urlscan.io logo urlscan.io
SecurityTrails logo

20as9exgce615bgrxrct.s6y0.ru Open in urlscan Pro
2606:4700:3034::6815:f7f  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://membership.cyberlink.com/prog/event/autoedm/trace_mem.jsp?linkId=137540&e=133907518&affid=2581_0_865_auto-birthday_202302...
Effective URL: https://20as9exgce615bgrxrct.s6y0.ru/f3Y1a9C/
Submission: On July 27 via manual — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3034::6815:f7f, located in United States and belongs to . The main domain is 20as9exgce615bgrxrct.s6y0.ru.
TLS certificate: Issued by GTS CA 1P5 on July 18th 2023. Valid for: 3 months.
This is the only time 20as9exgce615bgrxrct.s6y0.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    99.83.161.79 (United States)

ASN- ()
membership.cyberlink.com
1    91.209.70.247 (Belize)

ASN- ()
daisyandarrow.com
2    2606:4700:3034::6815:f7f (United States)

ASN- ()
20as9exgce615bgrxrct.s6y0.ru
1    2001:4de0:ac18::1:a:1b (Netherlands)

ASN- ()
code.jquery.com
8    2606:4700::6811:2b8 (United States)

ASN- ()
challenges.cloudflare.com
1    2606:4700::6810:5914 (United States)

ASN- ()
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 6413
203 KB
2 s6y0.ru
20as9exgce615bgrxrct.s6y0.ru
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 361
25 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 754
30 KB
1 daisyandarrow.com
daisyandarrow.com
286 B
1 cyberlink.com
membership.cyberlink.com
2 KB
14 6
Domain Requested by
8 challenges.cloudflare.com 1 redirects 20as9exgce615bgrxrct.s6y0.ru
challenges.cloudflare.com
2 20as9exgce615bgrxrct.s6y0.ru 1 redirects
1 cdn.jsdelivr.net daisyandarrow.com
1 code.jquery.com daisyandarrow.com
1 daisyandarrow.com
1 membership.cyberlink.com 1 redirects
14 6

This site contains no links.

Subject Issuer Validity Valid
mail.daisyandarrow.com
R3		 2023-07-20 -
2023-10-18		 3 months crt.sh
s6y0.ru
GTS CA 1P5		 2023-07-18 -
2023-10-16		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://20as9exgce615bgrxrct.s6y0.ru/f3Y1a9C/
Frame ID: B6003632F4774D515B319077B96234C4
Requests: 6 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/394u1/0x4AAAAAAAH5_XgsA6a8Djxv/auto/normal
Frame ID: 91A6CAE1F9E5024C67D9186314F62FDD
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://20as9exgce615bgrxrct.s6y0.ru/f3Y1a9C HTTP 301
    https://20as9exgce615bgrxrct.s6y0.ru/f3Y1a9C/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

14
Requests

71 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

260 kB
Transfer

642 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://20as9exgce615bgrxrct.s6y0.ru/f3Y1a9C HTTP 301
    https://20as9exgce615bgrxrct.s6y0.ru/f3Y1a9C/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://membership.cyberlink.com/prog/event/autoedm/trace_mem.jsp?linkId=137540&e=133907518&affid=2581_0_865_auto-birthday_20230211_ESP&traceLink=https://daisyandarrow.com%2Fnew%2Fauth%2FVkZB%2F%2F%2F%2FbWFyeWJldGguYXlyZXNAbW9udGdvbWVyeWNvdW50eW1kLmdvdg== HTTP 302
  • https://daisyandarrow.com/new/auth/VkZB////bWFyeWJldGguYXlyZXNAbW9udGdvbWVyeWNvdW50eW1kLmdvdg==
Request Chain 3
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/11b725eb/api.js

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
bWFyeWJldGguYXlyZXNAbW9udGdvbWVyeWNvdW50eW1kLmdvdg==
daisyandarrow.com/new/auth/VkZB////
Redirect Chain
  • https://membership.cyberlink.com/prog/event/autoedm/trace_mem.jsp?linkId=137540&e=133907518&affid=2581_0_865_auto-birthday_20230211_ESP&traceLink=https://daisyandarrow.com%2Fnew%2Fauth%2FVkZB%2F%2F...
  • https://daisyandarrow.com/new/auth/VkZB////bWFyeWJldGguYXlyZXNAbW9udGdvbWVyeWNvdW50eW1kLmdvdg==
0
286 B 		Document
General
Check archive.org
Download Go to
Full URL
https://daisyandarrow.com/new/auth/VkZB////bWFyeWJldGguYXlyZXNAbW9udGdvbWVyeWNvdW50eW1kLmdvdg==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
91.209.70.247 , Belize, ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Thu, 27 Jul 2023 23:56:52 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
refresh
0;url=https://20as9exgce615bgrxrct.S6y0.ru/f3Y1a9C#marybeth.ayres@montgomerycountymd.gov

Redirect headers

access-control-allow-headers
Content-Type
content-length
0
content-type
text/html;charset=UTF-8
date
Thu, 27 Jul 2023 23:56:52 GMT
location
https://daisyandarrow.com/new/auth/VkZB////bWFyeWJldGguYXlyZXNAbW9udGdvbWVyeWNvdW50eW1kLmdvdg==
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
Primary Request /
20as9exgce615bgrxrct.s6y0.ru/f3Y1a9C/
Redirect Chain
  • https://20as9exgce615bgrxrct.s6y0.ru/f3Y1a9C
  • https://20as9exgce615bgrxrct.s6y0.ru/f3Y1a9C/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20as9exgce615bgrxrct.s6y0.ru/f3Y1a9C/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:f7f , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
756b6d9ce7181c573990164eb25b9717e89e0c01e8d3c378dcbab6f0e4b9cbf7

Request headers

Referer
https://daisyandarrow.com/new/auth/VkZB////bWFyeWJldGguYXlyZXNAbW9udGdvbWVyeWNvdW50eW1kLmdvdg==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ed8d24e9a5830c0-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 27 Jul 2023 23:56:54 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztWGTkQcaKgd%2Fx%2BjHmfYYWP4ypM%2F02BdYU8xmLx1NrSVzJqATpUT1ygHZ4CQ%2Bpu9El1KiD2Zg5v2Nkm0Zh9ocZayOJp7PcPCe%2BO0%2B8bhfF9txepJ1r0Ny91R4G9pyYJ9PnNDXjFPmCSEdyrG4O8BTq9WkKdc5mmXO%2FyZ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ed8d24e5a3230c0-FRA
content-type
text/html
date
Thu, 27 Jul 2023 23:56:52 GMT
location
https://20as9exgce615bgrxrct.s6y0.ru/f3Y1a9C/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nN4I02YJsM3hbECvEawsU04RJD0boYphZ4iWI4RMeckXgfZz6WhCkvqHqTIqM2Cm7NTwpt3Li60RJ%2BRpweaVJXL%2B1UYfzwD6UJCJkMIjIBYVN0yRUOpPm9gWgoEFxSElLApwKKVtP3WqZgNrbca1TyXLQtPOwGmkkT%2Fm"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
truncated
/ 		130 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95ce098d45fa057193696d267cfd9cc8455a667984e06db234d0a1b8d572094d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type
text/javascript
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: daisyandarrow.com
URL: https://daisyandarrow.com/new/auth/VkZB////bWFyeWJldGguYXlyZXNAbW9udGdvbWVyeWNvdW50eW1kLmdvdg==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://20as9exgce615bgrxrct.s6y0.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 27 Jul 2023 23:56:54 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1690502214.dop264.fr8.t,1690502214.cds291.fr8.hn,1690502214.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
api.js
challenges.cloudflare.com/turnstile/v0/b/11b725eb/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/b/11b725eb/api.js
25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/11b725eb/api.js
Requested by
Host: 20as9exgce615bgrxrct.s6y0.ru
URL: https://20as9exgce615bgrxrct.s6y0.ru/f3Y1a9C/
Protocol
H2
Server
2606:4700::6811:2b8 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ecd0b8c3807eed23112c89bd06b4fdc99ac40add0d34bab2e3e3156ae6796e1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20as9exgce615bgrxrct.s6y0.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 23:56:54 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7ed8d2592ed9bbc7-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 27 Jul 2023 23:56:54 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/b/11b725eb/api.js
cache-control
max-age=300, public
cf-ray
7ed8d2590ebdbbc7-FRA
alt-svc
h3=":443"; ma=86400
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
Requested by
Host: daisyandarrow.com
URL: https://daisyandarrow.com/new/auth/VkZB////bWFyeWJldGguYXlyZXNAbW9udGdvbWVyeWNvdW50eW1kLmdvdg==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20as9exgce615bgrxrct.s6y0.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 23:56:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
13447396
x-jsd-version
5.0.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230097-FRA, cache-yyz4521-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrqRbWIDBpuSIvcbtE3OSroxUDK7kmWLuWZACTbogwEQYGOt%2F54PuAYVTMR1pxw1oH9FHxG5yU8GaPE6qeSUlYkE18w3aJ4yeN1EcHwDuShUVgMRwUyBUCcxBL9NhDw40siVF%2FXuQjI3kFMHNeA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7ed8d2590b1e39df-FRA
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/394u1/0x4AAAAAAAH5_XgsA6a8Djxv/auto/ Frame 91A6 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/394u1/0x4AAAAAAAH5_XgsA6a8Djxv/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
400173bdb6dea6abe1e3bc50267bef96dedad8a47d44713c9bd55525440ed1ed
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://20as9exgce615bgrxrct.s6y0.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7ed8d2598d1e9950-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 27 Jul 2023 23:56:54 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 91A6 		181 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7ed8d2598d1e9950
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/394u1/0x4AAAAAAAH5_XgsA6a8Djxv/auto/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
af048c165ce278b880bb7d7345ba9e8dac69f650b4f6976ad2771fb43ccb8f57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/394u1/0x4AAAAAAAH5_XgsA6a8Djxv/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 23:56:54 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7ed8d259dd5e9950-FRA
alt-svc
h3=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
45e0f32d-0c16-4a7d-ba81-199c7d3db998
https://challenges.cloudflare.com/ Frame 91A6 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/45e0f32d-0c16-4a7d-ba81-199c7d3db998
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/394u1/0x4AAAAAAAH5_XgsA6a8Djxv/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
6db05d62423d79e
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1672092864:1690499559:NpIy6wpJc8nbK-vFKCXkTKeUyPFRTPiZ9RtGYTK1sos/7ed8d2598d1e9950/ Frame 91A6 		155 KB
113 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1672092864:1690499559:NpIy6wpJc8nbK-vFKCXkTKeUyPFRTPiZ9RtGYTK1sos/7ed8d2598d1e9950/6db05d62423d79e
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7ed8d2598d1e9950
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d7abbfdb36b954b6592d93c1b67462f379cf7a7f1dcc2cd0558599e735289ae1

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/394u1/0x4AAAAAAAH5_XgsA6a8Djxv/auto/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
CF-Challenge
6db05d62423d79e
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
eycYgtt4R+SdGGvkaib4enHl7Vz3kmrga+NlSeci1Fc5i82huHV+4TEiwJWJrEn5dmu+kTtBWMojVqmkfnOEiqlKM164hJL+5n7IdXr0ItwVwB6ZV759RUVMlcCGTvmH/rvJ6J9vDPQchXfm8n1Ixao9U3ApIl8H+UPUBI1SdPJqHcTjH4RneKxysVhlv9aCCVeS+xCWjsIXxDRWLVfa6gnY++hZZIRUj0IcD1I78cjSzXDwExvVnvXIzm+qsgGooPjtSXERP+VNdKTZcEt55ZTH/wRfR7Y58cnZ8x1dlD07rsYnXyPmSKx+ErNihihvRI7qJbYVSx4/KRdWFY17wsKecDU4cEuBua+N9VccQqvYVpNggriDsbVVNMXkG6gK0uyxFnnCLf4pWgFn/3lhiFB9Yy0gf3jKKGOArPfBT3N6SFmo4Ls2mTF3sfGxKRvrYBvWWlWiuS/E746gkfum0A==$mQRh9JxoDXls99gUaLdooA==
date
Thu, 27 Jul 2023 23:56:54 GMT
content-encoding
br
server
cloudflare
cf-ray
7ed8d25aee029950-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
a791c77f-9d33-4947-be78-cad832ba83ce
https://challenges.cloudflare.com/ Frame 91A6 		80 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/a791c77f-9d33-4947-be78-cad832ba83ce
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d5d7571ddb9876d6bdb02c3291e62d788f660b71e6eb9d9032234a691db4680

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/394u1/0x4AAAAAAAH5_XgsA6a8Djxv/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length
80
Content-Type
text/javascript
38a67a48-ad11-4e9f-8a6a-e03589398406
https://challenges.cloudflare.com/ Frame 91A6 		656 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/38a67a48-ad11-4e9f-8a6a-e03589398406
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/394u1/0x4AAAAAAAH5_XgsA6a8Djxv/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length
656
Content-Type
text/javascript
zbDKbZCsliVqR1_
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7ed8d2598d1e9950/1690502214881/f660e15d7ac9b13280adafcdfe00047426bb6aedaaa0ced4fa2dcf82cbddf993/ Frame 91A6 		1 B
629 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7ed8d2598d1e9950/1690502214881/f660e15d7ac9b13280adafcdfe00047426bb6aedaaa0ced4fa2dcf82cbddf993/zbDKbZCsliVqR1_
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7ed8d2598d1e9950
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/394u1/0x4AAAAAAAH5_XgsA6a8Djxv/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 23:56:55 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g9mDhXXrJsTKAra_N_gAEdCa7au2qoM7U-i3Pgsvd-ZMAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAvAJPp_tymNy24tzFnHwYAzYqYkGhCbu0yOIs40wj7UaanB5K7Y-OMGhqgFXq1gRVda20QppB16o5JWfqw56x9pUyZkX5NE3ao83zmBuo5k5YhxD1hC51zWbsBO4nl9IYlWfih99PZo9MeiG9vNzguCdJrVQLDCzqpouWrKKEjY1u6M6KTXbGNMorH_McvvsM0ZHaSglZ7osnBryUdVFLapT-dkzl5nRPevW7R2PFuvzZ9yuTmwdugysmDQtsPS3S6_hTagG4ZqfwHiPiNyxSbSMIepsGVJNB_24zvZG0GMGmf2nn9QlCrwPYu5GL2pVHjLj7I5lmgFKjIaUOfIZRdQIDAQAB, max-age=20
server
cloudflare
cf-ray
7ed8d25fd9b49950-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
xAKq4Cb_D1BUetB
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/7ed8d2598d1e9950/1690502214882/ Frame 91A6 		61 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/7ed8d2598d1e9950/1690502214882/xAKq4Cb_D1BUetB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
96c60a1070f69b9875a3a54327257cef0e706e39d5e05e4472d29df67e4d6c56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/394u1/0x4AAAAAAAH5_XgsA6a8Djxv/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Thu, 27 Jul 2023 23:56:55 GMT
server
cloudflare
cf-ray
7ed8d26009da9950-FRA
alt-svc
h3=":443"; ma=86400
content-type
image/png
6db05d62423d79e
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1672092864:1690499559:NpIy6wpJc8nbK-vFKCXkTKeUyPFRTPiZ9RtGYTK1sos/7ed8d2598d1e9950/ Frame 91A6 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1672092864:1690499559:NpIy6wpJc8nbK-vFKCXkTKeUyPFRTPiZ9RtGYTK1sos/7ed8d2598d1e9950/6db05d62423d79e
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7ed8d2598d1e9950
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ba5b12ef1fffe44662ee7cb3974b65ec04c7ea2025596da4a829683f9ce733bc

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/394u1/0x4AAAAAAAH5_XgsA6a8Djxv/auto/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
CF-Challenge
6db05d62423d79e
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
yu7nMi+IXWtC4tGVSHPtDyXiQ5gLR2kEP3zM9KChW/+CiO1LruuGxvy3fdqxxZpF$ygXNNhMIInRsS5LjDhK2jg==
date
Thu, 27 Jul 2023 23:56:55 GMT
content-encoding
br
server
cloudflare
cf-ray
7ed8d2608a469950-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| nox function| $ function| jQuery function| x object| turnstile

17 Cookies

Domain/Path Name / Value
membership.cyberlink.com/ Name: AWSALB
Value: uM+JFu2vPzE2pVnuFGkjk4s6RxNDHqrAnPlQwupSoY9Wv5Z8DwI2CBEucPV+h4KjSVgehCYpcFJRFgQn2CZjgR4Dq4+FA2omB93eEqNvI7MMnMp5X41Q0dbDlrzO
membership.cyberlink.com/ Name: AWSALBCORS
Value: uM+JFu2vPzE2pVnuFGkjk4s6RxNDHqrAnPlQwupSoY9Wv5Z8DwI2CBEucPV+h4KjSVgehCYpcFJRFgQn2CZjgR4Dq4+FA2omB93eEqNvI7MMnMp5X41Q0dbDlrzO
membership.cyberlink.com/ Name: JSESSIONID
Value: C8DEFAA6720224BCA02840D2D6290A3D
.cyberlink.com/ Name: CLCUSTOMERSESSIONID
Value: C8DEFAA6720224BCA02840D2D6290A3D
.cyberlink.com/ Name: CLCUSTOMERAGENT
Value: 4D6F7A696C6C612F352E30202857696E646F7773204E542031302E303B2057696E36343B2078363429204170706C655765624B69742F3533372E333620284B48544D4C2C206C696B65204765636B6F29204368726F6D652F3131352E302E353739302E313130205361666172692F3533372E3336
.cyberlink.com/ Name: CLCOUNTRYCODE
Value: DE
.cyberlink.com/ Name: lang
Value: DEU
.cyberlink.com/ Name: CLCUSTOMERLANG
Value: DEU
.cyberlink.com/ Name: B-locale
Value: de_DE
.cyberlink.com/ Name: country_lang
Value: de_DE
.cyberlink.com/ Name: DEU_nLangIdAndLocale
Value: "7,de_DE"
.cyberlink.com/ Name: CLCCE
Value: YES
.cyberlink.com/ Name: CLCCEF
Value: YES
.cyberlink.com/ Name: CLCCEDM
Value: NO
.cyberlink.com/ Name: CL_Aff_Id
Value: 2581_0_865_auto-birthday_20230211_ESP
.cyberlink.com/ Name: AID
Value: 2581_0_865_auto-birthday_20230211_ESP
20as9exgce615bgrxrct.s6y0.ru/ Name: PHPSESSID
Value: t444mdi82dtblv6r6534gq336t

4 Console Messages

Source Level URL
Text
javascript warning URL: data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoImh0bWwiKS5nZXRBdHRyaWJ1dGUoInZhbHVlIikpKSkpO25veD0ia2s2LW4xaWZyNzdoZXUyMC0mYmsiOw==
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoImh0bWwiKS5nZXRBdHRyaWJ1dGUoInZhbHVlIikpKSkpO25veD0ia2s2LW4xaWZyNzdoZXUyMC0mYmsiOw==
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7ed8d2598d1e9950/1690502214881/f660e15d7ac9b13280adafcdfe00047426bb6aedaaa0ced4fa2dcf82cbddf993/zbDKbZCsliVqR1_
Message:
Failed to load resource: the server responded with a status of 401 ()