urlscan.io logo urlscan.io
SecurityTrails logo

secure.drive.mareditnplantation.ink Open in urlscan Pro
5.104.83.188  Public Scan

Go To Rescan Add Verdict Report
URL: https://secure.drive.mareditnplantation.ink/avvqHnTX
Submission: On June 19 via manual from GB — Scanned from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 5.104.83.188, located in Denmark and belongs to CAPL-AS-AP Contabo Asia Private Limited, SG. The main domain is secure.drive.mareditnplantation.ink.
TLS certificate: Issued by R3 on June 3rd 2024. Valid for: 3 months.
This is the only time secure.drive.mareditnplantation.ink was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5.104.83.188 141995 (CAPL-AS-A...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 4
2    5.104.83.188 (Denmark)

ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG)
PTR: vmi1911590.contaboserver.net
secure.drive.mareditnplantation.ink
2    2606:4700::6811:3b8 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.com
1    2606:4700::6810:7b60 (United States)

ASN13335 (CLOUDFLARENET, US)
www.cloudflare.com
1    2606:4700::6811:2b8 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
5 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4311
cloudflare.com — Cisco Umbrella Rank: 116
www.cloudflare.com — Cisco Umbrella Rank: 6620
18 KB
2 mareditnplantation.ink
secure.drive.mareditnplantation.ink
14 KB
5 2
Domain Requested by
3 challenges.cloudflare.com 1 redirects secure.drive.mareditnplantation.ink
challenges.cloudflare.com
2 secure.drive.mareditnplantation.ink
1 www.cloudflare.com secure.drive.mareditnplantation.ink
1 cloudflare.com 1 redirects
5 4

This site contains no links.

Subject Issuer Validity Valid
secure.drive.mareditnplantation.ink
R3		 2024-06-03 -
2024-09-01		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://secure.drive.mareditnplantation.ink/avvqHnTX
Frame ID: 054A6CD25D3711BB176EFB1CCE0FD361
Requests: 4 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/mm6m4/0x4AAAAAAAWqdbzbkdNhwKtV/auto/normal
Frame ID: CCA3A82909E69C61B41571131210934C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page Statistics

5
Requests

60 %
HTTPS

80 %
IPv6

2
Domains

4
Subdomains

4
IPs

2
Countries

31 kB
Transfer

58 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/api.js
Request Chain 1
  • https://cloudflare.com/favicon.ico HTTP 301
  • https://www.cloudflare.com/favicon.ico

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request avvqHnTX
secure.drive.mareditnplantation.ink/ 		14 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.drive.mareditnplantation.ink/avvqHnTX?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.104.83.188 , Denmark, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1911590.contaboserver.net
Software
/
Resource Hash
b96eb654982166db9b660623b0a003eca57e891d48b0f8c3a79c7b25a81ebb53

Request headers

Accept-Language
da-DK,da;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
close
Content-Type
text/html
Transfer-Encoding
chunked
api.js
challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/api.js
42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/api.js
Requested by
Host: secure.drive.mareditnplantation.ink
URL: https://secure.drive.mareditnplantation.ink/avvqHnTX?
Protocol
H3
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22401f58443400f39ce653a1736059092e1e5f85ffbbbaeda4b11c16b5bade6e

Request headers

Accept-Language
da-DK,da;q=0.9;q=0.9
Referer
https://secure.drive.mareditnplantation.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 19 Jun 2024 14:51:07 GMT
content-encoding
br
last-modified
Thu, 06 Jun 2024 21:04:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
896455ddead482a0-ARN
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 19 Jun 2024 14:51:07 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/g/6aac8896f227/api.js
cache-control
max-age=300, public
cross-origin-resource-policy
cross-origin
cf-ray
896455dd79ce82a0-ARN
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
www.cloudflare.com/
Redirect Chain
  • https://cloudflare.com/favicon.ico
  • https://www.cloudflare.com/favicon.ico
2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cloudflare.com/favicon.ico
Requested by
Host: secure.drive.mareditnplantation.ink
URL: https://secure.drive.mareditnplantation.ink/avvqHnTX?
Protocol
H3
Server
2606:4700::6810:7b60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f84307ad691800e391fccb42b4ba290a87febf001abedfbe03b34767d45e441
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
da-DK,da;q=0.9;q=0.9
Referer
https://secure.drive.mareditnplantation.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-gww-loc
EN-US
date
Wed, 19 Jun 2024 14:51:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"ffb25f3edc5c56acfdf7e7cdffcb217c"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2BWfBkteNSFbfOk%2FqXqw23dzSTA%2BE3rv5SpbZMOPG%2BvAfxMh8nbwQeLpcDqb6YvdEWyGe57MvOIHBXHF2gpjj%2FICLcRrtRC0R4L7Mvsd7ufdET4T7yAZDyOLR5koG%2FYGNf%2BG845ACn2v7%2FZgDkIyLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
vary
Accept-Encoding
permissions-policy
geolocation=(), camera=(), microphone=()
cf-ray
896455de3e0b8295-ARN
x-pgs-loc
EN-US

Redirect headers

date
Wed, 19 Jun 2024 14:51:07 GMT
strict-transport-security
max-age=15780000; includeSubDomains
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HgeuXQP2LgiTSAdYzthGH2WodjD9RWfWwAPYGPewnGlGEghI%2Furt5M712AhxzOKRri69WdzwcJd2wDBcHa7McroDltfqnh8rutXlv%2FDuXZySZA0fF%2FiwDGkxiDDT92jJoC7pGR%2B5H84o9k%2FV"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://www.cloudflare.com/favicon.ico
cache-control
max-age=3600
cf-ray
896455dd7e6415e8-ARN
alt-svc
h3=":443"; ma=86400
content-length
167
expires
Wed, 19 Jun 2024 15:51:07 GMT
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/mm6m4/0x4AAAAAAAWqdbzbkdNhwKtV/auto/ Frame CCA3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/mm6m4/0x4AAAAAAAWqdbzbkdNhwKtV/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Accept-Language
da-DK,da;q=0.9;q=0.9
Referer
https://secure.drive.mareditnplantation.ink/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
896455dedff015e8-ARN
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 19 Jun 2024 14:51:07 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
favicon.ico
secure.drive.mareditnplantation.ink/ 		0
103 B 		Other
General
Check archive.org
Download Go to
Full URL
https://secure.drive.mareditnplantation.ink/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.104.83.188 , Denmark, ASN141995 (CAPL-AS-AP Contabo Asia Private Limited, SG),
Reverse DNS
vmi1911590.contaboserver.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://secure.drive.mareditnplantation.ink/avvqHnTX?
Accept-Language
da-DK,da;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Connection
close
Transfer-Encoding
chunked
Content-Type
text/html

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| EnterSite object| turnstile

3 Cookies

Domain/Path Name / Value
.mareditnplantation.ink/ Name: XhRy
Value: e0e699879c25e586788c3392830641ba71b6ec9463b978a331f033376417e394
.cloudflare.com/ Name: __cf_bm
Value: z3AoPRMUNkwbrU9xq5OVZJg3hOJ2__JlRGsjPPugi_I-1718808667-1.0.1.1-PvqijsCTjo9cI._emqz.joS2ZElOv.dv7s66V9c5ZSAclNL0X_B83XgeN.UQmzFXTUDiB18E9g_s.4fNH255yw
.www.cloudflare.com/ Name: __cf_bm
Value: zF8SRpxfpCooTTm123w31SzjEIUezvZQrWqMOX_Sg8M-1718808667-1.0.1.1-OHeaEX2Q9PBQeoIsj25J9kt0b5gDnl9rSlLiCIjZkB.DB0b5c9d0l5xkR_nboUqG2CF_yKAYgnsP8O4dSfmd4.1DlympNmJ289qyy2YqcV4

1 Console Messages

Source Level URL
Text
network error URL: https://secure.drive.mareditnplantation.ink/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)