urlscan.io logo urlscan.io
SecurityTrails logo

www.newsfakt.com Open in urlscan Pro
2606:4700::6810:dc2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://paid.outbrain.com/network/redir?p=TV-jqloioZ5gh9rbmhG_8hGi5SyowVGcgT7q1Mmv265XX_AdtaTi1qblawwXfIyYngF44vH7uQl7Ufin...
Effective URL: https://www.newsfakt.com/optin1649426467054?sxid=5qdbt9ut12u7&ttorigin=5qdbt9ut12u7
Submission: On May 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 2606:4700::6810:dc2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.newsfakt.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 30th 2022. Valid for: a year.
This is the only time www.newsfakt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 151.101.14.132 54113 (FASTLY)
1 1 3.125.239.17 16509 (AMAZON-02)
7 2606:4700::68... 13335 (CLOUDFLAR...)
10 3
Apex Domain
Subdomains		 Transfer
7 newsfakt.com
www.newsfakt.com
83 KB
1 lhlrtvx.com
lhlrtvx.com
2 KB
1 outbrain.com
paid.outbrain.com — Cisco Umbrella Rank: 12548
1 KB
10 3
Domain Requested by
7 www.newsfakt.com paid.outbrain.com
www.newsfakt.com
1 lhlrtvx.com 1 redirects
1 paid.outbrain.com
10 3

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
www.newsfakt.com
Cloudflare Inc ECC CA-3		 2022-03-30 -
2023-03-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.newsfakt.com/optin1649426467054?sxid=5qdbt9ut12u7&ttorigin=5qdbt9ut12u7
Frame ID: ABAFFE5317FAA4F338FD57F69558561D
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. http://paid.outbrain.com/network/redir?p=TV-jqloioZ5gh9rbmhG_8hGi5SyowVGcgT7q1Mmv265XX_AdtaTi1qblawwX... Page URL
  2. https://lhlrtvx.com/click?trvid=10184&ob_click_id=v1-42ef10b344fccfa4f1bf8e0265d44f31-008def302d... HTTP 302
    https://www.newsfakt.com/optin1649426467054?sxid=5qdbt9ut12u7&ttorigin=5qdbt9ut12u7 Page URL

Page Statistics

10
Requests

70 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

85 kB
Transfer

140 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paid.outbrain.com/network/redir?p=TV-jqloioZ5gh9rbmhG_8hGi5SyowVGcgT7q1Mmv265XX_AdtaTi1qblawwXfIyYngF44vH7uQl7UfinpEPP4aYE_r6_XctflwkUrNR-7Zi1LS2OYI0EuCobYQfpQAWap12-ZKrHRHgg3CB0gRDQ0V4RppyMzna8dKBTuhm5wlijDCTuFHQygc9RD7qRnatPuJ81gWAbgSPfgfC_9kmtONNZeUAk4K8S9JDIiPUq4a2-smzzYMEdId6oK-6u52K3HQb4NYVpgfCaCns_94KU7m0NESLFwVN7z687p5uT3QOq4H3euRy1csrz-oRtQYb7&c=bf49563a&v=3 Page URL
  2. https://lhlrtvx.com/click?trvid=10184&ob_click_id=v1-42ef10b344fccfa4f1bf8e0265d44f31-008def302dd396ec9d224b962bd3322185-myydoobwme3dcljxmrrtmljumrstoljzgvrtcljsgjrtanbrga3wezbsme&time_stamp=20220503105224&ad_id=008bcddc06b46245f929c54b439a78bb4a&ad_title=Experts+advise%3A+Every+household+should+now+have+this+emergency+kit%21&doc_title=Nachhaltig+8%2C25%25+Rendite+erreichen&section_id=0014dace722b21ef3ebec62fc10f878c42&section_name=CNN&dicbo=v1-42ef10b344fccfa4f1bf8e0265d44f31-008def302dd396ec9d224b962bd3322185-myydoobwme3dcljxmrrtmljumrstoljzgvrtcljsgjrtanbrga3wezbsme&obOrigUrl=true HTTP 302
    https://www.newsfakt.com/optin1649426467054?sxid=5qdbt9ut12u7&ttorigin=5qdbt9ut12u7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
redir
paid.outbrain.com/network/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://paid.outbrain.com/network/redir?p=TV-jqloioZ5gh9rbmhG_8hGi5SyowVGcgT7q1Mmv265XX_AdtaTi1qblawwXfIyYngF44vH7uQl7UfinpEPP4aYE_r6_XctflwkUrNR-7Zi1LS2OYI0EuCobYQfpQAWap12-ZKrHRHgg3CB0gRDQ0V4RppyMzna8dKBTuhm5wlijDCTuFHQygc9RD7qRnatPuJ81gWAbgSPfgfC_9kmtONNZeUAk4K8S9JDIiPUq4a2-smzzYMEdId6oK-6u52K3HQb4NYVpgfCaCns_94KU7m0NESLFwVN7z687p5uT3QOq4H3euRy1csrz-oRtQYb7&c=bf49563a&v=3
Protocol
HTTP/1.1
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
49ac89e6d90a84da9c8726347b63344589f446b7f899cb9606b1c92b0901b628

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Length
661
Content-Type
text/html;charset=utf-8
Date
Tue, 03 May 2022 14:52:24 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3P
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
Pragma
no-cache
Traffic-Path
NYDC1, LGA, FRA, Europe1
Vary
Accept-Encoding, User-Agent
Via
1.1 varnish, 1.1 varnish
X-Cache
MISS, MISS
X-Cache-Hits
0, 0
X-Served-By
cache-lga21940-LGA, cache-fra19149-FRA
X-Timer
S1651589545.579724,VS0,VE171
X-TraceId
ce12bfa4fb43ebf8466ae3a18585b813
Primary Request optin1649426467054
www.newsfakt.com/
Redirect Chain
  • https://lhlrtvx.com/click?trvid=10184&ob_click_id=v1-42ef10b344fccfa4f1bf8e0265d44f31-008def302dd396ec9d224b962bd3322185-myydoobwme3dcljxmrrtmljumrstoljzgvrtcljsgjrtanbrga3wezbsme&time_stamp=202205...
  • https://www.newsfakt.com/optin1649426467054?sxid=5qdbt9ut12u7&ttorigin=5qdbt9ut12u7
11 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.newsfakt.com/optin1649426467054?sxid=5qdbt9ut12u7&ttorigin=5qdbt9ut12u7
Requested by
Host: paid.outbrain.com
URL: http://paid.outbrain.com/network/redir?p=TV-jqloioZ5gh9rbmhG_8hGi5SyowVGcgT7q1Mmv265XX_AdtaTi1qblawwXfIyYngF44vH7uQl7UfinpEPP4aYE_r6_XctflwkUrNR-7Zi1LS2OYI0EuCobYQfpQAWap12-ZKrHRHgg3CB0gRDQ0V4RppyMzna8dKBTuhm5wlijDCTuFHQygc9RD7qRnatPuJ81gWAbgSPfgfC_9kmtONNZeUAk4K8S9JDIiPUq4a2-smzzYMEdId6oK-6u52K3HQb4NYVpgfCaCns_94KU7m0NESLFwVN7z687p5uT3QOq4H3euRy1csrz-oRtQYb7&c=bf49563a&v=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c44e37ad3dd3a560b86066bf3b8e4f3931784e6ec2d506e25de87e48590c390
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://paid.outbrain.com/network/redir?p=TV-jqloioZ5gh9rbmhG_8hGi5SyowVGcgT7q1Mmv265XX_AdtaTi1qblawwXfIyYngF44vH7uQl7UfinpEPP4aYE_r6_XctflwkUrNR-7Zi1LS2OYI0EuCobYQfpQAWap12-ZKrHRHgg3CB0gRDQ0V4RppyMzna8dKBTuhm5wlijDCTuFHQygc9RD7qRnatPuJ81gWAbgSPfgfC_9kmtONNZeUAk4K8S9JDIiPUq4a2-smzzYMEdId6oK-6u52K3HQb4NYVpgfCaCns_94KU7m0NESLFwVN7z687p5uT3QOq4H3euRy1csrz-oRtQYb7&c=bf49563a&v=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7059d1ff9ff101df-ZRH
content-type
text/html; charset=UTF-8
date
Tue, 03 May 2022 14:52:24 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length
110
content-type
text/html; charset=utf-8
date
Tue, 03 May 2022 14:52:24 GMT
expires
Thu, 01 Jan 1970 00:00:00 UTC
location
https://www.newsfakt.com/optin1649426467054?sxid=5qdbt9ut12u7&ttorigin=5qdbt9ut12u7
pragma
no-cache
server
nginx
v1
www.newsfakt.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.newsfakt.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7059d1ff9ff101df
Requested by
Host: www.newsfakt.com
URL: https://www.newsfakt.com/optin1649426467054?sxid=5qdbt9ut12u7&ttorigin=5qdbt9ut12u7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21409a02ea6e0bac0cd8d4cb07faf0eb8c542f14d9054a76da9b8323b13ba59e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsfakt.com/optin1649426467054?sxid=5qdbt9ut12u7&ttorigin=5qdbt9ut12u7&__cf_chl_rt_tk=6.2eHjDSJCSZZn0tFX9RnNU.vncJQW35Nc26pUkkTI4-1651589544-0-gaNycGzNCGU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 14:52:24 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7059d200089101df-ZRH
transparent.gif
www.newsfakt.com/cdn-cgi/images/trace/jschal/js/ 		42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsfakt.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=7059d1ff9ff101df
Requested by
Host: www.newsfakt.com
URL: https://www.newsfakt.com/optin1649426467054?sxid=5qdbt9ut12u7&ttorigin=5qdbt9ut12u7&__cf_chl_rt_tk=6.2eHjDSJCSZZn0tFX9RnNU.vncJQW35Nc26pUkkTI4-1651589544-0-gaNycGzNCGU
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsfakt.com/optin1649426467054?sxid=5qdbt9ut12u7&ttorigin=5qdbt9ut12u7&__cf_chl_rt_tk=6.2eHjDSJCSZZn0tFX9RnNU.vncJQW35Nc26pUkkTI4-1651589544-0-gaNycGzNCGU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 14:52:24 GMT
x-content-type-options
nosniff
last-modified
Fri, 29 Apr 2022 13:06:37 GMT
server
cloudflare
etag
"626be2dd-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7059d200089301df-ZRH
vary
Accept-Encoding
content-length
42
expires
Tue, 03 May 2022 16:52:24 GMT
transparent.gif
www.newsfakt.com/cdn-cgi/images/trace/jschal/nojs/ 		42 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsfakt.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=7059d1ff9ff101df
Requested by
Host: www.newsfakt.com
URL: https://www.newsfakt.com/optin1649426467054?sxid=5qdbt9ut12u7&ttorigin=5qdbt9ut12u7&__cf_chl_rt_tk=6.2eHjDSJCSZZn0tFX9RnNU.vncJQW35Nc26pUkkTI4-1651589544-0-gaNycGzNCGU
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsfakt.com/optin1649426467054?sxid=5qdbt9ut12u7&ttorigin=5qdbt9ut12u7&__cf_chl_rt_tk=6.2eHjDSJCSZZn0tFX9RnNU.vncJQW35Nc26pUkkTI4-1651589544-0-gaNycGzNCGU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 14:52:24 GMT
x-content-type-options
nosniff
last-modified
Fri, 29 Apr 2022 13:06:37 GMT
server
cloudflare
etag
"626be2dd-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7059d200089601df-ZRH
vary
Accept-Encoding
content-length
42
expires
Tue, 03 May 2022 16:52:24 GMT
d34e91a170a6f5a
www.newsfakt.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.16028475011849938:1651587026:28259f5bc6f6f5612f23d395951a17754563b236ed91ea7a4be0d2696f2db1df/7059d1ff9ff101df/ 		82 KB
54 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.newsfakt.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.16028475011849938:1651587026:28259f5bc6f6f5612f23d395951a17754563b236ed91ea7a4be0d2696f2db1df/7059d1ff9ff101df/d34e91a170a6f5a
Requested by
Host: www.newsfakt.com
URL: https://www.newsfakt.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7059d1ff9ff101df
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0e41e5f6b14599c7189e938983afb7cb7c65842dd2f28014a5ff432c1971da

Request headers

Referer
https://www.newsfakt.com/optin1649426467054?sxid=5qdbt9ut12u7&ttorigin=5qdbt9ut12u7
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
CF-Challenge
d34e91a170a6f5a
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 03 May 2022 14:52:25 GMT
content-encoding
br
cf_chl_gen
7hUaLIDYmbsOlLUEuis45HW2FAwZL2nqZzY75O+oxZ5CRXkjPIzeUkBcZNbMpXsHrDt+79M2xjAFAG0qY/fqBMi9EqW9JSiDLyKOXoQ2RW2ZzJBm1O67w4yjPvpHMXU/9hDGRFINiaOxgYgg3fWo5KdzS9cVO3K0wvSNmF9pcrX7lrod8Lff+cPGsaGq6qpi1yM5yKF4OujiV2T+65ytdYYoI+gI61m/dJrJLHpBNGr7f0HYLbqHOUG2hakctjIQnMsn6bQjgL+8fLJ/TOiCkUXNq5onYpaVLgrd8nx4Q2wunC8At4G2wjOjAraZCRLigjcaT65zTgBcSYGT38w9nA==$CI1JHShgyOEjaMwrcodGWA==
server
cloudflare
cf-ray
7059d2012a2601df-ZRH
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain; charset=UTF-8
gQMzRkWp4zo5JDl
www.newsfakt.com/cdn-cgi/challenge-platform/h/g/img/7059d1ff9ff101df/1651589545163/ 		61 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newsfakt.com/cdn-cgi/challenge-platform/h/g/img/7059d1ff9ff101df/1651589545163/gQMzRkWp4zo5JDl
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d70112e8279e9fe3a2781f6cde61bbd705603ed1c2a31cc278770c12f883065d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.newsfakt.com/optin1649426467054?sxid=5qdbt9ut12u7&ttorigin=5qdbt9ut12u7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 14:52:25 GMT
server
cloudflare
cf-ray
7059d202ac5601df-ZRH
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
49aeacf3-116f-4bec-8f27-55673fd0f849
https://www.newsfakt.com/ 		120 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.newsfakt.com/49aeacf3-116f-4bec-8f27-55673fd0f849
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length
120
Content-Type
application/javascript
d34e91a170a6f5a
www.newsfakt.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.16028475011849938:1651587026:28259f5bc6f6f5612f23d395951a17754563b236ed91ea7a4be0d2696f2db1df/7059d1ff9ff101df/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.newsfakt.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.16028475011849938:1651587026:28259f5bc6f6f5612f23d395951a17754563b236ed91ea7a4be0d2696f2db1df/7059d1ff9ff101df/d34e91a170a6f5a
Requested by
Host: www.newsfakt.com
URL: https://www.newsfakt.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7059d1ff9ff101df
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
969f36aba6a435a4b94b7c90eef0ddf4e82ea288408a8c19be50d9c41b697cbe

Request headers

Referer
https://www.newsfakt.com/optin1649426467054?sxid=5qdbt9ut12u7&ttorigin=5qdbt9ut12u7
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
CF-Challenge
d34e91a170a6f5a
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 03 May 2022 14:52:27 GMT
content-encoding
br
server
cloudflare
cf_chl_out
iqNXX0WgJYng7ea4k8b84Ht7xwhnEkXsWe6lCk6AEgVjE9m+mti+KcDyjCe8mpG96MGwDyMDu6VUPDj7lit+1Q==$DDMYO/cXItkBRmsd8AayVA==
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=AdPUXjNorh3cO5Ws6fcKhWDhFXUS.xJoRcIENGxE7DQ-1651589547-0-AQbffpNdczowlSXrvxt-AsFXpeokXrak00ZFx2MFaqEBju4F9fVOFs-f-GG-4su-w4TrczGHAG6sgFOq7iHD97Q
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=UTF-8
cf_chl_out_s
Uqw5ugfNJL+Oz0cd8yiV0++dy8h5YVf/oJee1db2DHY2WB5mbpyD7DeEVDS3ZUb3QVgpYSAH1ySVy/oAu68sehwTOcFTMmez4w2rw79VSLovsM2vJvgF/jrXxqJFlssPrvg5PP09rnCS/jCzXmTfNwX9FtnaueK5oxP3El8tPG/Ehtrix7+9ZwjhmXwDCHfO0e7tN2/n92HgkuxK6b3ZePCkwOUcp+1qvDlahoyd13/EqnQ1KqIvPewO/zFcccYQX3h2fSAWFIpCXUCLUDWxxi5Flvhm7AEbCp7wHUL0I9SlNQUv5uEm1CZcpeEXMjroDH24tBa4KJk4kZGs8jw15GY/gcpLqGReNgoQgMd1Pr190DOit3Oq8/xu26Fn36ze$pNKXweGY2M/Cfdt9hO8TCw==
cf-ray
7059d20cecfe01df-ZRH

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| _cf_chl_opt function| _cf_chl_enter function| SHA256 boolean| _cf_chl_done_ran function| _cf_chl_done function| sendRequest function| _cf_atob object| _cf_chl_ctx object| _ number| jBYCOb string| prop

5 Cookies

Domain/Path Name / Value
lhlrtvx.com/ Name: ClickDataNG
Value: H4sIAAAAAAAA_8yUTY_bNhPHv4qeARZIYMVLUpRsKzCCfdygLZJ1izZtLgUCihxZ3JVIlaTsdV6-e0FJcTa55NjerHnjf8Yzvw9wROe1NVACXZIlgRTCuUcoSQp-qN58_i2tOaILqKCsResxBdlqef-zghLyv1UVNkOgbFhBCkoEhJIWOc3Xm5zzFKToeqEPJkZTQtc8Be13v95AGdyAKTgbRNB28vNNCm5oMX6QFBwq7VCGWwyNVVCyFLwdnBz9RQqtMEqbw5hKN6uL4Q_XQglNCL0vr69Pp9PS4MnX4j4spe2ubR-0oQXfcFbwYkVy_sI_aLV93MtfAyGsCME6fdBm-02btq7RzSIrJ4xs5o_RMT0PcXA-zI0c0QzTNHtxtkP4Er0bnEMjz1PK4PQj6W3TunB8GFWPM38R3FGr7TjISaKt3o2ed1ptj_QZZ1hTUmWc11LWgte0qtdIWJErzuuMPiNkrbDOCFMq2xQoN4oxXm0KVqksY4yu82fd-aysrU4dZkq2dw-dc6Fr74bO-WDbu_eHowuyvfOHOxeEqdxBZCd8X_kO56npDt_5ILp-ywhjJCcZJTljs2KholZC1pVUSpKi4gXjeb1hG5nzimcbsVpXFReX6KBDi9uXDz264BdCHbXHq-xm8fKI7rxo7OCxsa1a-MYOrVoYe1o04oiL0Gi_wA7dIc53ca_DFaNTVWXlXHYvZNOINujDYn3Fdiy_YvniNzRKB1ygc6hlg2bK8ijjqk7yKVdC4oqxilGsM6xQFqyWlNTr1Vpy9nWKER1ud_v9_LyWlf2v_F22-sXpeDPbeJGQgu5vlHLoPZTA6GpZ8CXN6XL12FXM6-rR3RzQBCjh1r7XbSuu8yVJnrzVRtmTT_ZvEkqW5HnyVpuCP08eCv40uen7Ft9i9UqH6zxbLbMiefLqpze3r9Ok1feY_Ijy3j5Ndo2zHV5TEunENzldcpr8Lmrh9JwG8bRqdOighF5otbRDqJzQJp5M5BEetcQLyWxsaZYWz9j_-YWAEX-Vsyc_FpvevlT4vxNGTS1PhlursH1s2IsO56ufnoOddb11EYgReX2cEOOr5HVQIxoGE1w8-h9ejl0cJhnRpcNk__gRIi4cmrCLJz65JyK97j-bvkFTcMJ4ISekeijN0LYpyMEH20H5AfAhoDOiHen9r28gpHAkcc2-4kS0Uijh-4yIkQxKmOGQTHAokxENyQUNyYSGxNhTEtGQRDQkFzQk9zr8L5bKoIQvQEjWKcuvkhkGyQUGMZKP8r7HgBiZx1XY7-HTp38CAAD__0Po75BxBwAA
lhlrtvx.com/ Name: ClickDataNgFall
Value: H4sIAAAAAAAA_8yUTY_bNhPHv4qeARZIYMVLUpRsKzCCfdygLZJ1izZtLgUCihxZ3JVIlaTsdV6-e0FJcTa55NjerHnjf8Yzvw9wROe1NVACXZIlgRTCuUcoSQp-qN58_i2tOaILqKCsResxBdlqef-zghLyv1UVNkOgbFhBCkoEhJIWOc3Xm5zzFKToeqEPJkZTQtc8Be13v95AGdyAKTgbRNB28vNNCm5oMX6QFBwq7VCGWwyNVVCyFLwdnBz9RQqtMEqbw5hKN6uL4Q_XQglNCL0vr69Pp9PS4MnX4j4spe2ubR-0oQXfcFbwYkVy_sI_aLV93MtfAyGsCME6fdBm-02btq7RzSIrJ4xs5o_RMT0PcXA-zI0c0QzTNHtxtkP4Er0bnEMjz1PK4PQj6W3TunB8GFWPM38R3FGr7TjISaKt3o2ed1ptj_QZZ1hTUmWc11LWgte0qtdIWJErzuuMPiNkrbDOCFMq2xQoN4oxXm0KVqksY4yu82fd-aysrU4dZkq2dw-dc6Fr74bO-WDbu_eHowuyvfOHOxeEqdxBZCd8X_kO56npDt_5ILp-ywhjJCcZJTljs2KholZC1pVUSpKi4gXjeb1hG5nzimcbsVpXFReX6KBDi9uXDz264BdCHbXHq-xm8fKI7rxo7OCxsa1a-MYOrVoYe1o04oiL0Gi_wA7dIc53ca_DFaNTVWXlXHYvZNOINujDYn3Fdiy_YvniNzRKB1ygc6hlg2bK8ijjqk7yKVdC4oqxilGsM6xQFqyWlNTr1Vpy9nWKER1ud_v9_LyWlf2v_F22-sXpeDPbeJGQgu5vlHLoPZTA6GpZ8CXN6XL12FXM6-rR3RzQBCjh1r7XbSuu8yVJnrzVRtmTT_ZvEkqW5HnyVpuCP08eCv40uen7Ft9i9UqH6zxbLbMiefLqpze3r9Ok1feY_Ijy3j5Ndo2zHV5TEunENzldcpr8Lmrh9JwG8bRqdOighF5otbRDqJzQJp5M5BEetcQLyWxsaZYWz9j_-YWAEX-Vsyc_FpvevlT4vxNGTS1PhlursH1s2IsO56ufnoOddb11EYgReX2cEOOr5HVQIxoGE1w8-h9ejl0cJhnRpcNk__gRIi4cmrCLJz65JyK97j-bvkFTcMJ4ISekeijN0LYpyMEH20H5AfAhoDOiHen9r28gpHAkcc2-4kS0Uijh-4yIkQxKmOGQTHAokxENyQUNyYSGxNhTEtGQRDQkFzQk9zr8L5bKoIQvQEjWKcuvkhkGyQUGMZKP8r7HgBiZx1XY7-HTp38CAAD__0Po75BxBwAA
.www.newsfakt.com/ Name: __cf_bm
Value: QmWBv9jVynsc6Kej6bfHkdy.yWyOTgSn.tUcdp_L24E-1651589544-0-AXc7Um+THBrFJ1j07PHlvH4x6YWveIS263qG1oMJG+FP8S9AIUSsMQMHGbBXm9YhVkqilpmDAJiBc8NAPWZD8aczLtvGi6kaSsSyg1lRO0SB
www.newsfakt.com/ Name: cf_chl_prog
Value: F12
www.newsfakt.com/ Name: cf_chl_rc_ni
Value: 1

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://www.newsfakt.com/optin1649426467054?sxid=5qdbt9ut12u7&ttorigin=5qdbt9ut12u7
Message:
Failed to load resource: the server responded with a status of 503 ()