urlscan.io logo urlscan.io
SecurityTrails logo

auth-connectscuritydomain.com Open in urlscan Pro
172.67.176.252  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sensitivebabegoingforfun.com/#ne
Effective URL: https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3
Submission Tags: 0xscam
Submission: On April 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 11 HTTP transactions. The main IP is 172.67.176.252, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth-connectscuritydomain.com.
TLS certificate: Issued by GTS CA 1P5 on February 21st 2024. Valid for: 3 months.
This is the only time auth-connectscuritydomain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 162.0.239.113 22612 (NAMECHEAP...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 10 172.67.176.252 13335 (CLOUDFLAR...)
11 3
Domain Requested by
11 auth-connectscuritydomain.com 1 redirects sensitivebabegoingforfun.com
auth-connectscuritydomain.com
1 sensitivebabegoingforfun.com
11 2

This site contains no links.

Subject Issuer Validity Valid
cpcontacts.sensitivebabegoingforfun.com
R3		 2024-04-03 -
2024-07-02		 3 months crt.sh
auth-connectscuritydomain.com
GTS CA 1P5		 2024-02-21 -
2024-05-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3
Frame ID: B6AA8032B37C950041AC034EA6103E3A
Requests: 9 HTTP requests in this frame

Frame: https://auth-connectscuritydomain.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: 2CA8646183DA7340E16AA637B32BEA8A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 Not Found

Page URL History Show full URLs

  1. https://sensitivebabegoingforfun.com/ Page URL
  2. https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3 Page URL
  3. https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3 Page URL
  4. https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3 Page URL

Page Statistics

11
Requests

91 %
HTTPS

33 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

32 kB
Transfer

30 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sensitivebabegoingforfun.com/ Page URL
  2. https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3 Page URL
  3. https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3 Page URL
  4. https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://auth-connectscuritydomain.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://auth-connectscuritydomain.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
sensitivebabegoingforfun.com/ 		680 B
888 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sensitivebabegoingforfun.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.0.239.113 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
vacantheartedness-badass.vpsrdns.web-hosting.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 05 Apr 2024 05:15:53 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
/
auth-connectscuritydomain.com/ 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3
Requested by
Host: sensitivebabegoingforfun.com
URL: https://sensitivebabegoingforfun.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4b0210f416508ffafee12191ac8a03b3a9c05f8c633e2d81ae220091e93e60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://sensitivebabegoingforfun.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
86f7101f6ced9054-FRA
content-type
text/html; charset=utf-8
date
Fri, 05 Apr 2024 05:15:54 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NB%2FrDGk0QO29DrkvijRuLZ7Wt%2BGqSmFM21WQSeUh9%2B7T1XRahhfijRWf9OAxRAuQx6mq6kKjGY4PXW3u3pUT9QVidlxyUmI52mx%2BT8NKev13xd5U6U43oWlwUEwAoAJ5KrxZaDqr0Xz2k1HKT%2FO4Oe7l7DgLaXNxmiuRUw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
/
auth-connectscuritydomain.com/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3
Requested by
Host: sensitivebabegoingforfun.com
URL: https://sensitivebabegoingforfun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Requested-TimeStamp-Expire
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
1W9FwayrT-TYFe48UTdhklb8XjA
24282428
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 05 Apr 2024 05:15:54 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=62jfSIFkH4ShV2idXVEUqQ3YMi%2F3x70KOSY6HvjKyy5bFcjrE8%2FHN5p6u9LIyjAbaq1VdgEBKf7o5bJ7gpOKn7VCLMU1ewKGYOS%2BHK6LarDcc6iqP880ejUWqOQa0FF%2F0mKLT3B3l7reYe4%2Bhgm3wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
86f71021edcd0369-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
main.js
auth-connectscuritydomain.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame 2CA8
Redirect Chain
  • https://auth-connectscuritydomain.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://auth-connectscuritydomain.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth-connectscuritydomain.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Protocol
H3
Server
172.67.176.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be0db9530de0847f8977fca3e22edd1d6de6a1a978b1ddc923e0eeef250064f9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Fri, 05 Apr 2024 05:15:54 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pvBSEHR2wP3sEhamP40XJOhkvaCf9shUNQz0LPmyMxLkfIVf6V8NpWngMn%2FuW%2F2barDz3oNMfdRgUp7pJj2aue7yZFVlKtsZz9tdL4HODylXi%2BrXh5TjY8%2Fb6eDjXEGVkWGh6ZZsKkDCmYoWCvIhqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
86f710224e1b0369-CDG
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 05 Apr 2024 05:15:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w2HpYZzjeLayVHMLEyNdxK6y6XrCSFNkPgL9WT30EXo701XnZP5ydq0mK7wjbwKTa56l%2B%2Fh%2F%2FWB2kxlSBAts89CW8hrNGF54DQP%2BBSa8zYfv1swxQFoeZ7DQ6texJjzfaBfBTgIJ22PIJD0CfANFjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
cache-control
max-age=300, public
cf-ray
86f71021edce0369-CDG
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
auth-connectscuritydomain.com/ 		548 B
654 B 		Other
General
Check archive.org
Download Go to
Full URL
https://auth-connectscuritydomain.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Fri, 05 Apr 2024 05:15:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1591348
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uvjH0hqK4Ch0u5ZECDbGdBaz7ojyi1OuU86Xkq%2Bk%2FPvbSYssWE3Ndh5ftsArKW1BZaRE0NHdZ%2F8sEHHzBXUb%2BhdYMlK2DRpKalhmuH5VjyUTk%2FUBNfNJNE%2FPW2BPrmVxG47Spm2seIP2D3PtrBEOFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray
86f71021edcf0369-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
86f7101f6ced9054
auth-connectscuritydomain.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 2CA8 		0
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth-connectscuritydomain.com/cdn-cgi/challenge-platform/h/b/jsd/r/86f7101f6ced9054
Requested by
Host: auth-connectscuritydomain.com
URL: https://auth-connectscuritydomain.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 05 Apr 2024 05:15:54 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l6s7xLDxbica6G5tNXkI%2FqXbwXyHGTGIOtNMNx5Gwjgz9IMHFK%2F7WJgWKLoSAR%2F5A%2BZRgTj0Sa8dNW5zobvMgCG16FlMd05VxXmv6tcScVYcAatUuUFovd0a2c%2BjtKhEqIGhgWAtrikwgeQ83Td7ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
86f710236f130369-CDG
alt-svc
h3=":443"; ma=86400
/
auth-connectscuritydomain.com/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3
Requested by
Host: sensitivebabegoingforfun.com
URL: https://sensitivebabegoingforfun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95584d015d16cfd27aebba060e11e83cccabb84d764ac4ce0674043372dbab2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
86f71024881a0369-CDG
content-type
text/html; charset=utf-8
date
Fri, 05 Apr 2024 05:15:55 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2JoFnHzbYsitriFQmGmHnS0MmjZhm%2BYSXG160%2B9qreXVDMEFJauFA2FyA7gcTtKBFyR6p8jCHo%2FKFYCpTl7YbosrpBWCbpQVIgSNVeBVQErt1dvdcQF2gj97UQK9Ukg%2Be%2Fz8bzL9HaibbmBCdFK9Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
/
auth-connectscuritydomain.com/ 		0
836 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3
Requested by
Host: sensitivebabegoingforfun.com
URL: https://sensitivebabegoingforfun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Requested-TimeStamp-Expire
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp
C3WjUVitk4O7-GGMVzMcFoXfn4o
24282428
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 05 Apr 2024 05:15:55 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j4T3y%2Byl4QSJ25WHxn2HZH%2BlrHZk%2FEKl6BVFTS6CC8IqG%2BVCJRUcIAvWZ1594abDouHJFKCMlsPKG5rAXbcezFJkOb6sPLwnVtcZqDCVIYLPJiXfUEl%2BRakTl51qpj4XDVKkILt5cB6kryNPR%2FgdUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
86f710261aa20369-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
favicon.ico
auth-connectscuritydomain.com/ 		548 B
650 B 		Other
General
Check archive.org
Download Go to
Full URL
https://auth-connectscuritydomain.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Fri, 05 Apr 2024 05:15:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1591349
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ThgXEHRPXwAc9FZC%2BHu3oE8Yc2ElcZNourcHP4XxpkEGUDBiL8XyLBDfm9%2F03C%2FVZ1XFafWRP5CEvgoOXYrIGcrCNrgWtaROe3bCue1zZ0Iw4DawfX8xjY87C1LabOnl568WdC4o9LWbmJp3DJwF0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray
86f710261aa60369-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
Primary Request /
auth-connectscuritydomain.com/ 		257 B
587 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3
Requested by
Host: sensitivebabegoingforfun.com
URL: https://sensitivebabegoingforfun.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5128b5e331cad19df2f67041ffc85bf716d6e6106dea098c37524593fb268e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86f71027af400369-CDG
content-encoding
br
content-type
text/html
date
Fri, 05 Apr 2024 05:15:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3GqMbVr7VNmllN8Rj%2BW4i1VH2Lz69rdrJDEtCcKLWOycWFZtoFwJ4kIkKFFRKtK4pbeU5sxLKc048H7Uge3oIlmlkBNh3FyWZ4WYA2MD6sTQ8DfvbsZMnmgEiLLg4cyaGeLH6Hl0czGUXpadm10TeA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block 1; mode=block
favicon.ico
auth-connectscuritydomain.com/ 		548 B
659 B 		Other
General
Check archive.org
Download Go to
Full URL
https://auth-connectscuritydomain.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Fri, 05 Apr 2024 05:15:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1591349
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6e4vnOzVwUT4nU650uzuXCIGN9Y%2F92UWv1%2BWva%2B2%2Ftky%2FVzg1zoqAVgTyyTF5xvPbgHwEsk%2BKaYvIJ2KyJXk4JvLRdPUyV6%2BwlkvfYlnl6vfTItTKSHFPRunmtgg3bdyBZXaNEwOvOndzNZ%2BXnNw9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray
86f7102a198a0369-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Domain/Path Name / Value
auth-connectscuritydomain.com/ Name: zXXqXNtgGfVOctn4BMcahlJuZ78
Value: roRTKG9ciQAFwz-19BsAJ2JYUzc
auth-connectscuritydomain.com/ Name: u-dVldAbBS6tvquWz5NYly73OHU
Value: PONK2UL91G7avTWWGOMS2hrae1g
auth-connectscuritydomain.com/ Name: Pj66KpmN8EfGdwRViowB9u51nU4
Value: 8UIlXb_GgK-eNrVn1VXmCzJqZlU
.auth-connectscuritydomain.com/ Name: cf_clearance
Value: b.JYKyKpri35Fc2Hgvau6BljW2yry5PSpVmXDHZlm4Y-1712294154-1.0.1.1-TfGNy1W8OfDPOtYXDI8W_7cJ1CnHhT3qXAtagI8sSmvFKPvrqMiyYyGnDCjKJSVT4OLe_z1HzfdAu_WA440.mQ
auth-connectscuritydomain.com/ Name: H6e7YKVhjL2a3n5ztgJCTo_0F3k
Value: 1712294152
auth-connectscuritydomain.com/ Name: F7awtoBRBwcjiftwtSI7SAHz2KY
Value: 1712380552
auth-connectscuritydomain.com/ Name: vsGfql5QoNNtVE0HM1pv34ZVnD8
Value: 19cp-Tfl9wuHJHuFoqcCkzvZzxM
auth-connectscuritydomain.com/ Name: nN6GElcnAcWYBJ3pz-HpuZrZKds
Value: 4Ic7P6Vf_wV9yENLS26iSckb1oY
auth-connectscuritydomain.com/ Name: WIdKGR1ug5q72J5LD4JSrN_Tuw0
Value: 1712294154
auth-connectscuritydomain.com/ Name: tV5E0OHRv635KYMM1dPc4byQwdU
Value: 1712380554
auth-connectscuritydomain.com/ Name: xlZiFaeaVZvWV-LOe3ho2LNJA6U
Value: LjXRLxL4lYWNLSVfySisNaoMJtU

7 Console Messages

Source Level URL
Text
network error URL: https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://auth-connectscuritydomain.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://auth-connectscuritydomain.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://auth-connectscuritydomain.com/?HfavXGu1pymSCXG3
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://auth-connectscuritydomain.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()