![](/screenshots/843672f1-e3c6-4f93-9b3d-18328cfc3c87.png)
secure.anedot.com
Open in
urlscan Pro
2606:4700::6811:c3f9
Public Scan
Effective URL: https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184
Submission Tags: falconsandbox
Submission: On March 08 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 13th 2022. Valid for: a year.
This is the only time secure.anedot.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 74.118.130.252 74.118.130.252 | 4886 (LIFECORPO...) (LIFECORPORATION) | |
7 | 2606:4700::68... 2606:4700::6811:c3f9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 8 | 2606:4700::68... 2606:4700::6812:6b9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
14 | 3 |
ASN4886 (LIFECORPORATION, US)
PTR: host252.lifecorp.com
givetotpusa.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
cloudflare.com
1 redirects
challenges.cloudflare.com — Cisco Umbrella Rank: 5871 |
128 KB |
7 |
anedot.com
secure.anedot.com — Cisco Umbrella Rank: 224242 |
159 KB |
1 |
givetotpusa.com
1 redirects
givetotpusa.com |
360 B |
14 | 3 |
Domain | Requested by | |
---|---|---|
8 | challenges.cloudflare.com |
1 redirects
secure.anedot.com
challenges.cloudflare.com |
7 | secure.anedot.com |
secure.anedot.com
|
1 | givetotpusa.com | 1 redirects |
14 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-13 - 2023-08-13 |
a year | crt.sh |
challenges.cloudflare.com Cloudflare Inc ECC CA-3 |
2022-09-18 - 2023-09-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184
Frame ID: FF04524E025BF670626C0A9C7EEABE33
Requests: 10 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/ccj5u/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 42C00B340F7CA79F9679CFDC0032D738
Requests: 6 HTTP requests in this frame
Screenshot
![](/screenshots/843672f1-e3c6-4f93-9b3d-18328cfc3c87.png)
Page Title
One more stepPage URL History Show full URLs
-
https://givetotpusa.com/r.wr?id=32YrPBFu
HTTP 302
https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184 Page URL
Detected technologies
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://givetotpusa.com/r.wr?id=32YrPBFu
HTTP 302
https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
- https://challenges.cloudflare.com/turnstile/v0/g/af326ed3/api.js?onload=_cf_chl_turnstile_l&render=explicit
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
college-scam-db-p2p
secure.anedot.com/turning-point-usa/ Redirect Chain
|
66 KB 45 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
secure.anedot.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ |
147 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transparent.gif
secure.anedot.com/cdn-cgi/images/trace/managed/js/ |
42 B 196 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
challenges.cloudflare.com/turnstile/v0/g/af326ed3/ Redirect Chain
|
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
14e8a0778710163
secure.anedot.com/cdn-cgi/challenge-platform/h/g/flow/ov1/386415166:1678280778:MtNntjGngooySCUjMBiZuEwqIt8ALHqaDpEl19WTGWc/7a4ba3de39119bd4/ |
116 KB 55 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3og5AbjT7Pnf8wt
secure.anedot.com/cdn-cgi/challenge-platform/h/g/img/7a4ba3de39119bd4/1678284400574/ |
61 B 120 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
VzMI4zYQCLqLo_C
secure.anedot.com/cdn-cgi/challenge-platform/h/g/pat/7a4ba3de39119bd4/1678284400576/7a934a3e717610d145cdd66f3f254dc4802460fef2c1805bf089c2fb175448a1/ |
1 B 572 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
14e8a0778710163
secure.anedot.com/cdn-cgi/challenge-platform/h/g/flow/ov1/386415166:1678280778:MtNntjGngooySCUjMBiZuEwqIt8ALHqaDpEl19WTGWc/7a4ba3de39119bd4/ |
5 KB 4 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/ccj5u/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 42C0 |
21 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 42C0 |
149 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
c95ebde51a4dae3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1678378999:1678280769:gVus3_H3VddoTqKmTPNDQqAvXlGtCn6a9hTUOVOo1Qk/7a4ba3e91e71996c/ Frame 42C0 |
107 KB 53 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
PLHtCVSFoh-Q73P
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7a4ba3e91e71996c/1678284402372/ Frame 42C0 |
61 B 166 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zlOtJ6keetLqnOJ
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a4ba3e91e71996c/1678284402374/5e91182973b40e3d106e333788a570edfc7a83f47ae5c316c3fb72fa94bfe3c2/ Frame 42C0 |
1 B 646 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
c95ebde51a4dae3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1678378999:1678280769:gVus3_H3VddoTqKmTPNDQqAvXlGtCn6a9hTUOVOo1Qk/7a4ba3e91e71996c/ Frame 42C0 |
11 KB 8 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| _cf_chl_opt function| _cf_chl_turnstile_l function| __cf_md5 function| sendRequest function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| SHA256 object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded object| _ undefined| _cf_gcr1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
secure.anedot.com/ | Name: cf_chl_2 Value: 14e8a0778710163 |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
challenges.cloudflare.com
givetotpusa.com
secure.anedot.com
2606:4700::6811:c3f9
2606:4700::6812:6b9
74.118.130.252
0036f76f6eb366160c94b2ad2cc8243b06c383291725c342f3aa3756a2712ce3
0a8fd792db45f6d5c2f3bb383b931fbdc61b483d2d9be455d62e11a4357f93e5
18b327d19323b43c372071277b5eb99323c033a50b9c1ebfd72c198da05c66ff
1e090dd6b1fa0da6eb78c308a1c66d0aa719c5e54634e2c8c24726b4d4c97805
389f8d8908353926139208dc241f82804cb69e811ea5a9693cf98debee160523
50904b49cabdcaa8a2c2b288e34d26af147b16da5d63dfdc70bac29d927e5471
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
6ee9953c1c9ee6a9f313418ea6174a76ccb41b7bb88ab378d43672c5dd67ee79
a1342d42b9d03010008e7a1fc151a1ab38538ff60f747fc55b676740c3838da8
ab289c76ce4ae296cc8b4d66a76e318678892f3f8845c1adb6cf324818c1cbd4
bd2398dc518e53cf5cdddd299f0d399bdd2c82536a040e145b9657db28c6696a
cb326321faba60b8927c9a8aa1722c9fb7eae0a7cfa1d448da42d07bd1b551e9
e23126c51924cbb091b0b93d6c06831cc27059dbec4af0b653fea8aa7b001dd5
e3eba0c411bd7676b7a2f56f49cc5a893c680080c208840c6501c9c14315ce06
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629