urlscan.io logo urlscan.io
SecurityTrails logo

secure.anedot.com Open in urlscan Pro
2606:4700::6811:c3f9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://givetotpusa.com/r.wr?id=32YrPBFu
Effective URL: https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184
Submission Tags: falconsandbox
Submission: On March 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700::6811:c3f9, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.anedot.com. The Cisco Umbrella rank of the primary domain is 224242.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 13th 2022. Valid for: a year.
This is the only time secure.anedot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 74.118.130.252 4886 (LIFECORPO...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
14 3
Apex Domain
Subdomains		 Transfer
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5871
128 KB
7 anedot.com
secure.anedot.com — Cisco Umbrella Rank: 224242
159 KB
1 givetotpusa.com
givetotpusa.com
360 B
14 3
Domain Requested by
8 challenges.cloudflare.com 1 redirects secure.anedot.com
challenges.cloudflare.com
7 secure.anedot.com secure.anedot.com
1 givetotpusa.com 1 redirects
14 3

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-13 -
2023-08-13		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184
Frame ID: FF04524E025BF670626C0A9C7EEABE33
Requests: 10 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/ccj5u/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 42C00B340F7CA79F9679CFDC0032D738
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

One more step

Page URL History Show full URLs

  1. https://givetotpusa.com/r.wr?id=32YrPBFu HTTP 302
    https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

93 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

312 kB
Transfer

662 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://givetotpusa.com/r.wr?id=32YrPBFu HTTP 302
    https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/af326ed3/api.js?onload=_cf_chl_turnstile_l&render=explicit

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request college-scam-db-p2p
secure.anedot.com/turning-point-usa/
Redirect Chain
  • https://givetotpusa.com/r.wr?id=32YrPBFu
  • https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184
66 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c3f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50904b49cabdcaa8a2c2b288e34d26af147b16da5d63dfdc70bac29d927e5471
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7a4ba3de39119bd4-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 08 Mar 2023 14:06:40 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
0
Content-Type
text/html
Date
Wed, 08 Mar 2023 14:06:40 GMT
Location
https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184
Machine-Name
web5
Server
Microsoft-IIS/10.0
X-Content-Type-Options1
nosniff
v1
secure.anedot.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ 		147 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7a4ba3de39119bd4
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c3f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee9953c1c9ee6a9f313418ea6174a76ccb41b7bb88ab378d43672c5dd67ee79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184&__cf_chl_rt_tk=kjSO4zHkdQsCEl0o2KuaSBSIQoYtsjDqoEpYJWc5YX4-1678284400-0-gaNycGzNClA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 14:06:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7a4ba3de89879bd4-FRA
transparent.gif
secure.anedot.com/cdn-cgi/images/trace/managed/js/ 		42 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.anedot.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7a4ba3de39119bd4
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184&__cf_chl_rt_tk=kjSO4zHkdQsCEl0o2KuaSBSIQoYtsjDqoEpYJWc5YX4-1678284400-0-gaNycGzNClA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c3f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184&__cf_chl_rt_tk=kjSO4zHkdQsCEl0o2KuaSBSIQoYtsjDqoEpYJWc5YX4-1678284400-0-gaNycGzNClA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 14:06:40 GMT
x-content-type-options
nosniff
last-modified
Fri, 03 Mar 2023 16:16:17 GMT
server
cloudflare
etag
"64021d51-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7a4ba3de89899bd4-FRA
content-length
42
expires
Wed, 08 Mar 2023 16:06:40 GMT
truncated
/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e090dd6b1fa0da6eb78c308a1c66d0aa719c5e54634e2c8c24726b4d4c97805

Request headers

Referer
Origin
https://secure.anedot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18b327d19323b43c372071277b5eb99323c033a50b9c1ebfd72c198da05c66ff

Request headers

Referer
Origin
https://secure.anedot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
font/woff2
api.js
challenges.cloudflare.com/turnstile/v0/g/af326ed3/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/g/af326ed3/api.js?onload=_cf_chl_turnstile_l&render=explicit
14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/af326ed3/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184
Protocol
H2
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a8fd792db45f6d5c2f3bb383b931fbdc61b483d2d9be455d62e11a4357f93e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 14:06:40 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7a4ba3defd7b3834-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location
/turnstile/v0/g/af326ed3/api.js?onload=_cf_chl_turnstile_l&render=explicit
date
Wed, 08 Mar 2023 14:06:40 GMT
cache-control
max-age=300, public
server
cloudflare
cf-ray
7a4ba3deed633834-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vary
accept-encoding
14e8a0778710163
secure.anedot.com/cdn-cgi/challenge-platform/h/g/flow/ov1/386415166:1678280778:MtNntjGngooySCUjMBiZuEwqIt8ALHqaDpEl19WTGWc/7a4ba3de39119bd4/ 		116 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/cdn-cgi/challenge-platform/h/g/flow/ov1/386415166:1678280778:MtNntjGngooySCUjMBiZuEwqIt8ALHqaDpEl19WTGWc/7a4ba3de39119bd4/14e8a0778710163
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7a4ba3de39119bd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c3f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd2398dc518e53cf5cdddd299f0d399bdd2c82536a040e145b9657db28c6696a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
CF-Challenge
14e8a0778710163
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 08 Mar 2023 14:06:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf_chl_gen
SW6+aexE7Li3oT5dUGU3ZWAXzYeU2SUftqvgaN/+fpjcBB7glGMb0/+A5YWE8uR7xe/GNeqra5Sy6XZ/5S9P/0z+FLGqGeZV6plcMWrjIGiJ96mkKDejB68zh5FAe7s5qPHkdrhOsiklQxDe95nG6ZM1h3gBSV+KkhEQeRftU0Vt6P/V2yynmv3LbwXSL6pQ3Pqq1xsGgOk8WIQ7HaCCksZQchRF75dh3+dcxR2K+GpX5lrLcxvZ9rrJq4TsfSJfZA82PFSUjM0xJEvmSbNf09KnVTE0gBgujsN0S5YKLs8rFFOHL2EmoSm2qn4cZ/dQyE0V7nCLkpFDoy14W8hTi6pa6Q7fvO1Uobp4wJCIuTs0Mlv8KATNLAuuYzWXI1c/$CoJKsPwXPInEkrG4+AlXMg==
content-encoding
br
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
7a4ba3df7b289bd4-FRA
3og5AbjT7Pnf8wt
secure.anedot.com/cdn-cgi/challenge-platform/h/g/img/7a4ba3de39119bd4/1678284400574/ 		61 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.anedot.com/cdn-cgi/challenge-platform/h/g/img/7a4ba3de39119bd4/1678284400574/3og5AbjT7Pnf8wt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c3f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0036f76f6eb366160c94b2ad2cc8243b06c383291725c342f3aa3756a2712ce3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 14:06:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
7a4ba3e1df109bd4-FRA
content-type
image/png
VzMI4zYQCLqLo_C
secure.anedot.com/cdn-cgi/challenge-platform/h/g/pat/7a4ba3de39119bd4/1678284400576/7a934a3e717610d145cdd66f3f254dc4802460fef2c1805bf089c2fb175448a1/ 		1 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/cdn-cgi/challenge-platform/h/g/pat/7a4ba3de39119bd4/1678284400576/7a934a3e717610d145cdd66f3f254dc4802460fef2c1805bf089c2fb175448a1/VzMI4zYQCLqLo_C
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c3f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 14:06:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gepNKPnF2ENFFzdZvPyVNxIAkYP7ywYBb8InC-xdUSKEAEXNlY3VyZS5hbmVkb3QuY29t, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtM36gtcQXzi5XpeTNxbMn5Uxk4ZQTSzSssfqmc92M35EvqVnBzWtAkZzNkM5nhKHweggvBeq3tfmiEKGO4UbUCDHDjNRiY0V-c7beLBsuZ5mSKHzOErYodfcpo0TmFcWETFqJIQta8mePmEsl6IQ4f3-FhDMPOBNcA_07xaVvdaMmpP5i6_0KHb-A5yJOAXW0tTZrPP1d-t_tTN69nQN4c5j2-Zg7g9pb_H5WvGlmfQ16JRFsCYSsaCXiwdvT9gI8f7hWhIy5PH-fnlNjbUWgVtVLPn-ygwPaofdcwATmdR-BgCHIGuH1yXxgr7P0JZubZChBIB96vOn1_3Bt2yRvwIDAQAB, max-age=20
x-content-type-options
nosniff
server
cloudflare
cf-ray
7a4ba3e6d83a9bd4-FRA
content-type
text/plain; charset=UTF-8
14e8a0778710163
secure.anedot.com/cdn-cgi/challenge-platform/h/g/flow/ov1/386415166:1678280778:MtNntjGngooySCUjMBiZuEwqIt8ALHqaDpEl19WTGWc/7a4ba3de39119bd4/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/cdn-cgi/challenge-platform/h/g/flow/ov1/386415166:1678280778:MtNntjGngooySCUjMBiZuEwqIt8ALHqaDpEl19WTGWc/7a4ba3de39119bd4/14e8a0778710163
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7a4ba3de39119bd4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c3f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab289c76ce4ae296cc8b4d66a76e318678892f3f8845c1adb6cf324818c1cbd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
CF-Challenge
14e8a0778710163
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 08 Mar 2023 14:06:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf_chl_gen
MmbKDjJJASIpPl50LwasFVYxlQUo6Z4Je5aSjmP+zAU=$JHxgkFUfUIaiXAMIEwtvCw==
content-encoding
br
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
7a4ba3e8cb469bd4-FRA
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/ccj5u/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 42C0 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/ccj5u/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3eba0c411bd7676b7a2f56f49cc5a893c680080c208840c6501c9c14315ce06

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7a4ba3e91e71996c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 08 Mar 2023 14:06:42 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 42C0 		149 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7a4ba3e91e71996c
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/ccj5u/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e23126c51924cbb091b0b93d6c06831cc27059dbec4af0b653fea8aa7b001dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/ccj5u/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 14:06:42 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7a4ba3e9cf37996c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
c95ebde51a4dae3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1678378999:1678280769:gVus3_H3VddoTqKmTPNDQqAvXlGtCn6a9hTUOVOo1Qk/7a4ba3e91e71996c/ Frame 42C0 		107 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1678378999:1678280769:gVus3_H3VddoTqKmTPNDQqAvXlGtCn6a9hTUOVOo1Qk/7a4ba3e91e71996c/c95ebde51a4dae3
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7a4ba3e91e71996c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1342d42b9d03010008e7a1fc151a1ab38538ff60f747fc55b676740c3838da8

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/ccj5u/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
CF-Challenge
c95ebde51a4dae3
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 08 Mar 2023 14:06:42 GMT
content-encoding
br
cf_chl_gen
FuuLEfCmyuROh7q6kyB8hoiDqtCwaaFIAgmtb/1opIzW+Gx1PLXiBmXzjmPmBc8+IrxZ74n4ypkHngg9CqXeO920HaCqn5HqGY6koGuPTaKrgWy4ELlZ9mDeG5dwpSopUmyVvJ3t1aiRr9WUQCR3K7xXQHcET4DfmZFbQM+YjVLLNj8vTmHN9LS+vv0zA7mqzXwCfluVZ9TI6L76iofmUmCCTpUcVg707qvODUT5lzCkmXRUcJ5Awtm7l24Fu1xNy6R/36QfLrifT9vB7mlFVvI3fbwhRCTWfISlKghsO5cfXyBr1DOlIQE2UsoM74TQuYsy01WnCT0W7C2dx7eDk+6GHbaO4vb2Bu7HlgYHu9MVZrL2CgmzuyAmA+n8Kgq7EkisAVXHEx9d9JlfBPTxeCvGqjpNa9CYaX0kqYuh2KE=$8Nn6W2QBlUga1Ow+cekBrA==
server
cloudflare
cf-ray
7a4ba3eab84f996c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
PLHtCVSFoh-Q73P
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7a4ba3e91e71996c/1678284402372/ Frame 42C0 		61 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7a4ba3e91e71996c/1678284402372/PLHtCVSFoh-Q73P
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
389f8d8908353926139208dc241f82804cb69e811ea5a9693cf98debee160523

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/ccj5u/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 14:06:42 GMT
server
cloudflare
cf-ray
7a4ba3ec6a57996c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
zlOtJ6keetLqnOJ
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a4ba3e91e71996c/1678284402374/5e91182973b40e3d106e333788a570edfc7a83f47ae5c316c3fb72fa94bfe3c2/ Frame 42C0 		1 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a4ba3e91e71996c/1678284402374/5e91182973b40e3d106e333788a570edfc7a83f47ae5c316c3fb72fa94bfe3c2/zlOtJ6keetLqnOJ
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/ccj5u/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 14:06:42 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gXpEYKXO0Dj0QbjM3iKVw7fx6g_R65cMWw_ty-pS_48IAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtM36gtcQXzi5XpeTNxbMn5Uxk4ZQTSzSssfqmc92M35EvqVnBzWtAkZzNkM5nhKHweggvBeq3tfmiEKGO4UbUCDHDjNRiY0V-c7beLBsuZ5mSKHzOErYodfcpo0TmFcWETFqJIQta8mePmEsl6IQ4f3-FhDMPOBNcA_07xaVvdaMmpP5i6_0KHb-A5yJOAXW0tTZrPP1d-t_tTN69nQN4c5j2-Zg7g9pb_H5WvGlmfQ16JRFsCYSsaCXiwdvT9gI8f7hWhIy5PH-fnlNjbUWgVtVLPn-ygwPaofdcwATmdR-BgCHIGuH1yXxgr7P0JZubZChBIB96vOn1_3Bt2yRvwIDAQAB, max-age=20
server
cloudflare
cf-ray
7a4ba3ec8a7b996c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
c95ebde51a4dae3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1678378999:1678280769:gVus3_H3VddoTqKmTPNDQqAvXlGtCn6a9hTUOVOo1Qk/7a4ba3e91e71996c/ Frame 42C0 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1678378999:1678280769:gVus3_H3VddoTqKmTPNDQqAvXlGtCn6a9hTUOVOo1Qk/7a4ba3e91e71996c/c95ebde51a4dae3
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7a4ba3e91e71996c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb326321faba60b8927c9a8aa1722c9fb7eae0a7cfa1d448da42d07bd1b551e9

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/ccj5u/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
CF-Challenge
c95ebde51a4dae3
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 08 Mar 2023 14:06:43 GMT
content-encoding
br
cf_chl_gen
h8IfJ6n3PXbwlEkWZ6/K4rbTIC+lOsuZOblzx+IIZDU=$qntSHhgVE5TBFpmHUn2Bcw==
server
cloudflare
cf-ray
7a4ba3ef2e10996c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _cf_chl_opt function| _cf_chl_turnstile_l function| __cf_md5 function| sendRequest function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| SHA256 object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded object| _ undefined| _cf_gcr

1 Cookies

Domain/Path Name / Value
secure.anedot.com/ Name: cf_chl_2
Value: 14e8a0778710163

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://secure.anedot.com/turning-point-usa/college-scam-db-p2p?source_code=DBP2P0184
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.anedot.com/cdn-cgi/challenge-platform/h/g/pat/7a4ba3de39119bd4/1678284400576/7a934a3e717610d145cdd66f3f254dc4802460fef2c1805bf089c2fb175448a1/VzMI4zYQCLqLo_C
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a4ba3e91e71996c/1678284402374/5e91182973b40e3d106e333788a570edfc7a83f47ae5c316c3fb72fa94bfe3c2/zlOtJ6keetLqnOJ
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN