secure.anedot.com
Open in
urlscan Pro
2606:4700::6812:eec5
Public Scan
Effective URL: https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033
Submission: On September 20 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 14th 2023. Valid for: a year.
This is the only time secure.anedot.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 74.118.130.252 74.118.130.252 | 4886 (LIFECORPO...) (LIFECORPORATION) | |
8 | 2606:4700::68... 2606:4700::6812:eec5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2606:4700::68... 2606:4700::6811:3b8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
14 | 3 |
ASN4886 (LIFECORPORATION, US)
PTR: host252.lifecorp.com
ncpdgive.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
anedot.com
secure.anedot.com — Cisco Umbrella Rank: 853527 |
227 KB |
4 |
cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5309 |
21 KB |
1 |
ncpdgive.org
1 redirects
ncpdgive.org |
348 B |
14 | 3 |
Domain | Requested by | |
---|---|---|
8 | secure.anedot.com |
secure.anedot.com
|
4 | challenges.cloudflare.com |
secure.anedot.com
challenges.cloudflare.com |
1 | ncpdgive.org | 1 redirects |
14 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-14 - 2024-07-13 |
a year | crt.sh |
challenges.cloudflare.com Cloudflare Inc ECC CA-3 |
2023-08-18 - 2024-08-17 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033
Frame ID: 6F60A666C3CFFC4422410D05C4AA437B
Requests: 16 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/0lnzb/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 000D84EFCD71001F3AC16E769BF83B19
Requests: 1 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/zvty0/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 523B1603312CE6701775871F126ADE3D
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
One more stepPage URL History Show full URLs
-
https://ncpdgive.org/r.wr?id=kjh425h9
HTTP 302
https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033 Page URL
- https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033 Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://ncpdgive.org/r.wr?id=kjh425h9
HTTP 302
https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033 Page URL
- https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://ncpdgive.org/r.wr?id=kjh425h9 HTTP 302
- https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
db-t2d-cr-83c
secure.anedot.com/ncpd/ Redirect Chain
|
65 KB 46 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
secure.anedot.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ |
167 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
challenges.cloudflare.com/turnstile/v0/b/8370c0b3/ |
30 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
9705772f-ab54-469a-902a-b984931236af
https://secure.anedot.com/ |
13 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
5cdbb43310334cc
secure.anedot.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1571471038:1695236914:zrKxD901yv2FPET-0yo3cfnQM4h2spwgUGDHNVwSlqc/809cb9e8de0b1ca3/ |
11 KB 8 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/0lnzb/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 000D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
5cdbb43310334cc
secure.anedot.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1571471038:1695236914:zrKxD901yv2FPET-0yo3cfnQM4h2spwgUGDHNVwSlqc/809cb9e8de0b1ca3/ |
2 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
db-t2d-cr-83c
secure.anedot.com/ncpd/ |
65 KB 45 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
secure.anedot.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ |
170 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
challenges.cloudflare.com/turnstile/v0/b/8370c0b3/ |
30 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
404ff442-0e23-4d48-a689-f92be61885d1
https://secure.anedot.com/ |
13 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
d8497aac216c51a
secure.anedot.com/cdn-cgi/challenge-platform/h/b/flow/ov1/890759597:1695236942:as5w8wzcChhn14APiRsZ9FvKYj4OBeoFYXzFcEHiR8I/809cb9fc5e451ca3/ |
11 KB 8 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/zvty0/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 523B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
d8497aac216c51a
secure.anedot.com/cdn-cgi/challenge-platform/h/b/flow/ov1/890759597:1695236942:as5w8wzcChhn14APiRsZ9FvKYj4OBeoFYXzFcEHiR8I/809cb9fc5e451ca3/ |
2 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| _cf_chl_opt function| wcgW6 boolean| IBKMB8 function| MbNea9 function| jGHVAEwMrC function| zYrU9 function| agjqiI2 function| GZBoye4 object| jDLfdO3 function| KDrMq4 object| tWRYCr5 object| turnstile boolean| qdNEnc1 string| YLTzht63 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.anedot.com/ | Name: __cf_bm Value: IQke4ZrJOG7x19O_wZDF_yr.GLzfRG1PrqHA7PxzUL4-1695240777-0-AVUHB25ftxbrPflwMOhx/qNaheprsEN6ioV0GeowYVkpS9jpxAdr2VbdWM6WIIOhATTF7K2bENzKQ6o1qZtIhNw= |
|
secure.anedot.com/ | Name: cf_chl_rc_m Value: 1 |
|
secure.anedot.com/ | Name: cf_chl_2 Value: d8497aac216c51a |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
challenges.cloudflare.com
ncpdgive.org
secure.anedot.com
2606:4700::6811:3b8
2606:4700::6812:eec5
74.118.130.252
18b327d19323b43c372071277b5eb99323c033a50b9c1ebfd72c198da05c66ff
1e090dd6b1fa0da6eb78c308a1c66d0aa719c5e54634e2c8c24726b4d4c97805
20d3823e93288f2fac56d0846845d6d67e10c701ff5425ccb8ab183e821d4c78
3909f8548c1125847c1d9434b37c8d9e5699a13d28bd2b36a94c87c3239e8851
66bc453fba9cfa532412204105ec3e780ed1cd8d37a5cbf5b2b279cd51b801ae
7216f69e4c45cdc9d8d294492e01c23f6ba430b402c32cddc8d0d11f9b209140
80c20fe919ac25b1ed70ac1624d23b6a52ecde05e80f28e8d079b176a1177413
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
b18c9d0550bae229a20243725b5ecccc36cfbe56005951f8b890720bf16c7f7c
c4ff598f6c6e1efdb9372f53583821f719415b7434e964ddc9f34b908cb2f761
e692946463e2101dbf6d6e80a0b7b60e533778e6149640edb644bb97dda20ad7
fb73897dd122a12c82fc1c2c744e31f99e32e239843edec04f5a947e10f565fd