aiex6.documentsfiles.com Open in urlscan Pro
2606:4700:3031::ac43:d031  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://t3eun.usahairclinic.com/ Page URL
2. https://aiex6.documentsfiles.com/M Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ t3eun.usahairclinic.com/	101 B 545 B	836ms 270ms	Document text/html	192.185.92.181 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL http://t3eun.usahairclinic.com/ Protocol HTTP/1.1 Server 192.185.92.181 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 192-185-92-181.unifiedlayer.com Software Apache / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Upgrade, Keep-Alive Content-Encoding gzip Content-Length 110 Content-Type text/html; charset=UTF-8 Date Wed, 10 May 2023 15:32:52 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=75 Pragma no-cache Server Apache Upgrade h2,h2c Vary Accept-Encoding
GET H2	403	Primary Request M Show response aiex6.documentsfiles.com/	7 KB 5 KB	575ms 51ms	Document text/html	2606:4700:3031::ac43:d031 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aiex6.documentsfiles.com/M Requested by Host: t3eun.usahairclinic.com URL: http://t3eun.usahairclinic.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:d031 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b9f3d23476d00ed3bacf0b03c9820fb1f8f3f5a8c2a90cb3cab13fa537a42d4 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://t3eun.usahairclinic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-mitigated challenge cf-ray 7c533cc998ef9b9a-FRA content-encoding br content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Wed, 10 May 2023 15:32:53 GMT expires Thu, 01 Jan 1970 00:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B26BQWhAYBr%2BYswLExt%2FgLcOnJIyK7KPibJwfwKJzButaQXf5Dz9SKvTsWv1WGKigiKsKV9kDLxLMYQEfPTxoXPimEy8Xi3cFOZq69hRnIOV%2BU4k53JC%2F%2B8mxwo6dpn4BYfIi4btJhkYEQdAU6kohhZpmKj4PNg%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	v1 Show response aiex6.documentsfiles.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/	151 KB 54 KB	56ms 51ms	Script application/javascript	2606:4700:3031::ac43:d031 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aiex6.documentsfiles.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7c533cc998ef9b9a Requested by Host: aiex6.documentsfiles.com URL: https://aiex6.documentsfiles.com/M Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:d031 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b2676e24fe0e627a8b4b1ee2c6b77cfca60a6363a1448fa35d77502fed16294 Request headers accept-language de-DE,de;q=0.9 Referer https://aiex6.documentsfiles.com/M?__cf_chl_rt_tk=OHvEnbk.Ta1QxDoGyLfM_fGy4woi4s.itPy25fuPSTE-1683732773-0-gaNycGzNC6U User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 10 May 2023 15:32:53 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zq7apfNUhSC94pCx5Qo9PtIphX3p7fqzA0%2F%2Bw92qQVpQ0Aw9lPKqHgqXfUOQe5y%2BynMpijoefkXB3EoZjWQwa2Rt2KSfzTSqqutavyOOQTsa55HHvBOPwJ9J2pMf%2B1PeYc4fwZ%2FAe8NWALFQkxU7wBM7E5Ja0qY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=0, must-revalidate cf-ray 7c533cca29ac9b9a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	transparent.gif aiex6.documentsfiles.com/cdn-cgi/images/trace/managed/js/	42 B 220 B	46ms 41ms	Image image/gif	2606:4700:3031::ac43:d031 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aiex6.documentsfiles.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7c533cc998ef9b9a Requested by Host: aiex6.documentsfiles.com URL: https://aiex6.documentsfiles.com/M?__cf_chl_rt_tk=OHvEnbk.Ta1QxDoGyLfM_fGy4woi4s.itPy25fuPSTE-1683732773-0-gaNycGzNC6U Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:d031 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://aiex6.documentsfiles.com/M?__cf_chl_rt_tk=OHvEnbk.Ta1QxDoGyLfM_fGy4woi4s.itPy25fuPSTE-1683732773-0-gaNycGzNC6U User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 10 May 2023 15:32:53 GMT x-content-type-options nosniff last-modified Fri, 28 Apr 2023 14:11:18 GMT server cloudflare etag "644bd406-2a" x-frame-options DENY vary Accept-Encoding content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 7c533cca29ad9b9a-FRA content-length 42 expires Wed, 10 May 2023 17:32:53 GMT
GET H2	200	api.js Show response challenges.cloudflare.com/turnstile/v0/g/b5e45436/	15 KB 5 KB	165ms 64ms	Script application/javascript	2606:4700::6812:6b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/g/b5e45436/api.js?onload=_cf_chl_turnstile_l&render=explicit Requested by Host: aiex6.documentsfiles.com URL: https://aiex6.documentsfiles.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7c533cc998ef9b9a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5205e201bbd649a3a4af0ecb9b1e8a80f73aa8ea4aee1740302b1b8f7435b27f Request headers Referer Origin https://aiex6.documentsfiles.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 10 May 2023 15:32:53 GMT content-encoding br server cloudflare vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=31536000 cf-ray 7c533ccb69fe3a3e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H3	200	73ab30aba70abe5 Show response aiex6.documentsfiles.com/cdn-cgi/challenge-platform/h/g/flow/ov1/366569968:1683728503:szSTo9T5Zyy5zHK-2nxKOrFZvOCor0FfduuIC5NzNy0/7c533cc998ef9b9a/	159 KB 120 KB	131ms 130ms	XHR text/plain	2606:4700:3031::ac43:d031 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aiex6.documentsfiles.com/cdn-cgi/challenge-platform/h/g/flow/ov1/366569968:1683728503:szSTo9T5Zyy5zHK-2nxKOrFZvOCor0FfduuIC5NzNy0/7c533cc998ef9b9a/73ab30aba70abe5 Requested by Host: aiex6.documentsfiles.com URL: https://aiex6.documentsfiles.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7c533cc998ef9b9a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:d031 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc0afbc9ba4bcebf8816fef2481936cf3e0a0349ac50ccfcda33bd06e14fc7eb Request headers Referer https://aiex6.documentsfiles.com/M accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 CF-Challenge 73ab30aba70abe5 Content-type application/x-www-form-urlencoded Response headers date Wed, 10 May 2023 15:32:53 GMT content-encoding br cf_chl_gen fRtjnqg7haMy7Pch+Zq/P/EqAQViC2FjvsjKWhCgqxXFr+d50Ci8tHtNfBcyg85JgUO22d5E5EBv16D7A3EUQM/f5xtwBxfjlwoweK59v19px+bth1fY9cX6bt7IXdjA/R2Y3Jd8joLUMCUqqQ6g7qcigRixFAMl1IpibzYLSEyaIygfk3naVAsJxxNI568J0gMjWFRUkpf2fwmXoXZ9Lh8ncRItAhqZi7lUVerq3tLEldVvJdMit+ZflwUwNOYFg31GSh8tahbEh01lAZiVQUhEXuLC+eq1fv4aapMyv9RlCtS6eWxHP9hYCrG0tw6bb+aY0Try+8hCUmerjnwSHijkmVVMan6SZIsZ2ezDzyZJqPgSgBXCvmoqdUD1oXnPES537n3ZaKmtorWq6ZwWzps6icnLfnXr0uBiJHtxzpej1+d76MR8pLXI2Qhfv+mATubF2a2iBqpizClRn5gFz/1SQrb7bs0ezM8y5ZeNS4U=$KmgMd+pZI+r9nlL9uE3/1Q== nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Br8rjq8vmoTB56KmMMg%2Foz%2B3L4lH7r5fczvrSLwdU4ed8cKn79KMCQoCcV337OdME0rtiVdBc9iuxecCfYF0Q9kcRCGCdtToRpFKvC1mpg7Ee25ojR0Ac6xM8vTj%2BX5hNh9ilmf6oWKmFN4Eve9ag8ZpCm%2FkYQE%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 7c533ccb8ef40493-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	401	3wzGFyBUZ5L26Fv Show response aiex6.documentsfiles.com/cdn-cgi/challenge-platform/h/g/pat/7c533cc998ef9b9a/1683732773692/266ee88055017f0485d4189003c445b3a3d18600b6614eaf66fb79a1515566bf/	1 B 946 B	48ms 48ms	Fetch text/plain	2606:4700:3031::ac43:d031 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aiex6.documentsfiles.com/cdn-cgi/challenge-platform/h/g/pat/7c533cc998ef9b9a/1683732773692/266ee88055017f0485d4189003c445b3a3d18600b6614eaf66fb79a1515566bf/3wzGFyBUZ5L26Fv Requested by Host: aiex6.documentsfiles.com URL: https://aiex6.documentsfiles.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7c533cc998ef9b9a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:d031 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5 Request headers accept-language de-DE,de;q=0.9 Referer https://aiex6.documentsfiles.com/M User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 10 May 2023 15:32:53 GMT www-authenticate PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gJm7ogFUBfwSF1BiQA8RFs6PRhgC2YU6vZvt5oVFVZr8AGGFpZXg2LmRvY3VtZW50c2ZpbGVzLmNvbQ==, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA4rsahmFFVx2QGy_ap9QoeqGO_4LxWlFPbUODzU9Bo98w9mAJ4v4SezAZlSzuxZ-whSKnBsLI3W5_Ffqa5QZq-iwBI1406WdT_zTiNPDh2mFkXG_Im_OGmdqx5iLiI7Fuvm_js7sFgoX4L1MP7saxCY9qsWQ9-EaZmth2qzK0kjGxqoLmOUkCHHBEHpL31alMgPXC9Ww_OcA9ZXMUHyOOuAlOKZzqGmlDmPboz3OwCbKYt1cZ1V9FMz6IsOnZQp8OuYjAy44mpD1HmcYG3Zrn5YVxNqabY20_Wq5phFYl1453MSJlA6LedzIL9g40P14VWOgORWCdVGb0V6icMjuT5QIDAQAB, max-age=20 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lR096seft%2B67n1EYgzXcRgUdfnUoW3lwJMH%2BvLMwo3hpJOdvIDwdEGMoi8GJ3OWn1OPT%2F0tpsDWGr6C9l3P7ObcDQ6m7FlEWBMP1KEieR6UfSMG%2FFc25junQc3U7IO6ZJYjPQ%2BgTSBxnmLkWcu%2Bnw74xt0lmr90%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 7c533ccd593b0493-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	LQD0jL0xv8GX2ja aiex6.documentsfiles.com/cdn-cgi/challenge-platform/h/g/img/7c533cc998ef9b9a/1683732773692/	61 B 463 B	49ms 48ms	Image image/png	2606:4700:3031::ac43:d031 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aiex6.documentsfiles.com/cdn-cgi/challenge-platform/h/g/img/7c533cc998ef9b9a/1683732773692/LQD0jL0xv8GX2ja Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:d031 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 67c3e664f64616f0753d66198f1b4c458343f8225fb45c6a802e40b8fa4cd8f1 Request headers accept-language de-DE,de;q=0.9 Referer https://aiex6.documentsfiles.com/M User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 10 May 2023 15:32:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 7c533ccda9b70493-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8khKgjZ9LSqTKbI0k3fhbvhMoiSEqS5cXE4Hd40x%2F9p0e%2FKoa2KgWcBrOtE0XkR5nhgikLkmw0Xy2HolUJ03sTNp3cSWrQgfS6RUM3yfoeOcjjTETVkgUkC%2FmpRP7jY4EHb9f1ti%2B5U6Gh98MT%2BYVsULXoqJlk%3D"}],"group":"cf-nel","max_age":604800} content-type image/png
GET BLOB	200 OK	86c1ff2f-93e6-4def-9aa7-8f87c3964470 https://aiex6.documentsfiles.com/	656 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://aiex6.documentsfiles.com/86c1ff2f-93e6-4def-9aa7-8f87c3964470 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c Request headers accept-language de-DE,de;q=0.9 Referer https://aiex6.documentsfiles.com/M User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers Content-Length 656 Content-Type text/javascript
POST H3	200	73ab30aba70abe5 Show response aiex6.documentsfiles.com/cdn-cgi/challenge-platform/h/g/flow/ov1/366569968:1683728503:szSTo9T5Zyy5zHK-2nxKOrFZvOCor0FfduuIC5NzNy0/7c533cc998ef9b9a/	7 KB 6 KB	75ms 70ms	XHR text/plain	2606:4700:3031::ac43:d031 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aiex6.documentsfiles.com/cdn-cgi/challenge-platform/h/g/flow/ov1/366569968:1683728503:szSTo9T5Zyy5zHK-2nxKOrFZvOCor0FfduuIC5NzNy0/7c533cc998ef9b9a/73ab30aba70abe5 Requested by Host: aiex6.documentsfiles.com URL: https://aiex6.documentsfiles.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7c533cc998ef9b9a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:d031 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6a9cbf1ef98257fa3486a4839644cdb8fbecd9b4d88de6f20b40bc01e41df9c3 Request headers Referer https://aiex6.documentsfiles.com/M accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 CF-Challenge 73ab30aba70abe5 Content-type application/x-www-form-urlencoded Response headers date Wed, 10 May 2023 15:32:56 GMT content-encoding br cf_chl_gen LrB4n3sIsrj0ZB+ANpSB3BS0GjUDZCZ8DvazOMH5WeoxRU7I6KkLRwaOhOU+rSLd$xU/M+sMzLL7Y2nKKQowAXQ== nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjEgZI8ED5ljc6pRZRCKHarVVX97D91F4THBt7ALe7L301f3yyYOqsG%2FOW%2FhxLoNZuLSY1Eg0AZHrfzH5ShtlC7QMssYyhH8l4yULxlKxDRe1Ur%2F0cari%2F6FUkNJnM1u7aIl9tO3Bi08egyfyLH8pNZfjlh03V0%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 7c533cda2c3a0493-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	normal Show response challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ylhu3/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 9EE8	22 KB 7 KB	104ms 57ms	Document text/html	2606:4700::6812:6b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ylhu3/0x4AAAAAAAAjq6WYeRDKmebM/light/normal Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/g/b5e45436/api.js?onload=_cf_chl_turnstile_l&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7e610a60eed8aa4d40c529ca7191c313e2f1f2f310644f119d0d8557bfd17f3 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=0, must-revalidate cf-ray 7c533cdb09f21911-FRA content-encoding br content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Wed, 10 May 2023 15:32:56 GMT document-policy js-profiling permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare
GET H3	200	v1 Show response challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 9EE8	150 KB 54 KB	55ms 55ms	Script application/javascript	2606:4700::6812:6b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7c533cdb09f21911 Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ylhu3/0x4AAAAAAAAjq6WYeRDKmebM/light/normal Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74235387e3c985b40698ca82d4a0cbc94dced49ac871eee6571d7f8aa14e942a Request headers accept-language de-DE,de;q=0.9 Referer https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ylhu3/0x4AAAAAAAAjq6WYeRDKmebM/light/normal User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 Response headers date Wed, 10 May 2023 15:32:56 GMT cache-control max-age=0, must-revalidate content-encoding br server cloudflare cf-ray 7c533cdbaaba1911-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-type application/javascript; charset=UTF-8
POST H3	200	b0d8a79cdfeae9a Show response challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/609698588:1683728500:ffrdNvqN7H43CKG3-ofVC-TnCAUR4t5DbjYlIQE05HA/7c533cdb09f21911/ Frame 9EE8	105 KB 53 KB	88ms 88ms	XHR text/plain	2606:4700::6812:6b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/609698588:1683728500:ffrdNvqN7H43CKG3-ofVC-TnCAUR4t5DbjYlIQE05HA/7c533cdb09f21911/b0d8a79cdfeae9a Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7c533cdb09f21911 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bf67e0646be0441c2e4ae98f4187f9112ac796e70071cf8c7c3c635bd8be6c75 Request headers Referer https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ylhu3/0x4AAAAAAAAjq6WYeRDKmebM/light/normal accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36 CF-Challenge b0d8a79cdfeae9a Content-type application/x-www-form-urlencoded Response headers date Wed, 10 May 2023 15:32:56 GMT content-encoding br cf_chl_gen aVd3ORw1WjXO30SZq+Gkqrd9HFUptp3TUqGvQZaJmRgSCf6bhD+tTxpUcIhCIMfjANxcrLwdVhenI+UnxXzpbhF0yzmobNfM3qKvezEhJCoZAFZ2pkoElE93B4yjwV5E8cv6zds6PJTFc/+5qDhVF+PnttZR3Q/qJ/blW6jz0RD0DxY2febZbv1oxklxm48Kkxk5/8F6dBW6PxohWn3U35BzJy6Mvb+fe+Yt5kZczvGe7/97s3sNoCcFsTLoACKuQUS1RLCjwlSl1832XF8hODrIZ5BPHa3D5D+llvxtD8m+tetMZWGf0MU80H9cYnHi3Yh+LkRjdyJjtnj5mjZ+pB1Nl+BqXBdxcF5/uhrUT7ofmw2+qFRdrQgFl3X92OWenfdb6zMNgs6xRmrVudh6F05sOhjdMKnpysc9bOXPRJB8oFfv6MGmrjjMk1DtZpWS$YuZL7gaZXXEmkICRY5Asww== server cloudflare cf-ray 7c533cdd4cef1911-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-type text/plain; charset=UTF-8

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _cf_chl_opt function| _cf_chl_turnstile_l function| sendRequest function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| SHA256 object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			t3eun.usahairclinic.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: cbe13554b2ab21a55732f76422b48b03

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://aiex6.documentsfiles.com/M Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://aiex6.documentsfiles.com/cdn-cgi/challenge-platform/h/g/pat/7c533cc998ef9b9a/1683732773692/266ee88055017f0485d4189003c445b3a3d18600b6614eaf66fb79a1515566bf/3wzGFyBUZ5L26Fv Message: Failed to load resource: the server responded with a status of 401 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aiex6.documentsfiles.com
challenges.cloudflare.com
t3eun.usahairclinic.com
192.185.92.181
2606:4700:3031::ac43:d031
2606:4700::6812:6b9
1b2676e24fe0e627a8b4b1ee2c6b77cfca60a6363a1448fa35d77502fed16294
5205e201bbd649a3a4af0ecb9b1e8a80f73aa8ea4aee1740302b1b8f7435b27f
5b9f3d23476d00ed3bacf0b03c9820fb1f8f3f5a8c2a90cb3cab13fa537a42d4
67c3e664f64616f0753d66198f1b4c458343f8225fb45c6a802e40b8fa4cd8f1
6a9cbf1ef98257fa3486a4839644cdb8fbecd9b4d88de6f20b40bc01e41df9c3
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
74235387e3c985b40698ca82d4a0cbc94dced49ac871eee6571d7f8aa14e942a
a7e610a60eed8aa4d40c529ca7191c313e2f1f2f310644f119d0d8557bfd17f3
bf67e0646be0441c2e4ae98f4187f9112ac796e70071cf8c7c3c635bd8be6c75
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc0afbc9ba4bcebf8816fef2481936cf3e0a0349ac50ccfcda33bd06e14fc7eb