2u.pw Open in urlscan Pro
172.66.40.142 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://2u.pw/BsO7FuHB
Submission: On June 16 via api (June 16th 2024, 12:01:27 pm UTC) from CZ — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 24 HTTP transactions. The main IP is 172.66.40.142, located in United States and belongs to CLOUDFLARENET, US. The main domain is 2u.pw.
TLS certificate: Issued by E1 on May 3rd 2024. Valid for: 3 months.

This is the only time 2u.pw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	172.66.40.142 172.66.40.142	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.3.184 104.17.3.184	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.2.184 104.17.2.184	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	5

13 172.66.40.142 (United States)

ASN13335 (CLOUDFLARENET, US)

2u.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.3.184 (None, )

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.2.184 (None, )

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	2u.pw 2u.pw	267 KB
4	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 4305	14 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 951	7 KB
24	3

	Domain	Requested by
13	2u.pw	2u.pw static.cloudflareinsights.com
4	challenges.cloudflare.com	2u.pw challenges.cloudflare.com
2	static.cloudflareinsights.com	2u.pw
24	3

This site contains no links.

Subject Issuer	Validity	Valid
2u.pw E1	`2024-05-03` - `2024-08-01`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2023-08-18` - `2024-08-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://2u.pw/BsO7FuHB
Frame ID: 97D1E9002DAEA57FB2A175541A6BF984
Requests: 22 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xp1bd/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: B22433C9468F5BCA72B623EACA8AFAA0
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/erg6k/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: 1C3996D620E0259C578B3A6F67A76898
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

https://2u.pw/BsO7FuHB HTTP 307
https://2u.pw/BsO7FuHB Page URL
https://2u.pw/BsO7FuHB Page URL

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

24
Requests

79 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

5
IPs

2
Countries

289 kB
Transfer

956 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://2u.pw/BsO7FuHB HTTP 307
https://2u.pw/BsO7FuHB Page URL
https://2u.pw/BsO7FuHB Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://2u.pw/BsO7FuHB HTTP 307
https://2u.pw/BsO7FuHB

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

403

BsO7FuHB Show response
2u.pw/
Redirect Chain

https://2u.pw/BsO7FuHB
https://2u.pw/BsO7FuHB

16 KB
8 KB

35ms
34ms

Document
text/html

172.66.40.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2u.pw/BsO7FuHB

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4aa52dbea20beff0a89a402a842428fb848c9dc66041db504fa414125998c9a7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: Mo9hxU2f+Osua5XRqO4TRDXcpeKsdBIu12cdxi9gxEL/eiKLVM9zC1JAc4wdcwB982oI0dQy2U1TZDN6LxO5jdZ+qgkjjXRvscb3K92pkoNFAABSNdkMJB6Ps38cuGnLdTLB3gKjh0FAjDGTJin+Aw==$UvbGkrE2fvSbYtNwG+USuw==
cf-mitigated: challenge
cf-ray: 894aa514cb1d371a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Sun, 16 Jun 2024 12:01:22 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n1hn2UfxzCYMwck7eSYS2XSGsXQ5XMHsFUhyjypsbOiM4zfkIdziBLDJ61X%2FvdwA6ASNLZ8D1Ug%2B1XFn%2BxDD0lkWZTj43abjgMkh0PJI3hZT2tQkvKhx"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

Location: https://2u.pw/BsO7FuHB

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 390ms
98ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: 2u.pw
URL: https://2u.pw/BsO7FuHB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://2u.pw
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 12:01:23 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 894aa5172ec137d2-FRA

GET
H3 200 v1 Show response
2u.pw/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 364 KB
100 KB 269ms
269ms Script
application/javascript 172.66.40.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2u.pw/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=894aa514cb1d371a
Requested by: Host: 2u.pw
URL: https://2u.pw/BsO7FuHB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.40.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5990c48f4992d3cbbed25cd9858ede3d840f2a4ef55a69d0dcee066f42cbba4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "126.0.6478.61"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://2u.pw/BsO7FuHB?__cf_chl_rt_tk=cNqajm3Me1IcFER7fa6ZtMpsVxiPTXDwhGvItYQoxHY-1718539282-0.0.1.1-3540
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 12:01:22 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HWe1WHynhCMBV%2BeqxPcuQBRXStqnFK30IvLT%2BLiy7lFCQ9DReAKXkCbdoUxrrmSFToYuXn85YGIY2QlUg1R%2BP6HgLRfCGNbj9ggTMRi72HV0kbagir3a"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 894aa5156bf4371a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/ 42 KB
14 KB 61ms
35ms Script
application/javascript 104.17.3.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/api.js?onload=OZxW4&render=explicit
Requested by: Host: 2u.pw
URL: https://2u.pw/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=894aa514cb1d371a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22401f58443400f39ce653a1736059092e1e5f85ffbbbaeda4b11c16b5bade6e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://2u.pw
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 12:01:23 GMT
content-encoding: br
last-modified: Thu, 06 Jun 2024 21:04:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 894aa517ba754dbf-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 favicon.ico
2u.pw/ 2 KB
2 KB 29ms
28ms Image
text/html 172.66.40.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2u.pw/favicon.ico

Requested by

Host: 2u.pw
URL: https://2u.pw/BsO7FuHB

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8941d09c27a58c57f24a5fde35a8609a337e8e4ca8e780d23b5f991b2a29fd6d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "126.0.6478.61"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://2u.pw/BsO7FuHB
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 12:01:23 GMT
content-encoding: br
x-content-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
cf-chl-out: DrV/fgNb1hwmjio/OCWvozxM7U6rRcgEQrLYWMtzdyfGCf47dO1tbmtpJQr4itr5yazv+zNNHt6zSuodr5Qh7gBvPpkJP1RSlf4G4mUgpvuEGTh3ZXTxU1C1gsMcLc0YapgFNV7TLAnyxWtCYwNZng==$rftnCm6U2tnikGtUkE38tA==
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gRUIESf83EeHXe9%2FE3L6IKtppo742Jo89%2BpPvBWU80swM%2FCv5RS1R7N58WAkoY2viQTRm7xh9SapnoiLZ%2FB%2FHO0HzyFZQyQ4fq1t6q%2FLjg18nFDWwJmR"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 894aa5179ec4371a-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
BLOB 200
OK 4dd22802-0c92-4f05-8f10-ee4d6148406f
https://2u.pw/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://2u.pw/4dd22802-0c92-4f05-8f10-ee4d6148406f
Requested by: Host: 2u.pw
URL: https://2u.pw/BsO7FuHB
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://2u.pw/BsO7FuHB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 204 rum Show response
2u.pw/cdn-cgi/ 0
134 B 41ms
40ms XHR
text/plain 172.66.40.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2u.pw/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "126.0.6478.61"
content-type: application/json
sec-ch-ua-platform-version: "10.0.0"
Referer: https://2u.pw/BsO7FuHB
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 12:01:23 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://2u.pw
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 894aa5183f8a371a-FRA

GET
H3 403 favicon.ico
2u.pw/ 15 KB
8 KB 39ms
38ms Other
text/html 172.66.40.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2u.pw/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0654c73be470a5cfdbb2fe6c37167fc9d8007466b6a0cc385825ccff8ca69e99

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "126.0.6478.61"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://2u.pw/BsO7FuHB
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 12:01:23 GMT
content-encoding: br
x-content-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
cf-chl-out: dz9X35JIGcWgGM5Cp8irvPuprZGp3RGhxPQePXiuwucrKkZMflXKY3PY40fJOHlgQEzX3T463c9iER4asgiKK8PO3tcMKMzBT75+9eJJNqQXnvNNUpANgDHaefDRpPmvRrdELuo88GB7n96P5kX8uA==$ddAbEIu+KBSHc3VtQ+6NtQ==
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yXOgGVTo8feeUhEx8CbOw9KGEUtrs%2B1m%2BLEoPi3IzgorxyKnYLj8wAtu1FVsW%2BV5INzAt6k4CNf8DFGEvRFg3S3F7TGVeS1rQw%2FXxm42C3LBp24toUOU"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 894aa5183f8d371a-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H3 200 4eb5adde9250f09 Show response
2u.pw/cdn-cgi/challenge-platform/h/g/flow/ov1/499183917:1718536148:5lplqz4dam7C6u0papCLegtmwC5upkhudAkHYIL9oSM/894aa514cb1d371a/ 16 KB
12 KB 49ms
49ms XHR
text/plain 172.66.40.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2u.pw/cdn-cgi/challenge-platform/h/g/flow/ov1/499183917:1718536148:5lplqz4dam7C6u0papCLegtmwC5upkhudAkHYIL9oSM/894aa514cb1d371a/4eb5adde9250f09
Requested by: Host: 2u.pw
URL: https://2u.pw/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=894aa514cb1d371a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.40.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1281f3d09dd1cda9f8910f145e2385abab857e9bf5d744a4a89519cf4f09c70

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
Content-type: application/x-www-form-urlencoded
sec-ch-ua-full-version: "126.0.6478.61"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://2u.pw/BsO7FuHB
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
CF-Challenge: 4eb5adde9250f09
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 12:01:23 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fylHPwd%2BGY3g7OdpwI1Gyx8Vdm8zQuCyf1%2F4YA08UL6yz1C2%2B0kMEwWcOcQXSBJAG%2Fu%2BCDugwFdD6DsWJTh8HDQfXYXQAmmoyyPTabSOxtgjv%2B0gQwi6"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 894aa5184f95371a-FRA
alt-svc: h3=":443"; ma=86400
cf-chl-gen: lEtQheFxAAqIkL5FTQM2DQSauGAO3OcYjoseUhUBt0tbu0m0ik1NGX7V7crzRMJe$HdpQ5xV4WeMiwMO96wes4g==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xp1bd/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame B224 0
0 94ms
57ms Document
text/html 104.17.2.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xp1bd/0x4AAAAAAADnOjc0PNeA8qVm/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/api.js?onload=OZxW4&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 894aa518fc2b19a9-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jun 2024 12:01:23 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
BLOB 200
OK 52a46157-3a0c-4a88-a688-71c0fce04136
https://2u.pw/ 80 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://2u.pw/52a46157-3a0c-4a88-a688-71c0fce04136
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3418640c1204265881221580b9d1554424f6ed49549d408da50c690ab29f400

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://2u.pw/BsO7FuHB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 80
Content-Type: text/javascript

POST
H3 200 4eb5adde9250f09 Show response
2u.pw/cdn-cgi/challenge-platform/h/g/flow/ov1/499183917:1718536148:5lplqz4dam7C6u0papCLegtmwC5upkhudAkHYIL9oSM/894aa514cb1d371a/ 3 KB
3 KB 46ms
46ms XHR
text/html 172.66.40.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2u.pw/cdn-cgi/challenge-platform/h/g/flow/ov1/499183917:1718536148:5lplqz4dam7C6u0papCLegtmwC5upkhudAkHYIL9oSM/894aa514cb1d371a/4eb5adde9250f09
Requested by: Host: 2u.pw
URL: https://2u.pw/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=894aa514cb1d371a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.40.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 556dd88c364ba4c8d80619ea0c7fdedd6ce0e393c5f32a46299e181428c985d7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
Content-type: application/x-www-form-urlencoded
sec-ch-ua-full-version: "126.0.6478.61"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://2u.pw/BsO7FuHB
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
CF-Challenge: 4eb5adde9250f09
sec-ch-ua-platform: "Win32"

Response headers

cf-chl-out-s: FrcHTuY6Sb77TbsKZNT0r+N4WDq3EaDmGwum/rZOh26lwAzwwfLdlOirdnpCjTmS9fQ3J6fnKiszexpbq7QOzjGVo7YDDD15p7YklnVuX6+7JHiBC4r41iantMUXFAf2yoaB+U0wlf1z4+/gqgn6e03ptxwOUr0MctuPGhR5az9oMFX9ptk0XHPzayvwkgCjTM2SP/hH+IdXBqVlhSD65U1DzmJtbRwZPGuoXGfJKJBBKlLcV3UB9uDtufE9t8mviXT69xS1T7CyGjAO+7gSGA==$YJoe8ngFalVoYO+At6HfNw==
cf-chl-out: 6v59JQCl11bwvebe139WJ6j8PfV/PxT8UBmvHMU+X7syL0ixZZwqOhDprn3FKOX06VI7q4yNEnfkI4mz5RdP8O6iOxQyYe55Zi9nwUwta2A=$u4xwo1+UR3jsi3RZg1+YqA==
date: Sun, 16 Jun 2024 12:01:24 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZXnegLKFruWIFbodClZm5T%2FZwGX56%2FV1bRldjmmyfup6ulw%2BVJ6XvAn9Mh%2BjpGCtdly8krRUXWP2SUlqX4P4vjU9Qk%2FW9fjgyZTVyYWpyi6sBtvCr8gV"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 894aa5210aab371a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 Primary Request BsO7FuHB Show response
2u.pw/ 16 KB
8 KB 36ms
36ms Document
text/html 172.66.40.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2u.pw/BsO7FuHB

Requested by

Host: 2u.pw
URL: https://2u.pw/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=894aa514cb1d371a

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13ee2210eb6ae2dfb4c85ba5817b03a0c3113e6b1a34e136f378fff6e6d954fc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://2u.pw/BsO7FuHB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-arch: "x86"
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version: "126.0.6478.61"
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-mobile: ?0
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"
sec-ch-ua-platform-version: "10.0.0"

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: 3ZmTASJobEqwKMw5mLJ+igM+hFhWpNEtT4MvV09Fm5TavVm0EWEIh9g3Wi3rysiZPtP7FaLd51Iq4D2VX8QYr2HUPTg1m2WG5l5vFBl/2Ef7ssFgwhy2MZci6xN3R7UAu1vFH6oLnsq6daEmfi6JlQ==$FYawR8Fl6TOJG2Zwpjw7AA==
cf-mitigated: challenge
cf-ray: 894aa52dda82371a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Sun, 16 Jun 2024 12:01:26 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vnkEb6ddvzQ%2BL6aG5DqA%2BdKdk2yA%2FpEy5XKXACvYxMqqGm89rw1%2FWbhnXpY8CNcc7gwy5T%2FbpxLLWaFU8kUtvsA%2Fs7eIyiq%2BS1nsbzFpIO6Te631GJIu"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-options: nosniff
x-frame-options: SAMEORIGIN

POST rum
2u.pw/cdn-cgi/ 0
0

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
0 0ms
0ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: 2u.pw
URL: https://2u.pw/BsO7FuHB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://2u.pw
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 12:01:23 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 894aa5172ec137d2-FRA

GET
H3 200 v1 Show response
2u.pw/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 370 KB
103 KB 41ms
41ms Script
application/javascript 172.66.40.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2u.pw/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=894aa52dda82371a
Requested by: Host: 2u.pw
URL: https://2u.pw/BsO7FuHB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.40.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56fcdcc40a621443997338699ae5e0809aaef7d0d9c7057ff0156ad964ee742e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "126.0.6478.61"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://2u.pw/BsO7FuHB?__cf_chl_rt_tk=zczI6l5eKRd0pHREgw1Vkb6y54FhyZLvkqKjEnYw5oU-1718539286-0.0.1.1-3625
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 12:01:26 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fMcJK%2Fn5rFHx6fEgZhUnDLxyoo5dVRZDVJmLyYwb1gg%2FxhtrEMqiALOdS%2BODsDmLrsjpmqR823I4%2Fb3abbqOd%2F3Zqq%2F%2Fn7KFZorCPhdL76rsYQHt9zPK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 894aa52e2b04371a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/ 42 KB
0 0ms
0ms Script
application/javascript 104.17.3.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/api.js?onload=OZxW4&render=explicit
Requested by: Host: 2u.pw
URL: https://2u.pw/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=894aa52dda82371a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22401f58443400f39ce653a1736059092e1e5f85ffbbbaeda4b11c16b5bade6e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://2u.pw
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 12:01:23 GMT
content-encoding: br
last-modified: Thu, 06 Jun 2024 21:04:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 894aa517ba754dbf-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 favicon.ico
2u.pw/ 2 KB
2 KB 34ms
34ms Image
text/html 172.66.40.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2u.pw/favicon.ico

Requested by

Host: 2u.pw
URL: https://2u.pw/BsO7FuHB

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c77e84252508ea84f2c631edd2c236fd712955ef775c106e7fef0ee5c2b629

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "126.0.6478.61"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://2u.pw/BsO7FuHB
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 12:01:26 GMT
content-encoding: br
x-content-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
cf-chl-out: lzZu02B9vulSKdH+e+HqCOb5YZ5sGRAh1uoR/CB47HA1FhfmAgUZcyX0Z5xyZyR0bhCWXIUFRuQ4sc9XiYB4aBasv2rAc41nSQMQTz7bCJ5SbmLDxG9qPDKmtbAkYs73NJnIoZlsV1CO8+NokMrKhg==$ewNYiKYF6BYd6O8omaliyg==
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2Bwv%2F3Ex7ccmunSFIX1xW0MhQKfuyZN%2BSVx4RVxSKnyjXcEfmxsquvy3h01wALEPoeCIS6IwBnRQiT663CRhCzhL3ChvfVJVKEWLHZq2wAoxN6kkZe1h"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 894aa52eaba6371a-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
BLOB 200
OK 48d782f6-7e31-459a-a634-39a80d84166c
https://2u.pw/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://2u.pw/48d782f6-7e31-459a-a634-39a80d84166c
Requested by: Host: 2u.pw
URL: https://2u.pw/BsO7FuHB
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://2u.pw/BsO7FuHB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 204 rum Show response
2u.pw/cdn-cgi/ 0
134 B 27ms
26ms XHR
text/plain 172.66.40.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2u.pw/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "126.0.6478.61"
content-type: application/json
sec-ch-ua-platform-version: "10.0.0"
Referer: https://2u.pw/BsO7FuHB
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 12:01:26 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://2u.pw
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 894aa52eebf3371a-FRA

GET
H3 403 favicon.ico
2u.pw/ 15 KB
8 KB 32ms
32ms Other
text/html 172.66.40.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://2u.pw/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.40.142 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2a936fc6959205ab03308676aa782deb841d99ddb6b283c4d684f8d41a76bef

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "126.0.6478.61"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://2u.pw/BsO7FuHB
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 12:01:26 GMT
content-encoding: br
x-content-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
cf-chl-out: 6kSAMEEZ+n80GfC73GUDovm0pi0tdqWtYVrrQbisy9WH91KzBJR4YXEaS9HAqjU3AHZPEknYH7ffSnozX7Pj4DWQhbX8IGgSb5i7mPdM35DPvZb/xTvLOys/+ppgzCbQfGC72o1kNU2QW2AMZtnJzw==$phuUBpor0Cn5pJdgbaXgRw==
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ruMv29SpuRPXnThiHTU%2BUKUdhSz5EC1hyXauNLBw8GSjSr87F5ce3f0Ivo9ACJfTX3ONAct2GdyzyFcPB1pJ8fjIMK%2FekZ9VSUkMrRFSKw0mEhxdlRpP"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 894aa52f4c57371a-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H3 200 ebfe0b5d8b1accc Show response
2u.pw/cdn-cgi/challenge-platform/h/g/flow/ov1/1053547665:1718536092:z8ndu6UWbtajZc5Xr-DuRPatc-DgE_rzSx-zV3dThec/894aa52dda82371a/ 16 KB
12 KB 60ms
60ms XHR
text/plain 172.66.40.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2u.pw/cdn-cgi/challenge-platform/h/g/flow/ov1/1053547665:1718536092:z8ndu6UWbtajZc5Xr-DuRPatc-DgE_rzSx-zV3dThec/894aa52dda82371a/ebfe0b5d8b1accc
Requested by: Host: 2u.pw
URL: https://2u.pw/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=894aa52dda82371a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.40.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92a404e6539f1861dfbfdba77486d9e6581d9e8a4acd2a9007c4f44cbbb174d5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
Content-type: application/x-www-form-urlencoded
sec-ch-ua-full-version: "126.0.6478.61"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://2u.pw/BsO7FuHB
sec-ch-ua-full-version-list: "Not/A)Brand";v="8.0.0.0", "Chromium";v="126.0.6478.61", "Google Chrome";v="126.0.6478.61"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
CF-Challenge: ebfe0b5d8b1accc
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 12:01:26 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kSxi3w3AuoLO30v9jbPPYQ1SAvIquCneeGeJUAU9SiKH8f%2FBY71mp1Tm8MVbQgmVuU9GV%2F4RRYrub0oW06Ufp5gDHJ%2BpkeLetZPEpep8uL%2BFaEgBCwsP"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 894aa52f4c67371a-FRA
alt-svc: h3=":443"; ma=86400
cf-chl-gen: EBOqgfgppklWlZh3peVRfFTHQ+gqm2aPtoA77WBC55leL1RKyuC+SpFpWRpe1p7c$KpZzNaHK1iDEAG6fSnfTgQ==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/erg6k/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame 1C39 0
0 40ms
39ms Document
text/html 104.17.2.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/erg6k/0x4AAAAAAADnOjc0PNeA8qVm/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/api.js?onload=OZxW4&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 894aa52fda1319a9-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jun 2024 12:01:27 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
BLOB 200
OK 25e10d32-c5b3-420e-850d-b8347244d2fc
https://2u.pw/ 80 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://2u.pw/25e10d32-c5b3-420e-850d-b8347244d2fc
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3418640c1204265881221580b9d1554424f6ed49549d408da50c690ab29f400

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://2u.pw/BsO7FuHB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 80
Content-Type: text/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 2u.pw
URL: https://2u.pw/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			2u.pw/	1970-01-20 21:22:22	Name: cf_chl_rc_ni Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://2u.pw/BsO7FuHB Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://2u.pw/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://2u.pw/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://2u.pw/BsO7FuHB Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://2u.pw/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://2u.pw/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2u.pw
challenges.cloudflare.com
static.cloudflareinsights.com
2u.pw
104.17.2.184
104.17.3.184
172.66.40.142
2606:4700::6810:5049
0654c73be470a5cfdbb2fe6c37167fc9d8007466b6a0cc385825ccff8ca69e99
13ee2210eb6ae2dfb4c85ba5817b03a0c3113e6b1a34e136f378fff6e6d954fc
15c77e84252508ea84f2c631edd2c236fd712955ef775c106e7fef0ee5c2b629
22401f58443400f39ce653a1736059092e1e5f85ffbbbaeda4b11c16b5bade6e
4aa52dbea20beff0a89a402a842428fb848c9dc66041db504fa414125998c9a7
556dd88c364ba4c8d80619ea0c7fdedd6ce0e393c5f32a46299e181428c985d7
56fcdcc40a621443997338699ae5e0809aaef7d0d9c7057ff0156ad964ee742e
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
8941d09c27a58c57f24a5fde35a8609a337e8e4ca8e780d23b5f991b2a29fd6d
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
92a404e6539f1861dfbfdba77486d9e6581d9e8a4acd2a9007c4f44cbbb174d5
b5990c48f4992d3cbbed25cd9858ede3d840f2a4ef55a69d0dcee066f42cbba4
d1281f3d09dd1cda9f8910f145e2385abab857e9bf5d744a4a89519cf4f09c70
e2a936fc6959205ab03308676aa782deb841d99ddb6b283c4d684f8d41a76bef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f3418640c1204265881221580b9d1554424f6ed49549d408da50c690ab29f400

2u.pw Open in urlscan Pro 172.66.40.142 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

79 %HTTPS

25 %IPv6

3 Domains

3 Subdomains

5 IPs

2 Countries

289 kBTransfer

956 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

6 Console Messages

Security Headers

Indicators

2u.pw Open in urlscan Pro
172.66.40.142 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

79 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

5
IPs

2
Countries

289 kB
Transfer

956 kB
Size

1
Cookies

24 HTTP transactions
0 data transactions