7a96005b.0ab05843e6142fb8b4ad6cf1.workers.dev Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://news.aiccampaign.com/p?h=HwOLjtfiW2yHAKsD1stCKxBj7FkaC&activityId=10248378&target=http://zzznkg.aloxt.unshrinkingness...
Effective URL:
https://7a96005b.0ab05843e6142fb8b4ad6cf1.workers.dev/?qrc=emma.hutson@state.mn.us
Submission: On July 28 via api (July 28th 2023, 5:15:11 pm UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 12 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is 7a96005b.0ab05843e6142fb8b4ad6cf1.workers.dev.
TLS certificate: Issued by E1 on June 21st 2023. Valid for: 3 months.

This is the only time 7a96005b.0ab05843e6142fb8b4ad6cf1.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.111.12.66 34.111.12.66	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2606:4700::68... 2606:4700::6811:2b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	4

1 34.111.12.66 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 66.12.111.34.bc.googleusercontent.com

news.aiccampaign.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

zzznkg.aloxt.unshrinkingness.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

7a96005b.0ab05843e6142fb8b4ad6cf1.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:2b8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 6466	217 KB
1	workers.dev 7a96005b.0ab05843e6142fb8b4ad6cf1.workers.dev	2 KB
1	unshrinkingness.org zzznkg.aloxt.unshrinkingness.org	2 KB
1	aiccampaign.com 1 redirects news.aiccampaign.com — Cisco Umbrella Rank: 450786	155 B
12	4

	Domain	Requested by
8	challenges.cloudflare.com	1 redirects 7a96005b.0ab05843e6142fb8b4ad6cf1.workers.dev challenges.cloudflare.com
1	7a96005b.0ab05843e6142fb8b4ad6cf1.workers.dev	zzznkg.aloxt.unshrinkingness.org
1	zzznkg.aloxt.unshrinkingness.org
1	news.aiccampaign.com	1 redirects
12	4

This site contains no links.

Subject Issuer	Validity	Valid
0ab05843e6142fb8b4ad6cf1.workers.dev E1	`2023-06-21` - `2023-09-19`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://7a96005b.0ab05843e6142fb8b4ad6cf1.workers.dev/?qrc=emma.hutson@state.mn.us
Frame ID: AE611FD1A835F1E82AAF93FD5D7F52CD
Requests: 3 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/z7a8w/0x4AAAAAAAHRbJqPImzA_n8H/auto/normal
Frame ID: 7BBCB3F41C0A757F53253325B1887171
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

https://news.aiccampaign.com/p?h=HwOLjtfiW2yHAKsD1stCKxBj7FkaC&activityId=10248378&target=http://zzznkg.a... HTTP 307
http://zzznkg.aloxt.unshrinkingness.org/ZW1tYS5odXRzb25Ac3RhdGUubW4udXM= Page URL
https://7a96005b.0ab05843e6142fb8b4ad6cf1.workers.dev/?qrc=emma.hutson@state.mn.us Page URL

Page Statistics

12
Requests

58 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

221 kB
Transfer

427 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://news.aiccampaign.com/p?h=HwOLjtfiW2yHAKsD1stCKxBj7FkaC&activityId=10248378&target=http://zzznkg.aloxt.unshrinkingness.org%2FZW1tYS5odXRzb25Ac3RhdGUubW4udXM= HTTP 307
http://zzznkg.aloxt.unshrinkingness.org/ZW1tYS5odXRzb25Ac3RhdGUubW4udXM= Page URL
https://7a96005b.0ab05843e6142fb8b4ad6cf1.workers.dev/?qrc=emma.hutson@state.mn.us Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://news.aiccampaign.com/p?h=HwOLjtfiW2yHAKsD1stCKxBj7FkaC&activityId=10248378&target=http://zzznkg.aloxt.unshrinkingness.org%2FZW1tYS5odXRzb25Ac3RhdGUubW4udXM= HTTP 307
http://zzznkg.aloxt.unshrinkingness.org/ZW1tYS5odXRzb25Ac3RhdGUubW4udXM=

Request Chain 1

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
https://challenges.cloudflare.com/turnstile/v0/b/11b725eb/api.js?onload=onloadTurnstileCallback

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

ZW1tYS5odXRzb25Ac3RhdGUubW4udXM=
zzznkg.aloxt.unshrinkingness.org/
Redirect Chain

https://news.aiccampaign.com/p?h=HwOLjtfiW2yHAKsD1stCKxBj7FkaC&activityId=10248378&target=http://zzznkg.aloxt.unshrinkingness.org%2FZW1tYS5odXRzb25Ac3RhdGUubW4udXM=
http://zzznkg.aloxt.unshrinkingness.org/ZW1tYS5odXRzb25Ac3RhdGUubW4udXM=

2 KB
2 KB

416ms
325ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://zzznkg.aloxt.unshrinkingness.org/ZW1tYS5odXRzb25Ac3RhdGUubW4udXM=
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7edec326fd3c2bc6-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 Jul 2023 17:15:06 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AUHtth0O5zBqfXmix%2BCbOteHj%2BnNDApLzUGaPUwVxYX5g9BoGe0NHyWhyVg4eD2D9RcBdS9EwvL6OCsJcThCy96qsd6bGNEyp85CtcY%2B08Q2mLBrh16XlMtOXthtwf36suz5SbO30yjehmHl6jflGSR%2FXQzYxTHeowoVVepwKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 28 Jul 2023 17:15:06 GMT
location: http://zzznkg.aloxt.unshrinkingness.org/ZW1tYS5odXRzb25Ac3RhdGUubW4udXM=
via: 1.1 google

GET
H2 200 Primary Request / Show response
7a96005b.0ab05843e6142fb8b4ad6cf1.workers.dev/ 3 KB
2 KB 156ms
47ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://7a96005b.0ab05843e6142fb8b4ad6cf1.workers.dev/?qrc=emma.hutson@state.mn.us
Requested by: Host: zzznkg.aloxt.unshrinkingness.org
URL: http://zzznkg.aloxt.unshrinkingness.org/ZW1tYS5odXRzb25Ac3RhdGUubW4udXM=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f2c00c144de5363b3b0ff6f4bf725b88cb255ea692f96fd676c9bdca70ad2f5

Request headers

Referer: http://zzznkg.aloxt.unshrinkingness.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 7edec329db981ac5-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Fri, 28 Jul 2023 17:15:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCkPC8UDW09iywTNszlt7kkEgEbH4CAV0f0%2FHPhqS4hw7yIq7x6%2FZeHLKYWKQ3JSC9gJTDEb7ePr%2B35visnBcOE9ezeaNapMroHELpN%2BzDBtOV9nHdQLEaT99LJKQOGhUbRzXmz4OPuU%2BsYtmBUGNfx%2BQ7trY7DhgvqPbDz5sVMxyszessqOEjOhjYY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/b/11b725eb/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
https://challenges.cloudflare.com/turnstile/v0/b/11b725eb/api.js?onload=onloadTurnstileCallback

25 KB
9 KB

77ms
59ms

Script
application/javascript

2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/11b725eb/api.js?onload=onloadTurnstileCallback
Requested by: Host: 7a96005b.0ab05843e6142fb8b4ad6cf1.workers.dev
URL: https://7a96005b.0ab05843e6142fb8b4ad6cf1.workers.dev/?qrc=emma.hutson@state.mn.us
Protocol: H2
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecd0b8c3807eed23112c89bd06b4fdc99ac40add0d34bab2e3e3156ae6796e1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7a96005b.0ab05843e6142fb8b4ad6cf1.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 17:15:07 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7edec32b8d4a39c7-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 28 Jul 2023 17:15:07 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /turnstile/v0/b/11b725eb/api.js?onload=onloadTurnstileCallback
cache-control: max-age=300, public
cf-ray: 7edec32b2ca539c7-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/z7a8w/0x4AAAAAAAHRbJqPImzA_n8H/auto/ Frame 7BBC 24 KB
8 KB 53ms
52ms Document
text/html 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/z7a8w/0x4AAAAAAAHRbJqPImzA_n8H/auto/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c03d09689b3f6f3abf3af2b3964fcbd5899fe2f7e29640a70da31d7f2854cf1

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: https://7a96005b.0ab05843e6142fb8b4ad6cf1.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7edec32c0b0837e8-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 17:15:07 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 7BBC 182 KB
62 KB 53ms
53ms Script
application/javascript 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7edec32c0b0837e8
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/z7a8w/0x4AAAAAAAHRbJqPImzA_n8H/auto/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b7afb90393e9cf9b1e0169403b19ee523a918a0a2061295dc38f0128aca3a62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/z7a8w/0x4AAAAAAAHRbJqPImzA_n8H/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 17:15:07 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7edec32c8bf537e8-FRA
alt-svc: h3=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

GET
BLOB 200
OK 0d963755-54b3-4f61-8d26-bb62484ab00e
https://challenges.cloudflare.com/ Frame 7BBC 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/0d963755-54b3-4f61-8d26-bb62484ab00e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/z7a8w/0x4AAAAAAAHRbJqPImzA_n8H/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 200 390aa97ac056faa Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1757574354:1690560611:bZCI7ellnkQtiMA0zvXF7R2Dc5qBLxgbR57mWu_WQm8/7edec32c0b0837e8/ Frame 7BBC 176 KB
127 KB 132ms
131ms XHR
text/plain 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1757574354:1690560611:bZCI7ellnkQtiMA0zvXF7R2Dc5qBLxgbR57mWu_WQm8/7edec32c0b0837e8/390aa97ac056faa
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7edec32c0b0837e8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 360c43a3ec99c9a8cfadbe3c99065f651513d4fb7f9b661c1fcc56ead6a4ae3b

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/z7a8w/0x4AAAAAAAHRbJqPImzA_n8H/auto/normal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
CF-Challenge: 390aa97ac056faa
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: FDO04E95M7KJMwH4eAvcM1Chj/xY0YWij5xYowpt3tlyMwhxZs9I/53/JaWFYRujtKW+8D7e4O55yS2jEaenTGeka58NYNNrZ32bZDaSyp9vVY/KphzdGNwF5Mi0XX3qp5H9i8akFXzaVC+K+A0KUk3hjY7plh9NsqCtws+kiCp3173mcTtxVDQqWxMqnV1smregAOl20BVitKXrbYWp9oWisb1jB5fhFuNE16xqk8gFFRzMLng9DWGzE9D9CxbygJyYVk4yP+rZ/eWFtYsgMd16afLZeF9kbRM0EIZzNTDMNAC1CoEMcOcwq6hEnXmnRcQFt4C0ptcspOxz/6RNAhbbN6nuEe+Kdwdaw/aiBpBWP5tf5U1Ct3r4V5xbCccACJyuZSC5wdf5TcrN13roIP7o5Qe/NN6JrA7zrAsfbl2LBDEjMtCwt0tr4f8dZV114EaugYjhyd6WCZMorRl0tVIs5iWBi0FY+V5m2k0SUfI=$pIHGjGGP/y+GHZXljB391g==
date: Fri, 28 Jul 2023 17:15:07 GMT
content-encoding: br
server: cloudflare
cf-ray: 7edec32e2ea137e8-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 t9lRKCngA9euxs5
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/7edec32c0b0837e8/1690564507882/ Frame 7BBC 61 B
147 B 67ms
66ms Image
image/png 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/7edec32c0b0837e8/1690564507882/t9lRKCngA9euxs5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e98ec588321df01fe36c71106d94b4a528e17d4a76b1842cf454ea8dbb7b836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/z7a8w/0x4AAAAAAAHRbJqPImzA_n8H/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 17:15:08 GMT
server: cloudflare
cf-ray: 7edec3344f6037e8-FRA
alt-svc: h3=":443"; ma=86400
content-type: image/png

GET
BLOB 200
OK d4b6b8cd-f3f4-48e7-85ef-8ade16927b77
https://challenges.cloudflare.com/ Frame 7BBC 656 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/d4b6b8cd-f3f4-48e7-85ef-8ade16927b77
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/z7a8w/0x4AAAAAAAHRbJqPImzA_n8H/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 656
Content-Type: text/javascript

GET
H3 401 16KkKE06r8j14pt Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7edec32c0b0837e8/1690564507883/fbc8a795a7533f78ebb173887b75681c74a101c76919df85d2eee584945c371a/ Frame 7BBC 1 B
628 B 56ms
55ms Fetch
text/plain 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7edec32c0b0837e8/1690564507883/fbc8a795a7533f78ebb173887b75681c74a101c76919df85d2eee584945c371a/16KkKE06r8j14pt
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7edec32c0b0837e8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/z7a8w/0x4AAAAAAAHRbJqPImzA_n8H/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 17:15:08 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g-8inladTP3jrsXOIe3VoHHShAcdpGd-F0u7lhJRcNxoAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAvAJPp_tymNy24tzFnHwYAzYqYkGhCbu0yOIs40wj7UaanB5K7Y-OMGhqgFXq1gRVda20QppB16o5JWfqw56x9pUyZkX5NE3ao83zmBuo5k5YhxD1hC51zWbsBO4nl9IYlWfih99PZo9MeiG9vNzguCdJrVQLDCzqpouWrKKEjY1u6M6KTXbGNMorH_McvvsM0ZHaSglZ7osnBryUdVFLapT-dkzl5nRPevW7R2PFuvzZ9yuTmwdugysmDQtsPS3S6_hTagG4ZqfwHiPiNyxSbSMIepsGVJNB_24zvZG0GMGmf2nn9QlCrwPYu5GL2pVHjLj7I5lmgFKjIaUOfIZRdQIDAQAB, max-age=20
server: cloudflare
cf-ray: 7edec33528b237e8-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
BLOB 200
OK 87c3f5bf-d4fd-49d3-8544-205258dc278b
https://challenges.cloudflare.com/ Frame 7BBC 80 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/87c3f5bf-d4fd-49d3-8544-205258dc278b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d5d7571ddb9876d6bdb02c3291e62d788f660b71e6eb9d9032234a691db4680

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/z7a8w/0x4AAAAAAAHRbJqPImzA_n8H/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 80
Content-Type: text/javascript

POST
H3 200 390aa97ac056faa Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1757574354:1690560611:bZCI7ellnkQtiMA0zvXF7R2Dc5qBLxgbR57mWu_WQm8/7edec32c0b0837e8/ Frame 7BBC 15 KB
11 KB 71ms
65ms XHR
text/plain 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1757574354:1690560611:bZCI7ellnkQtiMA0zvXF7R2Dc5qBLxgbR57mWu_WQm8/7edec32c0b0837e8/390aa97ac056faa
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7edec32c0b0837e8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88e4e2879a41d4b35f7057cdb73051b91fc159beb7ceb7ac9ae134dbfeeb612f

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/z7a8w/0x4AAAAAAAHRbJqPImzA_n8H/auto/normal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
CF-Challenge: 390aa97ac056faa
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: F7g1V8E7MkWSlXfak31LUX0JHAP1Fn0oaoR4xBbmZEBv98Wp1Fp2Iii25Lqrh7fB$QQA8TDnkcV1S4JiL0Hm6fg==
date: Fri, 28 Jul 2023 17:15:09 GMT
content-encoding: br
server: cloudflare
cf-ray: 7edec3376c9237e8-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| verifyCallback_CF function| onloadTurnstileCallback object| turnstile

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7edec32c0b0837e8/1690564507883/fbc8a795a7533f78ebb173887b75681c74a101c76919df85d2eee584945c371a/16KkKE06r8j14pt Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7a96005b.0ab05843e6142fb8b4ad6cf1.workers.dev
challenges.cloudflare.com
news.aiccampaign.com
zzznkg.aloxt.unshrinkingness.org
2606:4700::6811:2b8
2a06:98c1:3120::3
2a06:98c1:3121::3
34.111.12.66
1d5d7571ddb9876d6bdb02c3291e62d788f660b71e6eb9d9032234a691db4680
2c03d09689b3f6f3abf3af2b3964fcbd5899fe2f7e29640a70da31d7f2854cf1
360c43a3ec99c9a8cfadbe3c99065f651513d4fb7f9b661c1fcc56ead6a4ae3b
3f2c00c144de5363b3b0ff6f4bf725b88cb255ea692f96fd676c9bdca70ad2f5
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
88e4e2879a41d4b35f7057cdb73051b91fc159beb7ceb7ac9ae134dbfeeb612f
8e98ec588321df01fe36c71106d94b4a528e17d4a76b1842cf454ea8dbb7b836
9b7afb90393e9cf9b1e0169403b19ee523a918a0a2061295dc38f0128aca3a62
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c
ecd0b8c3807eed23112c89bd06b4fdc99ac40add0d34bab2e3e3156ae6796e1a

7a96005b.0ab05843e6142fb8b4ad6cf1.workers.dev Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

58 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

221 kBTransfer

427 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

7a96005b.0ab05843e6142fb8b4ad6cf1.workers.dev Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

58 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

221 kB
Transfer

427 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions