-01-20 10:13:04	Name: yOxu Value: deee469a2639da0b3a46c9776ccc0617edb70401133d9ded68a913f0d5b9863c

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a54cf32cfdd1fa5/1678380547272/02b865e5079f7fc6f6b03a0e78705d0ea436b53e40a2972e509e7f92abd2ed4b/y7cTK44iwNj3icu Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10q1n-microsf.sftrn.com
51rwsc.csb.app
cfkn.ascendstaffinq.com
challenges.cloudflare.com
codesandbox.io
nun.nu
pgm.miklaserv.com
stackpath.bootstrapcdn.com
139.162.94.189
20.241.70.12
2606:4700::6812:603
2606:4700::6812:772
2606:4700::6812:7b9
2606:4700::6812:acf
45.63.34.251
029715d69cc7d1648353b7adfb290e38ae8ca94ea224f99b989d75c5d4f2754f
0a8fd792db45f6d5c2f3bb383b931fbdc61b483d2d9be455d62e11a4357f93e5
232e0d971db30dca321d426251202480be63d240440c275c01d7dd2c113ea396
2d91020394c232a07e303c0caff12346b174a759ed94de8bb0eac6c8b60e2660
37467003b7b30316d228ae9ecc4a33124ccf3d8221612f7623209fe1e04995c2
3c1e4eff4a12a46aa1144efb583c744f1a1fad6f1e22b233ca3e4b13aee8f651
5d32a15d4694a9a6cd245c8ce10acbb9ef6fe293331ca508a5ecc6ab78acc158
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
683fbdef88b2ebf85e44c498687952697f4093fb1ff40f884eb6a2f3c74d0bb7
6d36742c4f6cc2b181549b59a840f78d27060713dd43a8cd8a149b4ad8d148ec
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
c5b8129a26649c1838583eeba4ffb9f71e0315f80eddb7c3f514c2e18a2be8bd
e684444395ad8ec6dec8c23bfe9f4d1edf06257f39c561a2ab99dbabea9866c6
f74bf2cf5a8225beb66712ff4e859c5d4ba9c24123e6de2f427b4b9fde408928

10q1n-microsf.sftrn.com Open in urlscan Pro 45.63.34.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

57 %IPv6

8 Domains

8 Subdomains

7 IPs

2 Countries

196 kBTransfer

620 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

2 Cookies

2 Console Messages

Security Headers

Indicators

10q1n-microsf.sftrn.com Open in urlscan Pro
45.63.34.251 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

57 %
IPv6

8
Domains

8
Subdomains

7
IPs

2
Countries

196 kB
Transfer

620 kB
Size

2
Cookies

15 HTTP transactions
0 data transactions