urlscan.io logo urlscan.io
SecurityTrails logo

mailsec-personalprocess-boa-com.preview-domain.com Open in urlscan Pro
2606:4700::6812:1878  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ht.ly/YWHE30spaPT
Effective URL: https://mailsec-personalprocess-boa-com.preview-domain.com/cis/index.php?__cf_chl_tk=2XtuYLWWad5pvgnYLhXA7XaexTUT4TnMCXwYUCPNUh8-1659096598-0-gaNycGzNChE
Submission: On August 03 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 10 domains to perform 14 HTTP transactions. The main IP is 2606:4700::6812:1878, located in and belongs to . The main domain is mailsec-personalprocess-boa-com.preview-domain.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 3rd 2022. Valid for: a year.
This is the only time mailsec-personalprocess-boa-com.preview-domain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.67.57.56 16509 (AMAZON-02)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 162.241.85.156 46606 (UNIFIEDLA...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 18.66.112.9 16509 (AMAZON-02)
1 52.216.168.11 16509 (AMAZON-02)
1 2606:4700::68... ()
5 104.16.169.131 ()
14 8
1    54.67.57.56 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ow.ly
ht.ly
1    2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
l.wl.co
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    162.241.85.156 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-85-156.unifiedlayer.com
nerlikarhospital.com
1    2606:4700:3038::6815:ebb5 (United States)

ASN13335 (CLOUDFLARENET, US)
www.linkpicture.com
1    18.66.112.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-9.fra56.r.cloudfront.net
www.nhpr.org
1    52.216.168.11 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
npr-brightspot.s3.amazonaws.com
1    2606:4700::6812:1878 (None, )

ASN- ()
mailsec-personalprocess-boa-com.preview-domain.com
5    104.16.169.131 (None, )

ASN- ()
www.hcaptcha.com
newassets.hcaptcha.com
Apex Domain
Subdomains		 Transfer
5 hcaptcha.com
www.hcaptcha.com
newassets.hcaptcha.com
hcaptcha.com Failed
240 KB
1 preview-domain.com
mailsec-personalprocess-boa-com.preview-domain.com
4 KB
1 amazonaws.com
npr-brightspot.s3.amazonaws.com
42 KB
1 nhpr.org
www.nhpr.org — Cisco Umbrella Rank: 630566
307 B
1 linkpicture.com
www.linkpicture.com — Cisco Umbrella Rank: 114052
53 KB
1 nerlikarhospital.com
nerlikarhospital.com
568 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
1 wl.co
l.wl.co — Cisco Umbrella Rank: 384531
872 B
1 ht.ly
ht.ly
435 B
0 dlendomanagement.com Failed
dlendomanagement.com Failed
14 10
Domain Requested by
4 newassets.hcaptcha.com www.hcaptcha.com
newassets.hcaptcha.com
1 www.hcaptcha.com mailsec-personalprocess-boa-com.preview-domain.com
1 mailsec-personalprocess-boa-com.preview-domain.com
1 npr-brightspot.s3.amazonaws.com nerlikarhospital.com
1 www.nhpr.org 1 redirects
1 www.linkpicture.com nerlikarhospital.com
1 nerlikarhospital.com l.wl.co
1 www.facebook.com l.wl.co
1 l.wl.co
1 ht.ly 1 redirects
0 hcaptcha.com Failed newassets.hcaptcha.com
0 dlendomanagement.com Failed mailsec-personalprocess-boa-com.preview-domain.com
14 12

This site contains no links.

Subject Issuer Validity Valid
*.wl.co
DigiCert SHA2 High Assurance Server CA		 2022-05-12 -
2022-08-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-12 -
2022-08-10		 3 months crt.sh
nerlikarhospital.com
R3		 2022-06-18 -
2022-09-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-17 -
2023-05-17		 a year crt.sh

This page contains 3 frames:

Primary Page: https://mailsec-personalprocess-boa-com.preview-domain.com/cis/index.php?__cf_chl_tk=2XtuYLWWad5pvgnYLhXA7XaexTUT4TnMCXwYUCPNUh8-1659096598-0-gaNycGzNChE
Frame ID: EEB7FE0E1B455CC665742AB8E01A10CF
Requests: 9 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/750f21b/static/hcaptcha.html
Frame ID: 59A025FFCCB3C1E86D4E31746EEBAC9D
Requests: 2 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/750f21b/static/hcaptcha.html
Frame ID: 80B03AD2B866A8B72D0F79C984E068DE
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ht.ly/YWHE30spaPT HTTP 301
    https://l.wl.co/l?u=https://nerlikarhospital.com/wp-content/uploads/2022/08/UC.html Page URL
  2. https://nerlikarhospital.com/wp-content/uploads/2022/08/UC.html Page URL
  3. https://mailsec-personalprocess-boa-com.preview-domain.com/cis/index.php?__cf_chl_tk=2XtuYLWWad5pvgnYLhXA7XaexTUT4TnMCXwYUCPNUh8-165909... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

14
Requests

71 %
HTTPS

44 %
IPv6

10
Domains

12
Subdomains

8
IPs

2
Countries

340 kB
Transfer

953 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ht.ly/YWHE30spaPT HTTP 301
    https://l.wl.co/l?u=https://nerlikarhospital.com/wp-content/uploads/2022/08/UC.html Page URL
  2. https://nerlikarhospital.com/wp-content/uploads/2022/08/UC.html Page URL
  3. https://mailsec-personalprocess-boa-com.preview-domain.com/cis/index.php?__cf_chl_tk=2XtuYLWWad5pvgnYLhXA7XaexTUT4TnMCXwYUCPNUh8-1659096598-0-gaNycGzNChE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ht.ly/YWHE30spaPT HTTP 301
  • https://l.wl.co/l?u=https://nerlikarhospital.com/wp-content/uploads/2022/08/UC.html
Request Chain 4
  • https://www.nhpr.org/sites/nhpr/files/201705/InternetSlowdown_Day.gif HTTP 301
  • https://npr-brightspot.s3.amazonaws.com/legacy/sites/nhpr/files/201705/InternetSlowdown_Day.gif

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
l
l.wl.co/
Redirect Chain
  • http://ht.ly/YWHE30spaPT
  • https://l.wl.co/l?u=https://nerlikarhospital.com/wp-content/uploads/2022/08/UC.html
261 B
872 B 		Document
General
Check archive.org
Download Go to
Full URL
https://l.wl.co/l?u=https://nerlikarhospital.com/wp-content/uploads/2022/08/UC.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: blob: https://*.wl.co https://*.fbcdn.net;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src 'self' 'unsafe-inline' data: blob: https://*.wl.co https://*.fbcdn.net;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
rollout
date
Wed, 03 Aug 2022 14:56:49 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
referrer-policy
origin
refresh
1;URL=https://nerlikarhospital.com/wp-content/uploads/2022/08/UC.html
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
0kKX2t8tM/UIDBul3mEm6XduMb6TbCh5wOmJfaHmvSz1OKNSHbJjsY08v2of72lZVRnnPBQl1E7uPcw+IQx2Eg==
x-frame-options
DENY
x-robots-tag
noindex, nofollow
x-xss-protection
0

Redirect headers

Connection
close
Content-Length
0
Date
Wed, 03 Aug 2022 14:56:48 GMT
Location
https://l.wl.co/l?u=https://nerlikarhospital.com/wp-content/uploads/2022/08/UC.html
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-Permitted-Cross-Domain-Policies
master-only
X-Pool
owly_web
X-XSS-Protection
1; mode=block
/
www.facebook.com/csp/reporting/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/csp/reporting/?m=c&minimize=0
Requested by
Host: l.wl.co
URL: https://l.wl.co/l?u=https://nerlikarhospital.com/wp-content/uploads/2022/08/UC.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://l.wl.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/csp-report

Response headers
UC.html
nerlikarhospital.com/wp-content/uploads/2022/08/ 		1 KB
568 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nerlikarhospital.com/wp-content/uploads/2022/08/UC.html
Requested by
Host: l.wl.co
URL: https://l.wl.co/l?u=https://nerlikarhospital.com/wp-content/uploads/2022/08/UC.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.85.156 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-85-156.unifiedlayer.com
Software
Apache /
Resource Hash
3bf83e9cd7de2cf91d9662f22e4202166559dec90448a3239a6e788d0bce7cd2

Request headers

Referer
https://l.wl.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
435
content-type
text/html
date
Wed, 03 Aug 2022 14:56:50 GMT
last-modified
Wed, 03 Aug 2022 00:03:05 GMT
server
Apache
vary
Accept-Encoding
x-server-cache
false
fdevdaa_1.png
www.linkpicture.com/q/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.linkpicture.com/q/fdevdaa_1.png
Requested by
Host: nerlikarhospital.com
URL: https://nerlikarhospital.com/wp-content/uploads/2022/08/UC.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
7c6b2c6fb4c47179866542cfd006d7a89983843d8ad1ace850d140c2b9324a67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nerlikarhospital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 14:56:50 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
385
x-powered-by
PleskLin
content-length
53567
last-modified
Sat, 02 Jul 2022 13:50:21 GMT
server
cloudflare
etag
"62c04d1d-d13f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTGRQ5hhATBWRvebg0cCtNGdHXJn2sjN1ilB75CIhHaLlOn7Nwlqgbyj%2Bs%2FGZwvYDXYIYrHYMvCqZ5Fo%2FeHSw6v3hcUkcMk7EF8SVvo5qahoUI6NXcfwqumY9OiefRNRo5XfsXct%2F2KwLc5Fux1Rj6qD"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
734fe6fb4fb99bee-FRA
InternetSlowdown_Day.gif
npr-brightspot.s3.amazonaws.com/legacy/sites/nhpr/files/201705/
Redirect Chain
  • https://www.nhpr.org/sites/nhpr/files/201705/InternetSlowdown_Day.gif
  • https://npr-brightspot.s3.amazonaws.com/legacy/sites/nhpr/files/201705/InternetSlowdown_Day.gif
41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://npr-brightspot.s3.amazonaws.com/legacy/sites/nhpr/files/201705/InternetSlowdown_Day.gif
Requested by
Host: nerlikarhospital.com
URL: https://nerlikarhospital.com/wp-content/uploads/2022/08/UC.html
Protocol
HTTP/1.1
Server
52.216.168.11 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nerlikarhospital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 14:56:52 GMT
Last-Modified
Thu, 17 Jun 2021 02:18:58 GMT
Server
AmazonS3
x-amz-request-id
Y46J07W67PYQGN3H
ETag
"ef474d09f00787104084b05ef0df9c9e"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
42262
x-amz-id-2
XjnS8C7wChGVDFC30XWOyRonbwmiOuFYGMwWCWsI14lqfolml1+XOrLho0pWKtNn6dENQvwgjQc=

Redirect headers

date
Wed, 03 Aug 2022 14:56:50 GMT
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
server
N/A
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
content-type
image/gif
location
https://npr-brightspot.s3.amazonaws.com/legacy/sites/nhpr/files/201705/InternetSlowdown_Day.gif
cache-control
max-age=300
content-length
0
x-amz-cf-id
cUSMIKHGUp09wNRaNl8B7f2yAB_0f4Pa6DjI9GMI09Lk7Wzrc8ckZw==
Primary Request index.php
mailsec-personalprocess-boa-com.preview-domain.com/cis/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mailsec-personalprocess-boa-com.preview-domain.com/cis/index.php?__cf_chl_tk=2XtuYLWWad5pvgnYLhXA7XaexTUT4TnMCXwYUCPNUh8-1659096598-0-gaNycGzNChE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1878 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
122b5f6a92ab29856097945703c25b4745678fffaabfa12780d47028dcc92976
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://nerlikarhospital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
734fe705bb799962-FRA
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 03 Aug 2022 14:56:54 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
cloudflare
x-powered-by
PHP/7.4.30
x-turbo-charged-by
LiteSpeed
api.js
www.hcaptcha.com/1/ 		281 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hcaptcha.com/1/api.js
Requested by
Host: mailsec-personalprocess-boa-com.preview-domain.com
URL: https://mailsec-personalprocess-boa-com.preview-domain.com/cis/index.php?__cf_chl_tk=2XtuYLWWad5pvgnYLhXA7XaexTUT4TnMCXwYUCPNUh8-1659096598-0-gaNycGzNChE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b6c69f27a8696b0d7896150d719922fdc91bb3a953a948fe92c0a91651aaea29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mailsec-personalprocess-boa-com.preview-domain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 14:56:54 GMT
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 29 Jul 2022 11:47:57 GMT
server
cloudflare
etag
W/"4d48fad86af48a6462b57286ae529611"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
x-amz-cf-pop
FRA50-C1
cf-ray
734fe7157ab0bbad-FRA
x-amz-cf-id
GJvSpqC_rmBYH526syIlWPej8r772XAjOMqZCwQQK__7eqelG1Xfew==
AP.php
dlendomanagement.com/ 		0
0
AP.php
dlendomanagement.com/ 		0
0
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/750f21b/static/ Frame 59A0 		2 KB
1009 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/750f21b/static/hcaptcha.html
Requested by
Host: www.hcaptcha.com
URL: https://www.hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
1208d52318184de20a59af9bfdbcf40903143a1f772bd1d6023fa846120d5fb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mailsec-personalprocess-boa-com.preview-domain.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10682
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
734fe715fbbdbbad-FRA
content-encoding
gzip
content-type
text/html
date
Wed, 03 Aug 2022 14:56:54 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Fri, 29 Jul 2022 11:47:57 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-id
6ryDGOMzb7v9dnTmp-cXiGzruAm7VVZOx8Cu9YdivM66EoM-bnkcZg==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/750f21b/static/ Frame 80B0 		2 KB
880 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/750f21b/static/hcaptcha.html
Requested by
Host: www.hcaptcha.com
URL: https://www.hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
1208d52318184de20a59af9bfdbcf40903143a1f772bd1d6023fa846120d5fb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mailsec-personalprocess-boa-com.preview-domain.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
10682
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
734fe715fbbfbbad-FRA
content-encoding
gzip
content-type
text/html
date
Wed, 03 Aug 2022 14:56:54 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Fri, 29 Jul 2022 11:47:57 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-id
6ryDGOMzb7v9dnTmp-cXiGzruAm7VVZOx8Cu9YdivM66EoM-bnkcZg==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/750f21b/ Frame 59A0 		281 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/750f21b/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/750f21b/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/750f21b/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 14:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
10682
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80883
access-control-allow-origin
*
last-modified
Fri, 29 Jul 2022 11:47:57 GMT
server
cloudflare
etag
"4d48fad86af48a6462b57286ae529611"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
cf-ray
734fe7163c2bbbad-FRA
x-amz-cf-id
GoTOc581nDeGwloAmNOqiiqy22YPyXgScoQGpxz0Ywj161_O8b3cEw==
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/750f21b/ Frame 80B0 		281 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/750f21b/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/750f21b/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b6c69f27a8696b0d7896150d719922fdc91bb3a953a948fe92c0a91651aaea29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/750f21b/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 14:56:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
10682
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80883
access-control-allow-origin
*
last-modified
Fri, 29 Jul 2022 11:47:57 GMT
server
cloudflare
etag
"4d48fad86af48a6462b57286ae529611"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=1209600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
cf-ray
734fe7163c2ebbad-FRA
x-amz-cf-id
GoTOc581nDeGwloAmNOqiiqy22YPyXgScoQGpxz0Ywj161_O8b3cEw==
truncated
/ Frame 80B0 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
hcaptcha.com/ Frame 80B0 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dlendomanagement.com
URL
https://dlendomanagement.com/AP.php?f=cDAremN1OEJqY3ZzUk9yU24xRm41azhKKzVESWtFalVLS253ZmNud2ttWEFkalNOZFkxeXo0d2dDZjUyZHM1REFsYWI0Vk93cnJ1UHF0Q0t0TzJzcG9pYUp5MTBaS1ZoaWo0bDQzT21yK0hrZW9UdXRuMkNMU1lQMWVycEdvS2twQ1FYbURha25pNUx6VXlJb2RBYXVrbzNOMG1HTVhyTTZLbTFwU0syY0l4cm93S3JkNVQrSGU2TER1bGVOOFo0cVREMy92bE9HSkY0cERzQkozZko1OEZnVDZpbzNrUGdqRDQxSlh5dllaTkZEZ3dMUEtrWlRCZllqbDJpU3JqVDA1YlUwa3JMRHNzK0huNmdQVjNBbjBmMGdZY01PT25ycE81RzJacjZZSSs3NVpmTk9ORU9FVWlmZytGY2lqZTQ=
Domain
dlendomanagement.com
URL
https://dlendomanagement.com/AP.php?f=cDAremN1OEJqY3ZzUk9yU24xRm41azhKKzVESWtFalVLS253ZmNud2ttWEFkalNOZFkxeXo0d2dDZjUyZHM1REFsYWI0Vk93cnJ1UHF0Q0t0TzJzcG9pYUp5MTBaS1ZoaWo0bDQzT21yK0hrZW9UdXRuMkNMU1lQMWVycEdvS2twQ1FYbURha25pNUx6VXlJb2RBYXVrbzNOMG1HTVhyTTZLbTFwU0syY0l4cm93S3JkNVQrSGU2TER1bGVOOFo0S1VJcGNZZ2J1Rkx5Z2t4K0ZZUzh0eTVBZ00wbVg3NHlldUVXTDdPb2NPaWZDcmpPblh1R0lmclZtSVBGR3hNcmtQY0JDcVBqYnFTMXBYajlIWGl3YmUya3hNWE1XZ1hWMTZudkJFUUIyWU5XVTN0M2FjOTdDaGpEWFppSmdIWGxNQkZhaTQ0ZDk1UEw3NFpCdFJMUmRnPT0=
Domain
hcaptcha.com
URL
https://hcaptcha.com/checksiteconfig?v=750f21b&host=mailsec-personalprocess-boa-com.preview-domain.com&sitekey=29ef0b88-3483-4311-b2c6-ad9ff1536658&sc=1&swa=1

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' data: blob: https://*.wl.co https://*.fbcdn.net;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0