urlscan.io logo urlscan.io
SecurityTrails logo

nrezf.0ff365files.com Open in urlscan Pro
2606:4700:e0::ac40:681a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://api.getjusto.com/redirect?to=https%3A%2F%2Fhydropod.sa.com%2Fnew%2Fauth%2F0v6af5%2F%2F%2F%2FYnJiZWxsQGhhbm5hYW5kZ...
Effective URL: https://nrezf.0ff365files.com/Mbrbell@hannaandersson.com
Submission: On May 08 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 15 HTTP transactions. The main IP is 2606:4700:e0::ac40:681a, located in United States and belongs to CLOUDFLARENET, US. The main domain is nrezf.0ff365files.com.
TLS certificate: Issued by GTS CA 1P5 on May 2nd 2023. Valid for: 3 months.
This is the only time nrezf.0ff365files.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.232.91.58 14618 (AMAZON-AES)
1 162.241.69.179 19871 (NETWORK-S...)
7 2606:4700:e0:... 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
15 3
Apex Domain
Subdomains		 Transfer
7 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 6491
117 KB
7 0ff365files.com
nrezf.0ff365files.com
228 KB
1 sa.com
hydropod.sa.com
274 B
1 getjusto.com
api.getjusto.com — Cisco Umbrella Rank: 830910
561 B
15 4
Domain Requested by
7 challenges.cloudflare.com nrezf.0ff365files.com
challenges.cloudflare.com
hydropod.sa.com
7 nrezf.0ff365files.com nrezf.0ff365files.com
1 hydropod.sa.com
1 api.getjusto.com 1 redirects
15 4

This site contains no links.

Subject Issuer Validity Valid
cpcontacts.hydropod.sa.com
R3		 2023-05-03 -
2023-08-01		 3 months crt.sh
0ff365files.com
GTS CA 1P5		 2023-05-02 -
2023-07-31		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://nrezf.0ff365files.com/Mbrbell@hannaandersson.com
Frame ID: BA66E45C610DA126EB94F66A735971A1
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/si47n/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 07BFC2D1565D3DC1678FBEB9E9A6F117
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading...

Page Statistics

15
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

346 kB
Transfer

653 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://api.getjusto.com/redirect?to=https%3A%2F%2Fhydropod.sa.com%2Fnew%2Fauth%2F0v6af5%2F%2F%2F%2FYnJiZWxsQGhhbm5hYW5kZXJzc29uLmNvbQ== HTTP 302
  • https://hydropod.sa.com/new/auth/0v6af5////YnJiZWxsQGhhbm5hYW5kZXJzc29uLmNvbQ==

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
YnJiZWxsQGhhbm5hYW5kZXJzc29uLmNvbQ==
hydropod.sa.com/new/auth/0v6af5////
Redirect Chain
  • https://api.getjusto.com/redirect?to=https%3A%2F%2Fhydropod.sa.com%2Fnew%2Fauth%2F0v6af5%2F%2F%2F%2FYnJiZWxsQGhhbm5hYW5kZXJzc29uLmNvbQ==
  • https://hydropod.sa.com/new/auth/0v6af5////YnJiZWxsQGhhbm5hYW5kZXJzc29uLmNvbQ==
0
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hydropod.sa.com/new/auth/0v6af5////YnJiZWxsQGhhbm5hYW5kZXJzc29uLmNvbQ==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.241.69.179 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
a.cruisevirusreviews.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 08 May 2023 18:27:58 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
refresh
0;url=https://nrezf.0ff365files.com/Mbrbell@hannaandersson.com

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Access-Control-Allow-Origin,X-HTTP-Method-Override,Content-Type,Authorization,Accept,x-orion-nonce,x-orion-platform,x-orion-publickey,x-orion-signature,x-orion-locale,x-orion-twofactor,x-orion-deviceid,x-orion-fp,x-orion-domain,x-orion-appcode,x-orion-referrer,x-orion-posversion,x-orion-timezone,x-orion-pathname,x-orion-device-country-code,x-orion-jwt,x-orion-refresh,x-orion-wrapped-website,sentry-trace
access-control-allow-methods
POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
date
Mon, 08 May 2023 18:27:58 GMT
location
https://hydropod.sa.com/new/auth/0v6af5////YnJiZWxsQGhhbm5hYW5kZXJzc29uLmNvbQ==
Primary Request Mbrbell@hannaandersson.com
nrezf.0ff365files.com/ 		8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nrezf.0ff365files.com/Mbrbell@hannaandersson.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:681a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2af1f18439628423075b2b72de0f2976442a3c90403e73cc4ea3d49dcfa55820
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://hydropod.sa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7c43c2868e9837fd-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Mon, 08 May 2023 18:27:59 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JR5Im%2BkYxd1MXzyEQsiso%2FpCDTfWPJjzg1Flz9FWaj3U5bmZE2mEHsxGtsK3AU3SKE%2BAOdJkJ7TFvs4BTLAtHBIu7s9uMiin0NKfGXoxfATmzAstQCve8PZC80VWWe%2BMLsUXIJj8FtQ4PLuW7PcrTaFQttU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
v1
nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ 		156 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7c43c2868e9837fd
Requested by
Host: nrezf.0ff365files.com
URL: https://nrezf.0ff365files.com/Mbrbell@hannaandersson.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:681a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b12df4ad804c555111ea4158f66ab8d4525cd840cd7aeac7cac96ec8d8dd4321

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nrezf.0ff365files.com/Mbrbell@hannaandersson.com?__cf_chl_rt_tk=dlENlGZRoPyW888gobFRJVs.Mt0NK_Wm6Ib.vtIcglI-1683570479-0-gaNycGzNC9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:27:59 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wnd%2B%2BaYJxWREtYo84rkJeSjjGQZqmTptAOtYHG9xXVGZmSvPwJ%2BpwpQ2N4Ohm7ye1LrB2uPIxytPCfI41F7RoYpE60QV5YSFdA3aNkSVeulMQjRFPp%2B9AYz9Cxup26iEXnvJL3vrMLBNjlhNfR58fOFgnPE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7c43c286def237fd-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
transparent.gif
nrezf.0ff365files.com/cdn-cgi/images/trace/managed/js/ 		42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrezf.0ff365files.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7c43c2868e9837fd
Requested by
Host: nrezf.0ff365files.com
URL: https://nrezf.0ff365files.com/Mbrbell@hannaandersson.com?__cf_chl_rt_tk=dlENlGZRoPyW888gobFRJVs.Mt0NK_Wm6Ib.vtIcglI-1683570479-0-gaNycGzNC9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:681a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nrezf.0ff365files.com/Mbrbell@hannaandersson.com?__cf_chl_rt_tk=dlENlGZRoPyW888gobFRJVs.Mt0NK_Wm6Ib.vtIcglI-1683570479-0-gaNycGzNC9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:27:59 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 Apr 2023 14:11:18 GMT
server
cloudflare
etag
"644bd406-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7c43c286def437fd-FRA
content-length
42
expires
Mon, 08 May 2023 20:27:59 GMT
api.js
challenges.cloudflare.com/turnstile/v0/g/b5e45436/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/b5e45436/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: nrezf.0ff365files.com
URL: https://nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7c43c2868e9837fd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5205e201bbd649a3a4af0ecb9b1e8a80f73aa8ea4aee1740302b1b8f7435b27f

Request headers

Referer
Origin
https://nrezf.0ff365files.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:27:59 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7c43c2873b801cb7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
35e8a6efe4f9f2f
nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1798932029:1683569256:BaqWyEMIKQ-vGlvdiZfnre2OG475VdtQRfWo5pEnKyQ/7c43c2868e9837fd/ 		214 KB
160 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1798932029:1683569256:BaqWyEMIKQ-vGlvdiZfnre2OG475VdtQRfWo5pEnKyQ/7c43c2868e9837fd/35e8a6efe4f9f2f
Requested by
Host: nrezf.0ff365files.com
URL: https://nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7c43c2868e9837fd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:681a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86850894c72660b20718d5cdf7f2216e63269ec3556bab6bd3a9de74982eec3e

Request headers

Referer
https://nrezf.0ff365files.com/Mbrbell@hannaandersson.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
CF-Challenge
35e8a6efe4f9f2f
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 08 May 2023 18:27:59 GMT
content-encoding
br
cf_chl_gen
6oUt4V8zyg9IBJ5mlwaKVMMa0e+g3KR0a6DY4AwDdn3IzGoi2ZjxYCurNkxuq8hQ+G7ZUfpxMnfkbbJQ/3emLj1JuCXWAVsOR5RQERjLiZnrWjRJJe7zfRsgEODvWacNn00FDVOrN530ff1z8dWjx0KDvgigLf97f4WeHHXFhUnv+0dKOI9DfLgg77ecTK1bz+NTSq51kyYLL6G8/Uey9ADSl5d9pz9IkOThMbn3YO07WUuN8Mef+ImpIAgfmN8tGNJOOuTWzYs6R2s9qNWuUdSqkUQztjy8/+hlqUjZuuDkPSLLYb8pfTWtzkg9w8wo91bk+ZQC6CHKZUUgeVD+MYUL2FkUMecCv7GVnbH0bNS36hL7apKHMF/Xbse3po14Viq9yWYltLWd7dqkpqPmEg==$npTEab6K2aROGO8ZIzkmGA==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XuWbyBdlFS%2Bdn8ViFbNuiMHdAg3iBYtTPl2s2lZQdJ6VHeLfxstNqF1d%2FxOGt9fwUa5vH3j8o8YGFT%2Bw7bW1A3zdYiCLNd9VCU%2FUKJFuAvZHhVsQmNrujtmyKJpy%2FkBlfnDpjVEK5sk5L5PoV7TCl69ArXI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7c43c287c931194b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
XjVFSe6byprKu_-
nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/pat/7c43c2868e9837fd/1683570479334/1b7250bccee67a653b2e1126315d35455fb2fe5631b479021ab47ae5c8d66179/ 		1 B
941 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/pat/7c43c2868e9837fd/1683570479334/1b7250bccee67a653b2e1126315d35455fb2fe5631b479021ab47ae5c8d66179/XjVFSe6byprKu_-
Requested by
Host: nrezf.0ff365files.com
URL: https://nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7c43c2868e9837fd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:681a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nrezf.0ff365files.com/Mbrbell@hannaandersson.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:28:01 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gG3JQvM7memU7LhEmMV01RV-y_lYxtHkCGrR65cjWYXkAFW5yZXpmLjBmZjM2NWZpbGVzLmNvbQ==, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAn23qyGdHVs28an7XXJsPKj7kVCaC9GVfIA_hqz7TYAdgPPPWwl9HHr2M2TPFejyc6bFISKBkmpvDiLNyAvKEm13RN65hHys38F97m-W3nV3CX88cMDzDhHNeSKqQo1MoCrKUVRA-HzoI7whFpb6oZatrsiQfT6e0EDSrkJ6AGKwW_hqtTq7Q8oQ8NMvLvQL4MtSLPzPcvwFOz2xb4cnOAAux7Xqj_X9nqx6jEU9gIxdjYa3s0NPyqM-bXlYDhp2Sss_2cyjfmadXK8iNYTmz68Ee9rJbH-kOjl28L1MjBPE6_7T93xkwiDUx1oIe6PkSyh1uv2wJROfbRBP3WttzJwIDAQAB, max-age=20
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4Rxg3Qb%2BnuyavUqsgU9fmJYs8yxwGvuo%2BkYN%2FmJTW4pn2CgvXknwEd3d0%2FRNdtfR6wpAs86MIy6sQpWE5W%2B1DZoND7hYX4smx%2FCe94CsJKEKU4AX77EpAyAcswhyJ8Fm3ddZSOabsCNrtOJNyt28u2m3KQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7c43c292bd8a194b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
91PArp8saTF53yy
nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/img/7c43c2868e9837fd/1683570479337/ 		61 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/img/7c43c2868e9837fd/1683570479337/91PArp8saTF53yy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:681a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edef72ac444c19f9387816dc0f6a5cf0d074e0b25639375306ca79b36bf32fc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nrezf.0ff365files.com/Mbrbell@hannaandersson.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:28:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7c43c292ee14194b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1J35mYJmcjYqXh%2F10lpRQd7g%2FcbJHFYih2FnoSvw2vf9fhYS9OGtgIcE%2BtOL6UNURb2mpFPG6%2FDR4S998bLpV0P%2BJxdgfsieLj7bgcCnIwl6Y7rzzCC28ZPTLl%2FQvLXwrbGLAPw0Vsmkn0pX5YyYlxPMMY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
35e8a6efe4f9f2f
nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1798932029:1683569256:BaqWyEMIKQ-vGlvdiZfnre2OG475VdtQRfWo5pEnKyQ/7c43c2868e9837fd/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1798932029:1683569256:BaqWyEMIKQ-vGlvdiZfnre2OG475VdtQRfWo5pEnKyQ/7c43c2868e9837fd/35e8a6efe4f9f2f
Requested by
Host: nrezf.0ff365files.com
URL: https://nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7c43c2868e9837fd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e0::ac40:681a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
133b96789ecf271db4081e26262194c28857c7d15cb9462f5109b9e70577ece5

Request headers

Referer
https://nrezf.0ff365files.com/Mbrbell@hannaandersson.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
CF-Challenge
35e8a6efe4f9f2f
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 08 May 2023 18:28:01 GMT
content-encoding
br
cf_chl_gen
zqDgU84zd29wLEIZ2vemGzizfxtuUZ6bXNWCagFwPCc+L7uiFXz3gFK25lDbGXR5$XUzAzpzHZQ2QFo3pxAoXkQ==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fuyn7MPF3XxJRKL3Ad2W6gI%2FSZkUBGOMj0fP2R5JqsmR4t2Ye%2F73VLMBbwfacRTeQey%2Batz8jXHbxloVUYMonC1919VQ8Xc6P89JfYAxWdFrYVOmKAB3NzJDG1uSCSFmRH730kkHSDksRCII%2FqVdnOlxi6A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7c43c2936f06194b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/si47n/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 07BF 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/si47n/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/b5e45436/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2def0ea65de60858ec187cd671dbbb1a653375fcde588e853ef9e97340a7db06

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7c43c293daad9b8e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 08 May 2023 18:28:01 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 07BF 		144 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7c43c293daad9b8e
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/si47n/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88fdc39be0ab06e8084738c1c70dd52d92da8f0c282393b3020b32960826d467

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/si47n/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:28:01 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7c43c2943b269b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
64da172bfce19c2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/348559222:1683569367:1LLvMV0OQbrkeTtjZDtoD4mdGkdgCFsHEIiDuTH_ESw/7c43c293daad9b8e/ Frame 07BF 		77 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/348559222:1683569367:1LLvMV0OQbrkeTtjZDtoD4mdGkdgCFsHEIiDuTH_ESw/7c43c293daad9b8e/64da172bfce19c2
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7c43c293daad9b8e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55cc167d8a31f496afe33c201d685a51c262da47a430717dde5bcf8bf6d524ed

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/si47n/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
CF-Challenge
64da172bfce19c2
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 08 May 2023 18:28:01 GMT
content-encoding
br
cf_chl_gen
gQGABFoutMuD+Dh45mfCKVHFQuSGI6LFFaXVOMFFk/LnfOmnjSRJRhpqjrhdO/11RvSkqM/hay9TMJ5qNW45TgaTZ7hm+h3lk3dFlFaspv2Jn96AYJk9kjuh+FyT41nk4Jk5NDgqzjHGz5GUGTBcaxoVWFGgzGdz+0167wJr8zIAw27eKlyqjN93jmOrE9LnmtklivDjv7C5Xc2ZTqLQWOrIynjdrvwIKScmuaIyXy7e2LDM6hH/YqAe5dJY5/BSetalVnh4AsdwWR4975uslHIQEbMOHTdVKckYGPqgCx+xok6K5ybt63XMPFIwF6Y5XzrjtPTu6qyznu40DHXBEnpozdNzcikKK+dX/IjhnYrs8LtrVodcS3hafvQlITbtpxkbZEjT6xi23fSiIypuGMczGsnETl6mGnHEUR9P6DU=$VRwbkHRAsyLlc8kUo/DOAA==
server
cloudflare
cf-ray
7c43c2953c5c9b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
3QVUFovE9dsiTQi
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7c43c293daad9b8e/1683570481491/ Frame 07BF 		61 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7c43c293daad9b8e/1683570481491/3QVUFovE9dsiTQi
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46767420811dcad54a9485e9a100566ad05c3309b2e58f9667a061e7bb44a97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/si47n/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:28:02 GMT
server
cloudflare
cf-ray
7c43c29b9d0b9b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
yRKFgXnrTZ3mqQK
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7c43c293daad9b8e/1683570481493/0a5fca7f106a67b5dbca155a51a9b9374c65e3044dfa71d07d567c5df02cdc3a/ Frame 07BF 		1 B
648 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7c43c293daad9b8e/1683570481493/0a5fca7f106a67b5dbca155a51a9b9374c65e3044dfa71d07d567c5df02cdc3a/yRKFgXnrTZ3mqQK
Requested by
Host: hydropod.sa.com
URL: https://hydropod.sa.com/new/auth/0v6af5////YnJiZWxsQGhhbm5hYW5kZXJzc29uLmNvbQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/si47n/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 18:28:02 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gCl_KfxBqZ7XbyhVaUam5N0xl4wRN-nHQfVZ8XfAs3DoAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAn23qyGdHVs28an7XXJsPKj7kVCaC9GVfIA_hqz7TYAdgPPPWwl9HHr2M2TPFejyc6bFISKBkmpvDiLNyAvKEm13RN65hHys38F97m-W3nV3CX88cMDzDhHNeSKqQo1MoCrKUVRA-HzoI7whFpb6oZatrsiQfT6e0EDSrkJ6AGKwW_hqtTq7Q8oQ8NMvLvQL4MtSLPzPcvwFOz2xb4cnOAAux7Xqj_X9nqx6jEU9gIxdjYa3s0NPyqM-bXlYDhp2Sss_2cyjfmadXK8iNYTmz68Ee9rJbH-kOjl28L1MjBPE6_7T93xkwiDUx1oIe6PkSyh1uv2wJROfbRBP3WttzJwIDAQAB, max-age=20
server
cloudflare
cf-ray
7c43c29bed559b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
64da172bfce19c2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/348559222:1683569367:1LLvMV0OQbrkeTtjZDtoD4mdGkdgCFsHEIiDuTH_ESw/7c43c293daad9b8e/ Frame 07BF 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/348559222:1683569367:1LLvMV0OQbrkeTtjZDtoD4mdGkdgCFsHEIiDuTH_ESw/7c43c293daad9b8e/64da172bfce19c2
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7c43c293daad9b8e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1969bf7baecfbd2e449bd5d5b06d67ef0731cf983f332c3552e29055c98c44aa

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/si47n/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
CF-Challenge
64da172bfce19c2
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 08 May 2023 18:28:02 GMT
content-encoding
br
cf_chl_gen
HZ+UlmMjoTXvkIOQgLUqAfpVBqAsKz0KOvuBAn4isAmtqrmtHPUY3OWuNoOP+cmQ$1Wo0tgrO95N5OCyc/we14A==
server
cloudflare
cf-ray
7c43c29cae339b8e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _cf_chl_opt function| SHA256 function| sendRequest function| _cf_chl_turnstile_l function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded

0 Cookies

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://nrezf.0ff365files.com/Mbrbell@hannaandersson.com
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/pat/7c43c2868e9837fd/1683570479334/1b7250bccee67a653b2e1126315d35455fb2fe5631b479021ab47ae5c8d66179/XjVFSe6byprKu_-
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7c43c293daad9b8e/1683570481493/0a5fca7f106a67b5dbca155a51a9b9374c65e3044dfa71d07d567c5df02cdc3a/yRKFgXnrTZ3mqQK
Message:
Failed to load resource: the server responded with a status of 401 ()