urlscan.io logo urlscan.io
SecurityTrails logo

diversemagicaljourneys.com Open in urlscan Pro
184.94.213.150  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ap.lc/rRNhs
Effective URL: https://diversemagicaljourneys.com/.tmb/tru.php
Submission: On November 04 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 14 HTTP transactions. The main IP is 184.94.213.150, located in United States and belongs to NAMECHEAP-NET, US. The main domain is diversemagicaljourneys.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 21st 2023. Valid for: a year.
This is the only time diversemagicaljourneys.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 66.29.146.31 22612 (NAMECHEAP...)
1 209.87.159.73 36444 (NEXCESS-NET)
1 199.232.194.2 54113 (FASTLY)
1 184.94.213.150 22612 (NAMECHEAP...)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
6 104.19.218.90 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.19.219.90 13335 (CLOUDFLAR...)
14 9
1    2606:4700:3033::ac43:c103 (United States)

ASN13335 (CLOUDFLARENET, US)
ap.lc
1    66.29.146.31 (Charlotte, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium226-2.web-hosting.com
opaliteproperties.com
1    209.87.159.73 (United States)

ASN36444 (NEXCESS-NET, US)
PTR: cloudhost-5952977.us-midwest-1.nxcli.net
belvederesquare.com
1    199.232.194.2 (United States)

ASN54113 (FASTLY, US)
media.giphy.com
1    184.94.213.150 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium281-4.web-hosting.com
diversemagicaljourneys.com
3    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
6    104.19.218.90 (None, )

ASN13335 (CLOUDFLARENET, US)
www.hcaptcha.com
newassets.hcaptcha.com
hcaptcha.com
2    2606:4700::6812:1b3e (United States)

ASN13335 (CLOUDFLARENET, US)
captcha.website
1    104.19.219.90 (None, )

ASN13335 (CLOUDFLARENET, US)
newassets.hcaptcha.com
Apex Domain
Subdomains		 Transfer
7 hcaptcha.com
www.hcaptcha.com — Cisco Umbrella Rank: 128101
newassets.hcaptcha.com — Cisco Umbrella Rank: 9862
hcaptcha.com — Cisco Umbrella Rank: 7038
515 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 903
24 KB
2 captcha.website
captcha.website
4 KB
1 diversemagicaljourneys.com
diversemagicaljourneys.com
4 KB
1 giphy.com
media.giphy.com — Cisco Umbrella Rank: 9915
22 KB
1 belvederesquare.com
belvederesquare.com
3 KB
1 opaliteproperties.com
opaliteproperties.com
582 B
1 ap.lc
ap.lc
1 KB
14 8
Domain Requested by
5 newassets.hcaptcha.com www.hcaptcha.com
newassets.hcaptcha.com
3 unpkg.com 2 redirects diversemagicaljourneys.com
2 captcha.website diversemagicaljourneys.com
1 hcaptcha.com newassets.hcaptcha.com
1 www.hcaptcha.com diversemagicaljourneys.com
1 diversemagicaljourneys.com
1 media.giphy.com opaliteproperties.com
1 belvederesquare.com opaliteproperties.com
1 opaliteproperties.com
1 ap.lc 1 redirects
14 10

This site contains no links.

Subject Issuer Validity Valid
opaliteproperties.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-27 -
2024-04-27		 a year crt.sh
cffc097157.nxcli.io
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.giphy.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-02 -
2024-10-03		 a year crt.sh
diversemagicaljourneys.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-21 -
2024-04-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-15 -
2024-04-14		 a year crt.sh
captcha.website
E1		 2023-10-20 -
2024-01-18		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://diversemagicaljourneys.com/.tmb/tru.php
Frame ID: C84BBD0528D728CB8EB99658784B4153
Requests: 8 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/096d3a6/static/hcaptcha.html
Frame ID: 77B9C4ED692095BA19123A841B0A7B3D
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/096d3a6/static/hcaptcha.html
Frame ID: B65EAA13DC11D99D43FAF5BE6BDE8E99
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Human Verification

Page URL History Show full URLs

  1. https://ap.lc/rRNhs HTTP 302
    https://opaliteproperties.com/wp-content/ai1wm-backups/tr4.html?01 Page URL
  2. https://diversemagicaljourneys.com/.tmb/tru.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

14
Requests

93 %
HTTPS

33 %
IPv6

8
Domains

10
Subdomains

9
IPs

2
Countries

571 kB
Transfer

1691 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ap.lc/rRNhs HTTP 302
    https://opaliteproperties.com/wp-content/ai1wm-backups/tr4.html?01 Page URL
  2. https://diversemagicaljourneys.com/.tmb/tru.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ap.lc/rRNhs HTTP 302
  • https://opaliteproperties.com/wp-content/ai1wm-backups/tr4.html?01
Request Chain 3
  • https://unpkg.com/imask HTTP 302
  • https://unpkg.com/imask@7.1.3 HTTP 302
  • https://unpkg.com/imask@7.1.3/dist/imask.js

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
tr4.html
opaliteproperties.com/wp-content/ai1wm-backups/
Redirect Chain
  • https://ap.lc/rRNhs
  • https://opaliteproperties.com/wp-content/ai1wm-backups/tr4.html?01
1 KB
582 B 		Document
General
Check archive.org
Download Go to
Full URL
https://opaliteproperties.com/wp-content/ai1wm-backups/tr4.html?01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.29.146.31 Charlotte, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium226-2.web-hosting.com
Software
LiteSpeed /
Resource Hash
c975be6b9d99ee261b4e271d237719faa729c15a7e04d243822443e71ea01868

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
br
content-length
415
content-type
text/html
date
Sat, 04 Nov 2023 18:18:20 GMT
last-modified
Sat, 04 Nov 2023 15:42:10 GMT
server
LiteSpeed
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate no-cache, private
cf-cache-status
DYNAMIC
cf-ray
820edbc49a4eb72a-AMS
content-type
text/html; charset=UTF-8
date
Sat, 04 Nov 2023 18:18:16 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://opaliteproperties.com/wp-content/ai1wm-backups/tr4.html?01
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAS8FZfNtVaTN2UV%2BFPl1SSmNMh0cYav7I6YO%2BtVv%2FTfjF1HczxRwjpeQY0jAq%2FHO4VXIyFM2WOqfHcn4tlzkz19pLbKureiUWLhp9hsryiSnxAYS%2F3VsAHCfGofZC7lroy0fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
truist-logo-300x300.png.webp
belvederesquare.com/wp-content/uploads/2013/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://belvederesquare.com/wp-content/uploads/2013/10/truist-logo-300x300.png.webp
Requested by
Host: opaliteproperties.com
URL: https://opaliteproperties.com/wp-content/ai1wm-backups/tr4.html?01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.87.159.73 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS
cloudhost-5952977.us-midwest-1.nxcli.net
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://opaliteproperties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 18:18:21 GMT
last-modified
Thu, 31 Mar 2022 18:20:23 GMT
server
nginx
etag
"a30-5db87b720c7c0"
x-cache-nxaccel
BYPASS
content-type
image/webp
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2608
expires
Mon, 04 Nov 2024 00:18:21 GMT
giphy.gif
media.giphy.com/media/xUPGciQ9ZEKWnEUXYI/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.giphy.com/media/xUPGciQ9ZEKWnEUXYI/giphy.gif
Requested by
Host: opaliteproperties.com
URL: https://opaliteproperties.com/wp-content/ai1wm-backups/tr4.html?01
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.194.2 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fbb523c75a42174634cb71d514f513e9546e327130f59c1ef9a5342a0e719392
Security Headers
Name Value
Strict-Transport-Security max-age=15465600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://opaliteproperties.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 18:18:20 GMT
strict-transport-security
max-age=15465600
age
2676558
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
22112
x-served-by
cache-iad-kiad7000141-IAD, cache-fra-etou8220053-FRA
last-modified
Tue, 19 Mar 2019 01:30:10 GMT
x-timer
S1699121901.760971,VS0,VE1
etag
"60778a01174cddfebebf54aa7f47cb12"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
x-robots-tag
noai, noimageai
x-cache-hits
146, 1
Primary Request tru.php
diversemagicaljourneys.com/.tmb/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://diversemagicaljourneys.com/.tmb/tru.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.94.213.150 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium281-4.web-hosting.com
Software
LiteSpeed / PHP/7.4.33
Resource Hash
fa7d77cb0d4f65f1da82893cb793d6a0dedb3399bd859506619429a7cf789d83

Request headers

Referer
https://opaliteproperties.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
3271
content-type
text/html; charset=UTF-8
date
Sat, 04 Nov 2023 18:18:23 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
x-turbo-charged-by
LiteSpeed
imask.js
unpkg.com/imask@7.1.3/dist/
Redirect Chain
  • https://unpkg.com/imask
  • https://unpkg.com/imask@7.1.3
  • https://unpkg.com/imask@7.1.3/dist/imask.js
108 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/imask@7.1.3/dist/imask.js
Requested by
Host: diversemagicaljourneys.com
URL: https://diversemagicaljourneys.com/.tmb/tru.php
Protocol
H2
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e7a5c70376b125d470d570585ff230cd777cfbbd9e4fbedc18d2de0c8dc83d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diversemagicaljourneys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 18:18:23 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
9456841
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01H5KY5HMZC5DVVN4J0NWS4VXD-fra
server
cloudflare
etag
W/"1ae1d-r3wKbDdr0Tj2yWbqhqDgCO3SNrM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
820edbfa3b4c18d1-FRA

Redirect headers

date
Sat, 04 Nov 2023 18:18:23 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01H5KY5GSK25H9XJ8P98N4JW2X-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
9456841
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/imask@7.1.3/dist/imask.js
cache-control
public, max-age=31536000
cf-ray
820edbf9da9718d1-FRA
api.js
www.hcaptcha.com/1/ 		324 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hcaptcha.com/1/api.js
Requested by
Host: diversemagicaljourneys.com
URL: https://diversemagicaljourneys.com/.tmb/tru.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac4a01c00dee8ff20e6ebd5eae9d4da5b6e4af5dd649474d38d0a807b508c4da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diversemagicaljourneys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 18:18:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
g2vUE1nnlq4eIpcxEiiA1YyElCYT_3GR
age
0
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 Nov 2023 13:55:21 GMT
server
cloudflare
etag
W/"2b0cc1655ff6461dbaabe06137a855fb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
cf-ray
820edbf97d9e9a05-FRA
x-amz-cf-id
XJN0yYfmqVGr17zaxAFkmv7ZROd-uOGTCv_0Toq5H87Mn21RX_Jz4A==
browser-bar.png
captcha.website/cdn-cgi/images/ 		715 B
956 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://captcha.website/cdn-cgi/images/browser-bar.png?1376755637
Requested by
Host: diversemagicaljourneys.com
URL: https://diversemagicaljourneys.com/.tmb/tru.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diversemagicaljourneys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 18:18:23 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2023 14:30:26 GMT
server
cloudflare
etag
"653bc982-2cb"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
820edbf99cc730db-FRA
content-length
715
expires
Sat, 04 Nov 2023 20:18:23 GMT
cf-no-screenshot-warn.png
captcha.website/cdn-cgi/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://captcha.website/cdn-cgi/images/cf-no-screenshot-warn.png
Requested by
Host: diversemagicaljourneys.com
URL: https://diversemagicaljourneys.com/.tmb/tru.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://diversemagicaljourneys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 18:18:23 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 Oct 2023 14:30:26 GMT
server
cloudflare
etag
"653bc982-a20"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
820edbf99cc930db-FRA
content-length
2592
expires
Sat, 04 Nov 2023 20:18:23 GMT
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/096d3a6/static/ Frame 77B9 		2 KB
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/096d3a6/static/hcaptcha.html
Requested by
Host: www.hcaptcha.com
URL: https://www.hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3af580b7cdf08fa1a127ed8ff57ae7424af7191fd59b6fb7bd1ce838e58cefcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://diversemagicaljourneys.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
354
alt-svc
h3=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
820edbfa4ead9a05-FRA
content-encoding
br
content-type
text/html
cross-origin-embedder-policy
credentialless
cross-origin-resource-policy
cross-origin
date
Sat, 04 Nov 2023 18:18:23 GMT
last-modified
Wed, 01 Nov 2023 13:55:21 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
x-amz-cf-id
Dp0HqSckinkoIEhzDo9RN084xYzjfc5Erydb4pOwCWVhdPYGphBHGg==
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
rg4mSC9yGtpZUWD.3M8Iz9uJiJ.6MoD_
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/096d3a6/static/ Frame B65E 		2 KB
942 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/096d3a6/static/hcaptcha.html
Requested by
Host: www.hcaptcha.com
URL: https://www.hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3af580b7cdf08fa1a127ed8ff57ae7424af7191fd59b6fb7bd1ce838e58cefcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://diversemagicaljourneys.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
354
alt-svc
h3=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
820edbfa4eaf9a05-FRA
content-encoding
br
content-type
text/html
cross-origin-embedder-policy
credentialless
cross-origin-resource-policy
cross-origin
date
Sat, 04 Nov 2023 18:18:23 GMT
last-modified
Wed, 01 Nov 2023 13:55:21 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
x-amz-cf-id
Dp0HqSckinkoIEhzDo9RN084xYzjfc5Erydb4pOwCWVhdPYGphBHGg==
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
rg4mSC9yGtpZUWD.3M8Iz9uJiJ.6MoD_
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/096d3a6/ Frame B65E 		324 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/096d3a6/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/096d3a6/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac4a01c00dee8ff20e6ebd5eae9d4da5b6e4af5dd649474d38d0a807b508c4da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/096d3a6/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 18:18:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
g2vUE1nnlq4eIpcxEiiA1YyElCYT_3GR
age
358
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 Nov 2023 13:55:21 GMT
server
cloudflare
etag
W/"2b0cc1655ff6461dbaabe06137a855fb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
820edbfaaf299a05-FRA
x-amz-cf-id
XJN0yYfmqVGr17zaxAFkmv7ZROd-uOGTCv_0Toq5H87Mn21RX_Jz4A==
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/096d3a6/ Frame 77B9 		324 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/096d3a6/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/096d3a6/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac4a01c00dee8ff20e6ebd5eae9d4da5b6e4af5dd649474d38d0a807b508c4da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/096d3a6/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 18:18:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
g2vUE1nnlq4eIpcxEiiA1YyElCYT_3GR
age
358
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 01 Nov 2023 13:55:21 GMT
server
cloudflare
etag
W/"2b0cc1655ff6461dbaabe06137a855fb"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
820edbfabf389a05-FRA
x-amz-cf-id
XJN0yYfmqVGr17zaxAFkmv7ZROd-uOGTCv_0Toq5H87Mn21RX_Jz4A==
truncated
/ Frame B65E 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
hcaptcha.com/ Frame 77B9 		631 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=096d3a6&host=diversemagicaljourneys.com&sitekey=29ef0b88-3483-4311-b2c6-ad9ff1536658&sc=1&swa=1&spst=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/096d3a6/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e468eec0c3e60a03514309dc1d552ef05f8e2dbcd8e35d448f478341abdfd01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://newassets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Nov 2023 18:18:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
access-control-allow-credentials
true
cf-ray
820edbfb98129a05-FRA
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
alt-svc
h3=":443"; ma=86400
hsw.js
newassets.hcaptcha.com/c/10c77f8/ Frame 77B9 		567 KB
239 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/c/10c77f8/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/096d3a6/hcaptcha.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9280732b06d34f35d723e572fdc3e4ef9386c43a4db57f5e90cb7383001ba8d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/096d3a6/static/hcaptcha.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 18:18:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 b81d17a9e7eef1e489776410aee346e2.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
loy0mmN2HQ6t5jMv8OVo8j5SrW1bt05c
age
250009
x-amz-cf-pop
CDG50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 27 Oct 2023 17:40:11 GMT
server
cloudflare
etag
W/"4dc03b87946485c8d28e04a6f84d8b63"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
820edbfc2c945be5-FRA
x-amz-cf-id
5h3R89Y5F5VjkLkdLob6Mu-AVofVCgafJJJhywd222EJzp3NIHmHgw==

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| submitForm object| Raven object| hcaptcha object| grecaptcha function| IMask

4 Cookies

Domain/Path Name / Value
ap.lc/ Name: PHPSESSID
Value: dvgvhhuuj10jsd7qhsd3iclh2g
ap.lc/ Name: short_882882
Value: 1
ap.lc/ Name: urlverkorten_session
Value: eyJpdiI6ImVqSGZTR0UrQTQ4S2xlU21KNFZjNUE9PSIsInZhbHVlIjoiK2g3RXM5c2JQSjBiQ1IxS0VmRGpqT1J4ZjZyOEx1cnp2Z1RaeVVYaXVWQkFRZTZRUWpkbE9ZTTM2b29nbEhEYUlLL0lEcHRGWGpFSjJFKys5dzNab3JVYnZOTlRaZTFaclRtclp5cUpwTjZBTGRIUTBoVUxHbURhYldVNkVFUGkiLCJtYWMiOiI2MzY5MjJjN2NkZmMwZWQxNGI2OThmN2MwYzNlNDVjZmZiNWVjZmM4NGZiZTU3NGQ4ZjNiZTRkNjA3YTZkNTkzIiwidGFnIjoiIn0%3D
diversemagicaljourneys.com/ Name: PHPSESSID
Value: 307344c2d070612fa000a0e6dad788b8