officesecure.org Open in urlscan Pro
2606:4700:3035::ac43:cb1e  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://fszbb.kgswc.org/ Page URL
2. https://officesecure.org/M Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ fszbb.kgswc.org/	93 B 474 B	979ms 724ms	Document text/html	147.124.221.154 MAJESTIC-HOSTING-01
General Check archive.org Show headers Download Go to Full URL http://fszbb.kgswc.org/ Protocol HTTP/1.1 Server 147.124.221.154 Dallas, United States, ASN396073 (MAJESTIC-HOSTING-01, US), Reverse DNS c01.iservidorweb.com Software Apache / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Thu, 27 Jul 2023 07:31:43 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache Transfer-Encoding chunked
GET H2	403	Primary Request M Show response officesecure.org/	6 KB 5 KB	74ms 14ms	Document text/html	2606:4700:3035::ac43:cb1e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://officesecure.org/M Requested by Host: fszbb.kgswc.org URL: http://fszbb.kgswc.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:cb1e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50cc0622cfe950d4b227b857ffedced52d42ffe23d832d6f516040c22200b291 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://fszbb.kgswc.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-mitigated challenge cf-ray 7ed32f38d8339180-FRA content-encoding br content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Thu, 27 Jul 2023 07:31:44 GMT expires Thu, 01 Jan 1970 00:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0ipqL0xJyP%2FNJotwM4XDsT8hewettmi5yseJWzy%2BYD21cLCEKnShZ5rzAj5WQ8re%2F1ro%2FYF0G%2BSSoo3NKTCuaKwdd1BaQHYdxTkB1ksOhlwrip8CR0oFVKpgIQeiMJ6xHvz7pAV5I6gtr7pX%2FJ8"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	challenges.css officesecure.org/cdn-cgi/styles/	6 KB 3 KB	9ms 8ms	Stylesheet text/css	2606:4700:3035::ac43:cb1e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://officesecure.org/cdn-cgi/styles/challenges.css Requested by Host: officesecure.org URL: https://officesecure.org/M Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:cb1e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://officesecure.org/M User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 07:31:44 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 24 Jul 2023 16:11:45 GMT server cloudflare etag W/"64bea2c1-19c8" x-frame-options DENY vary Accept-Encoding content-type text/css cache-control max-age=7200, public cf-ray 7ed32f3908629180-FRA expires Thu, 27 Jul 2023 09:31:44 GMT
GET H2	200	v1 Show response officesecure.org/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/	166 KB 59 KB	16ms 16ms	Script application/javascript	2606:4700:3035::ac43:cb1e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://officesecure.org/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7ed32f38d8339180 Requested by Host: officesecure.org URL: https://officesecure.org/M Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:cb1e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4525de3fb562e07cea244408f2050ed46922fff829f72cc094f905eeaa8dbcc1 Request headers accept-language de-DE,de;q=0.9 Referer https://officesecure.org/M?__cf_chl_rt_tk=9hn1CoXzHOqu8cdL0FssXlM0FEuYiqyAgIvCTLF9Syk-1690443104-0-gaNycGzNC5A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 07:31:44 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aowwj%2B2CmFhECli8WuIscsN4861ZTRqMMn36khcpGNbdnoF7mMTkFGUUaMuywrvdL6unMH1A9bP5JdHhFoYAZc3AGimRFTYP9coXOqmENWWkr3vgsv7RBd8vU5X5MJeSqtxJG7QDeuEn2b3dBJC%2F"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=0, must-revalidate cf-ray 7ed32f3918869180-FRA alt-svc h3=":443"; ma=86400
GET H2	200	api.js Show response challenges.cloudflare.com/turnstile/v0/g/f0089873/	25 KB 9 KB	49ms 31ms	Script application/javascript	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/g/f0089873/api.js?onload=OHJV4&render=explicit Requested by Host: officesecure.org URL: https://officesecure.org/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7ed32f38d8339180 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6b1965ffe080608c2d8558a931395eb9ff50b86f110196a6634f8e749b2e67f Request headers Referer Origin https://officesecure.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 07:31:44 GMT content-encoding br server cloudflare vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=31536000 cf-ray 7ed32f3978ea1da6-FRA alt-svc h3=":443"; ma=86400
GET H3	403	favicon.ico officesecure.org/	6 KB 6 KB	14ms 14ms	Image text/html	2606:4700:3035::ac43:cb1e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://officesecure.org/favicon.ico Requested by Host: officesecure.org URL: https://officesecure.org/M Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:cb1e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d59b9f608c1f8cc7270663186e9814ce623baf989438c3a6fcc5efcf7130d57 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://officesecure.org/M User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 07:31:44 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cross-origin-embedder-policy require-corp cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 referrer-policy same-origin server cloudflare cross-origin-opener-policy same-origin cf-mitigated challenge x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQYlLQaoS1gXpf221Z4A9P5leWzkxsz%2BPtNGV%2BfmxMthA962eqYkGo4s3UeOqcMPyWboIwLeRAaJo7hgr020SPJojc2Cp7WgW6H25JIq0pqx%2Bxb2cPCvTjLSx40uQca31nWAoNafwY4y2a6L2aLv"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 vary Accept-Encoding cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() cf-ray 7ed32f395c71bb53-FRA expires Thu, 01 Jan 1970 00:00:01 GMT
GET DATA	200 OK	truncated /	586 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	b2ea3115-ab09-44e3-a908-f3f154e99c6a https://officesecure.org/	13 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://officesecure.org/b2ea3115-ab09-44e3-a908-f3f154e99c6a Requested by Host: officesecure.org URL: https://officesecure.org/M Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04 Request headers accept-language de-DE,de;q=0.9 Referer https://officesecure.org/M User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Content-Length 13 Content-Type text/javascript
POST H3	200	4dd7182faad8cdc Show response officesecure.org/cdn-cgi/challenge-platform/h/g/flow/ov1/1505637978:1690438970:XNnaynmelkWEsP412eZYCt1v2Nx0ra1YbbbzFy9r2wA/7ed32f38d8339180/	9 KB 8 KB	29ms 28ms	XHR text/plain	2606:4700:3035::ac43:cb1e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://officesecure.org/cdn-cgi/challenge-platform/h/g/flow/ov1/1505637978:1690438970:XNnaynmelkWEsP412eZYCt1v2Nx0ra1YbbbzFy9r2wA/7ed32f38d8339180/4dd7182faad8cdc Requested by Host: officesecure.org URL: https://officesecure.org/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=7ed32f38d8339180 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:cb1e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 98f17dfed335aae210073d523d60eeb1ad207d2bfe1d76fbe6f6a9d86035c339 Request headers Referer https://officesecure.org/M accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 CF-Challenge 4dd7182faad8cdc Content-type application/x-www-form-urlencoded Response headers date Thu, 27 Jul 2023 07:31:44 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WnXzRECUdvgiEWyYvN7TsDoedzmI%2Bo2fPETvR5FP%2BfAq40Eq7Onx%2BpiSSVv62Tz3S6j7VO7k6RCN7an6JLWf4XbjBfMUjx7KzROXKTeAhQL2mN%2FXQlnyNCw3q6uZmZMAtk%2FuJFYnBTEYTvnZ5HFO"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 7ed32f3a0d54bb53-FRA alt-svc h3=":443"; ma=86400 cf-chl-gen g7p5/gIRVHxpbyXHeU4vhcTbDzgioo7TZrDSTyNoMEl0J8FNdXAKGP59FZ90I4za$ssq8oCgPZWa2d3h7cSiMxA==
GET H3	200	normal Show response challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nmf23/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 1B32	24 KB 8 KB	26ms 17ms	Document text/html	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nmf23/0x4AAAAAAADnPIDROrmt1Wwj/light/normal Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/g/f0089873/api.js?onload=OHJV4&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb213ef7b57c39e19a250ed48b5af57b84e483a43b86a8f6b79a2902a5051db6 Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=0, must-revalidate cf-ray 7ed32f3a5be43608-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/; base-uri 'self' content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Thu, 27 Jul 2023 07:31:44 GMT document-policy js-profiling permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare
GET H3	200	v1 Show response challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 1B32	173 KB 61 KB	17ms 16ms	Script application/javascript	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7ed32f3a5be43608 Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nmf23/0x4AAAAAAADnPIDROrmt1Wwj/light/normal Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ae67ad71773ae1285e05ce543c558896e785909c25fc57404c22efa7cbbcd34 Request headers accept-language de-DE,de;q=0.9 Referer https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nmf23/0x4AAAAAAADnPIDROrmt1Wwj/light/normal User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 07:31:44 GMT cache-control max-age=0, must-revalidate content-encoding br server cloudflare cf-ray 7ed32f3aac3e3608-FRA alt-svc h3=":443"; ma=86400 content-type application/javascript; charset=UTF-8
GET BLOB	200 OK	df58e960-f4bf-4f60-a5d2-58acd76d15ad https://challenges.cloudflare.com/ Frame 1B32	13 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://challenges.cloudflare.com/df58e960-f4bf-4f60-a5d2-58acd76d15ad Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04 Request headers accept-language de-DE,de;q=0.9 Referer https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nmf23/0x4AAAAAAADnPIDROrmt1Wwj/light/normal User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Content-Length 13 Content-Type text/javascript
POST H3	200	3c95445a5e262f9 Show response challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/412320622:1690439117:Bz6gJBzMEVxcT4dHJ_HhT4-AlimJiSQnK4ly7xwsI4Y/7ed32f3a5be43608/ Frame 1B32	82 KB 62 KB	56ms 56ms	XHR text/plain	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/412320622:1690439117:Bz6gJBzMEVxcT4dHJ_HhT4-AlimJiSQnK4ly7xwsI4Y/7ed32f3a5be43608/3c95445a5e262f9 Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7ed32f3a5be43608 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aab4459bb32b075f3bc044c859ef996fa69c84d4c7b0369e84d0a7a40b6503fd Request headers Referer https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nmf23/0x4AAAAAAADnPIDROrmt1Wwj/light/normal accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 CF-Challenge 3c95445a5e262f9 Content-type application/x-www-form-urlencoded Response headers cf-chl-gen UoLrLeUfmL3N/+XzB/QM+qA6E6idYidyqYN+Gk6hxgTH35t+yK9Iv3VU3pqQxXE1bbX3gEP2ol3B9eQtiXMCZhtBKy5/s4VZFvl9Us73WB0BLRi2QBzGQPgF8AmrQK4O+9T+pV2kVoG+rh5UdC5+6O+cMI2KLoKSzcYRIw5aKvIuWaj3XhBNM5Sx9v3FnnnXHZl84EhLOpjXm1RjmnRUUxc++EdyQmfrqeuzoMLhQA2qQCO7F2Nx7xbMlhJGK+kPOqLLGp7fY4o2ew5wKsrORk3QMDdE04v79SdUY+y3H0aXCgpsJY9jTXtTwvBurYkhTfteNDMwI8Zqce9Fvb2yXcRrWZDj/M7jBYG1IXtdsan6IUPuM7dsCryHIA25HidS45GhSskIBlWR+EeJPmgZsh58JdoW4jVJP09QUdBEYg8=$t8nlG43eLQPmT8hecPjcnQ== date Thu, 27 Jul 2023 07:31:44 GMT content-encoding br server cloudflare cf-ray 7ed32f3b9d513608-FRA alt-svc h3=":443"; ma=86400 content-type text/plain; charset=UTF-8
GET H3	200	-e_mmEuXCGZ8LVl challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/7ed32f3a5be43608/1690443104593/ Frame 1B32	61 B 148 B	37ms 37ms	Image image/png	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/7ed32f3a5be43608/1690443104593/-e_mmEuXCGZ8LVl Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b211ca1c9aca31f68cdd1b16949cfbd8e8def77d41c9ef63875329d979bc0842 Request headers accept-language de-DE,de;q=0.9 Referer https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nmf23/0x4AAAAAAADnPIDROrmt1Wwj/light/normal User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 07:31:45 GMT server cloudflare cf-ray 7ed32f3ee9493608-FRA alt-svc h3=":443"; ma=86400 content-type image/png
GET BLOB	200 OK	dd75a73a-b8b2-48f9-b839-5c6cc9a13a41 https://challenges.cloudflare.com/ Frame 1B32	80 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://challenges.cloudflare.com/dd75a73a-b8b2-48f9-b839-5c6cc9a13a41 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 1d5d7571ddb9876d6bdb02c3291e62d788f660b71e6eb9d9032234a691db4680 Request headers accept-language de-DE,de;q=0.9 Referer https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nmf23/0x4AAAAAAADnPIDROrmt1Wwj/light/normal User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Content-Length 80 Content-Type text/javascript
GET H3	401	MYS3ZtszuNymjEu Show response challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7ed32f3a5be43608/1690443104594/2122a92006faa7474dc33bc5d7043d029290e7a2256706a08449eff02ae9679a/ Frame 1B32	1 B 630 B	14ms 14ms	Fetch text/plain	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7ed32f3a5be43608/1690443104594/2122a92006faa7474dc33bc5d7043d029290e7a2256706a08449eff02ae9679a/MYS3ZtszuNymjEu Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7ed32f3a5be43608 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5 Request headers accept-language de-DE,de;q=0.9 Referer https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nmf23/0x4AAAAAAADnPIDROrmt1Wwj/light/normal User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 07:31:45 GMT www-authenticate PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gISKpIAb6p0dNwzvF1wQ9ApKQ56IlZwaghEnv8CrpZ5oAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAvAJPp_tymNy24tzFnHwYAzYqYkGhCbu0yOIs40wj7UaanB5K7Y-OMGhqgFXq1gRVda20QppB16o5JWfqw56x9pUyZkX5NE3ao83zmBuo5k5YhxD1hC51zWbsBO4nl9IYlWfih99PZo9MeiG9vNzguCdJrVQLDCzqpouWrKKEjY1u6M6KTXbGNMorH_McvvsM0ZHaSglZ7osnBryUdVFLapT-dkzl5nRPevW7R2PFuvzZ9yuTmwdugysmDQtsPS3S6_hTagG4ZqfwHiPiNyxSbSMIepsGVJNB_24zvZG0GMGmf2nn9QlCrwPYu5GL2pVHjLj7I5lmgFKjIaUOfIZRdQIDAQAB, max-age=20 server cloudflare cf-ray 7ed32f407bbc3608-FRA alt-svc h3=":443"; ma=86400 content-type text/plain; charset=UTF-8
POST H3	200	3c95445a5e262f9 Show response challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/412320622:1690439117:Bz6gJBzMEVxcT4dHJ_HhT4-AlimJiSQnK4ly7xwsI4Y/7ed32f3a5be43608/ Frame 1B32	15 KB 11 KB	30ms 29ms	XHR text/plain	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/412320622:1690439117:Bz6gJBzMEVxcT4dHJ_HhT4-AlimJiSQnK4ly7xwsI4Y/7ed32f3a5be43608/3c95445a5e262f9 Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7ed32f3a5be43608 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 34d3d4b9c336ffc2c85e8e983380de66e1ec8fe2eebeb596d698cb5857648dfa Request headers Referer https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nmf23/0x4AAAAAAADnPIDROrmt1Wwj/light/normal accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 CF-Challenge 3c95445a5e262f9 Content-type application/x-www-form-urlencoded Response headers cf-chl-gen iLZ7t+ba7Ws3F3V2T/EDB3YPr4On50REtjy3DrBr12PL7JKUTLHmv2ZfeAFlfymZ$/hjvUhylhO99pLNyoN6xWQ== date Thu, 27 Jul 2023 07:31:45 GMT content-encoding br server cloudflare cf-ray 7ed32f40fc683608-FRA alt-svc h3=":443"; ma=86400 content-type text/plain; charset=UTF-8

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _cf_chl_opt function| hTGpkytwct function| SHA256 function| AlYCqA8 function| BN9 function| Dzfe5 object| aOQgB3 function| OHJV4 boolean| bW0 function| wIXD4 object| UJLfD3 object| turnstile boolean| CXcPE6 string| fexv2

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			fszbb.kgswc.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: e60d068032154001f731416ef3c4eef9

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://officesecure.org/M Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://officesecure.org/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7ed32f3a5be43608/1690443104594/2122a92006faa7474dc33bc5d7043d029290e7a2256706a08449eff02ae9679a/MYS3ZtszuNymjEu Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
fszbb.kgswc.org
officesecure.org
147.124.221.154
2606:4700:3035::ac43:cb1e
2606:4700::6811:2b8
0ae67ad71773ae1285e05ce543c558896e785909c25fc57404c22efa7cbbcd34
1d5d7571ddb9876d6bdb02c3291e62d788f660b71e6eb9d9032234a691db4680
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
34d3d4b9c336ffc2c85e8e983380de66e1ec8fe2eebeb596d698cb5857648dfa
3d59b9f608c1f8cc7270663186e9814ce623baf989438c3a6fcc5efcf7130d57
4525de3fb562e07cea244408f2050ed46922fff829f72cc094f905eeaa8dbcc1
50cc0622cfe950d4b227b857ffedced52d42ffe23d832d6f516040c22200b291
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
98f17dfed335aae210073d523d60eeb1ad207d2bfe1d76fbe6f6a9d86035c339
aab4459bb32b075f3bc044c859ef996fa69c84d4c7b0369e84d0a7a40b6503fd
b211ca1c9aca31f68cdd1b16949cfbd8e8def77d41c9ef63875329d979bc0842
eb213ef7b57c39e19a250ed48b5af57b84e483a43b86a8f6b79a2902a5051db6
f6b1965ffe080608c2d8558a931395eb9ff50b86f110196a6634f8e749b2e67f
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa