secure.anedot.com Open in urlscan Pro
2606:4700::6812:eec5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ncpdgive.org/r.wr?id=kjh425h9
Effective URL:
https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033
Submission: On September 20 via manual (September 20th 2023, 8:13:01 pm UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700::6812:eec5, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.anedot.com. The Cisco Umbrella rank of the primary domain is 853527.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 14th 2023. Valid for: a year.

This is the only time secure.anedot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	74.118.130.252 74.118.130.252	4886 (LIFECORPO...) (LIFECORPORATION)
8	2606:4700::68... 2606:4700::6812:eec5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:3b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	3

1 74.118.130.252 (United States) 1 redirects

ASN4886 (LIFECORPORATION, US)
PTR: host252.lifecorp.com

ncpdgive.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:eec5 (United States)

ASN13335 (CLOUDFLARENET, US)

secure.anedot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:3b8 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	anedot.com secure.anedot.com — Cisco Umbrella Rank: 853527	227 KB
4	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 5309	21 KB
1	ncpdgive.org 1 redirects ncpdgive.org	348 B
14	3

	Domain	Requested by
8	secure.anedot.com	secure.anedot.com
4	challenges.cloudflare.com	secure.anedot.com challenges.cloudflare.com
1	ncpdgive.org	1 redirects
14	3

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-14` - `2024-07-13`	a year	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2023-08-18` - `2024-08-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033
Frame ID: 6F60A666C3CFFC4422410D05C4AA437B
Requests: 16 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/0lnzb/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 000D84EFCD71001F3AC16E769BF83B19
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/zvty0/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 523B1603312CE6701775871F126ADE3D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

One more step

Page URL History Show full URLs

https://ncpdgive.org/r.wr?id=kjh425h9 HTTP 302
https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033 Page URL
https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033 Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

86 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

299 kB
Transfer

603 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ncpdgive.org/r.wr?id=kjh425h9 HTTP 302
https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033 Page URL
https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://ncpdgive.org/r.wr?id=kjh425h9 HTTP 302
https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033

14 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

403

db-t2d-cr-83c Show response
secure.anedot.com/ncpd/
Redirect Chain

https://ncpdgive.org/r.wr?id=kjh425h9
https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033

65 KB
46 KB

77ms
30ms

Document
text/html

2606:4700::6812:eec5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eec5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7216f69e4c45cdc9d8d294492e01c23f6ba430b402c32cddc8d0d11f9b209140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 809cb9e8de0b1ca3-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Wed, 20 Sep 2023 20:12:57 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
Content-Type: text/html
Date: Wed, 20 Sep 2023 20:12:56 GMT
Location: https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033
Machine-Name: web5
Server: Microsoft-IIS/10.0
X-Content-Type-Options1: nosniff

GET
H2 200 v1 Show response
secure.anedot.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 167 KB
57 KB 27ms
27ms Script
application/javascript 2606:4700::6812:eec5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.anedot.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=809cb9e8de0b1ca3

Requested by

Host: secure.anedot.com
URL: https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eec5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb73897dd122a12c82fc1c2c744e31f99e32e239843edec04f5a947e10f565fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033&__cf_chl_rt_tk=YtWeabJWkDV0YaCbsah8jQUoQm19oA1f53CUpiRbcbE-1695240777-0-gaNycGzNDDs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:12:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 809cb9e94ecb1ca3-FRA

GET
DATA 200
OK truncated
/ 13 KB
13 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e090dd6b1fa0da6eb78c308a1c66d0aa719c5e54634e2c8c24726b4d4c97805

Request headers

Referer
Origin: https://secure.anedot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 13 KB
13 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18b327d19323b43c372071277b5eb99323c033a50b9c1ebfd72c198da05c66ff

Request headers

Referer
Origin: https://secure.anedot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/8370c0b3/ 30 KB
11 KB 69ms
49ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/8370c0b3/api.js?onload=wcgW6&render=explicit
Requested by: Host: secure.anedot.com
URL: https://secure.anedot.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=809cb9e8de0b1ca3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3909f8548c1125847c1d9434b37c8d9e5699a13d28bd2b36a94c87c3239e8851

Request headers

Referer
Origin: https://secure.anedot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:12:57 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 809cb9e9a88f902e-FRA
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 9705772f-ab54-469a-902a-b984931236af
https://secure.anedot.com/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.anedot.com/9705772f-ab54-469a-902a-b984931236af
Requested by: Host: secure.anedot.com
URL: https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H2 200 5cdbb43310334cc Show response
secure.anedot.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1571471038:1695236914:zrKxD901yv2FPET-0yo3cfnQM4h2spwgUGDHNVwSlqc/809cb9e8de0b1ca3/ 11 KB
8 KB 33ms
32ms XHR
text/plain 2606:4700::6812:eec5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.anedot.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1571471038:1695236914:zrKxD901yv2FPET-0yo3cfnQM4h2spwgUGDHNVwSlqc/809cb9e8de0b1ca3/5cdbb43310334cc

Requested by

Host: secure.anedot.com
URL: https://secure.anedot.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=809cb9e8de0b1ca3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eec5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80c20fe919ac25b1ed70ac1624d23b6a52ecde05e80f28e8d079b176a1177413

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
CF-Challenge: 5cdbb43310334cc
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 20 Sep 2023 20:12:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 809cb9ea48711ca3-FRA
cf-chl-gen: /IzX8O07pTeyMmicW96CrLJOG/BLqHf4Drj+0CAs6zL5VBulVApWJEHD27SeZ1U8$6qvjGcNqQiBPQf9UganmWA==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/0lnzb/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 000D 0
0 40ms
25ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/0lnzb/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/8370c0b3/api.js?onload=wcgW6&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 809cb9eac9318ffb-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 20 Sep 2023 20:12:57 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H2 200 5cdbb43310334cc Show response
secure.anedot.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1571471038:1695236914:zrKxD901yv2FPET-0yo3cfnQM4h2spwgUGDHNVwSlqc/809cb9e8de0b1ca3/ 2 KB
2 KB 33ms
33ms XHR
text/html 2606:4700::6812:eec5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.anedot.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1571471038:1695236914:zrKxD901yv2FPET-0yo3cfnQM4h2spwgUGDHNVwSlqc/809cb9e8de0b1ca3/5cdbb43310334cc

Requested by

Host: secure.anedot.com
URL: https://secure.anedot.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=809cb9e8de0b1ca3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eec5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4ff598f6c6e1efdb9372f53583821f719415b7434e964ddc9f34b908cb2f761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
CF-Challenge: 5cdbb43310334cc
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: JLSq/mC9ekZLZVScCJJcTDccZzf+FVAv+6VkMTSfpPBSd36V5RXrx42UZ32aHpB3kySm2y9w5qSPhu6OSCn3Zj5Kp+5Phnja4L5jXRrOYyE=$m1ANbNkVUGmdIJNjy+Mywg==
cf-chl-out-s: h6ICndA+ENji6N1cSexOadr5S8ca8h3uGgigjDEBEVbLcTz/EOYJ0qG2MXbyhQ2ZGR6kPDzkRQAiji3rriYWZRYAK7fFHqUbXyVU6+ceE3PQBDpYGwf079rX//pKSNZxavik6jIqr0xlFE5tVp1Z7EdVXLfZ5SSn5TzSzgF4jqEmBS4nWR/KICxNKhJ8sJp83xoAz4vN+uEUrY338vVj5EE/Ncxfyev4OzwS5KyswycWr6K0srzpsR3BsE4Ph9UZ$QT1qZ1oLi0lYlygkDl7d3g==
date: Wed, 20 Sep 2023 20:12:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/html; charset=UTF-8
cf-ray: 809cb9ec9c1e1ca3-FRA

GET
H2 403 Primary Request db-t2d-cr-83c Show response
secure.anedot.com/ncpd/ 65 KB
45 KB 23ms
22ms Document
text/html 2606:4700::6812:eec5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033

Requested by

Host: secure.anedot.com
URL: https://secure.anedot.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=809cb9e8de0b1ca3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eec5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20d3823e93288f2fac56d0846845d6d67e10c701ff5425ccb8ab183e821d4c78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 809cb9fc5e451ca3-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Wed, 20 Sep 2023 20:13:00 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 v1 Show response
secure.anedot.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 170 KB
59 KB 26ms
26ms Script
application/javascript 2606:4700::6812:eec5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.anedot.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=809cb9fc5e451ca3

Requested by

Host: secure.anedot.com
URL: https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eec5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b18c9d0550bae229a20243725b5ecccc36cfbe56005951f8b890720bf16c7f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033&__cf_chl_rt_tk=6xWABbMRk.pabs058IfqW6vacOlk6axb2vThY_Af_fs-1695240780-0-gaNycGzNC9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:13:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 809cb9fc9eaa1ca3-FRA

GET
DATA 200
OK truncated
/ 13 KB
13 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e090dd6b1fa0da6eb78c308a1c66d0aa719c5e54634e2c8c24726b4d4c97805

Request headers

Referer
Origin: https://secure.anedot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 13 KB
13 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18b327d19323b43c372071277b5eb99323c033a50b9c1ebfd72c198da05c66ff

Request headers

Referer
Origin: https://secure.anedot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/8370c0b3/ 30 KB
11 KB 65ms
64ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/8370c0b3/api.js?onload=wcgW6&render=explicit
Requested by: Host: secure.anedot.com
URL: https://secure.anedot.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=809cb9fc5e451ca3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3909f8548c1125847c1d9434b37c8d9e5699a13d28bd2b36a94c87c3239e8851

Request headers

Referer
Origin: https://secure.anedot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 20:13:00 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 809cb9fcfa0c902e-FRA
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 404ff442-0e23-4d48-a689-f92be61885d1
https://secure.anedot.com/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://secure.anedot.com/404ff442-0e23-4d48-a689-f92be61885d1
Requested by: Host: secure.anedot.com
URL: https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H2 200 d8497aac216c51a Show response
secure.anedot.com/cdn-cgi/challenge-platform/h/b/flow/ov1/890759597:1695236942:as5w8wzcChhn14APiRsZ9FvKYj4OBeoFYXzFcEHiR8I/809cb9fc5e451ca3/ 11 KB
8 KB 32ms
31ms XHR
text/plain 2606:4700::6812:eec5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.anedot.com/cdn-cgi/challenge-platform/h/b/flow/ov1/890759597:1695236942:as5w8wzcChhn14APiRsZ9FvKYj4OBeoFYXzFcEHiR8I/809cb9fc5e451ca3/d8497aac216c51a

Requested by

Host: secure.anedot.com
URL: https://secure.anedot.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=809cb9fc5e451ca3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eec5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e692946463e2101dbf6d6e80a0b7b60e533778e6149640edb644bb97dda20ad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
CF-Challenge: d8497aac216c51a
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 20 Sep 2023 20:13:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 809cb9fd88211ca3-FRA
cf-chl-gen: cR1EoUj967EdQ/6q6JgBrKb7VGqniGul6HGmyGCuGTT6s1ltt4UBcINZcq1m76ES$1qEgkxBxn9Piea8A2le49w==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/zvty0/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 523B 0
0 19ms
19ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/zvty0/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/8370c0b3/api.js?onload=wcgW6&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 809cb9fddd518ffb-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 20 Sep 2023 20:13:00 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H2 200 d8497aac216c51a Show response
secure.anedot.com/cdn-cgi/challenge-platform/h/b/flow/ov1/890759597:1695236942:as5w8wzcChhn14APiRsZ9FvKYj4OBeoFYXzFcEHiR8I/809cb9fc5e451ca3/ 2 KB
2 KB 32ms
32ms XHR
text/html 2606:4700::6812:eec5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.anedot.com/cdn-cgi/challenge-platform/h/b/flow/ov1/890759597:1695236942:as5w8wzcChhn14APiRsZ9FvKYj4OBeoFYXzFcEHiR8I/809cb9fc5e451ca3/d8497aac216c51a

Requested by

Host: secure.anedot.com
URL: https://secure.anedot.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=809cb9fc5e451ca3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eec5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66bc453fba9cfa532412204105ec3e780ed1cd8d37a5cbf5b2b279cd51b801ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
CF-Challenge: d8497aac216c51a
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: 0p4veM6ro9nYNEFx2szKtTt1p9bx09kJCMF7WRwkSMpMG5JdgvcLXgdjrDwmt0nKoFun7MIhmxU+anceRYk3Onv16d/9oBOaO9ZJKzVhuQw=$eWHLpmT+uuIuGjgXGrmCmw==
cf-chl-out-s: gRuvWdAybmo74rl7ZRcpzjrfXpcNTmjYVruOewSqHzh5suLzQCUWzpCmOqZ16zgw9efFK2i26WPD26r2nXkv6c9yFGIcezJ6wkK/1OkNs7Fp5MlTR2xuGVSk4NfiTTC580ga+Kj9Op7huOHo3+a/X4Zn4rvMV/pdMf5YwotqhJwCfCYp8TQEbguDOOwOXX4q1TzFLGq1zBgQId21/JVyYEOClNnR0UbsGsaFT7FUYSKm3Jv64Sn2QdTUyK+S+5ER$Knt+JO0jyKFvIfgDunkAbA==
date: Wed, 20 Sep 2023 20:13:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/html; charset=UTF-8
cf-ray: 809cb9ffebe01ca3-FRA

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.anedot.com/	1970-01-20 14:54:02	Name: __cf_bm Value: IQke4ZrJOG7x19O_wZDF_yr.GLzfRG1PrqHA7PxzUL4-1695240777-0-AVUHB25ftxbrPflwMOhx/qNaheprsEN6ioV0GeowYVkpS9jpxAdr2VbdWM6WIIOhATTF7K2bENzKQ6o1qZtIhNw=
secure.anedot.com/	1970-01-20 14:54:04	Name: cf_chl_rc_m Value: 1
secure.anedot.com/	1970-01-20 14:54:04	Name: cf_chl_2 Value: d8497aac216c51a

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033 Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://secure.anedot.com/ncpd/db-t2d-cr-83c?source_code=db-ncpd-cr83-033 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
ncpdgive.org
secure.anedot.com
2606:4700::6811:3b8
2606:4700::6812:eec5
74.118.130.252
18b327d19323b43c372071277b5eb99323c033a50b9c1ebfd72c198da05c66ff
1e090dd6b1fa0da6eb78c308a1c66d0aa719c5e54634e2c8c24726b4d4c97805
20d3823e93288f2fac56d0846845d6d67e10c701ff5425ccb8ab183e821d4c78
3909f8548c1125847c1d9434b37c8d9e5699a13d28bd2b36a94c87c3239e8851
66bc453fba9cfa532412204105ec3e780ed1cd8d37a5cbf5b2b279cd51b801ae
7216f69e4c45cdc9d8d294492e01c23f6ba430b402c32cddc8d0d11f9b209140
80c20fe919ac25b1ed70ac1624d23b6a52ecde05e80f28e8d079b176a1177413
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
b18c9d0550bae229a20243725b5ecccc36cfbe56005951f8b890720bf16c7f7c
c4ff598f6c6e1efdb9372f53583821f719415b7434e964ddc9f34b908cb2f761
e692946463e2101dbf6d6e80a0b7b60e533778e6149640edb644bb97dda20ad7
fb73897dd122a12c82fc1c2c744e31f99e32e239843edec04f5a947e10f565fd

secure.anedot.com Open in urlscan Pro 2606:4700::6812:eec5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

86 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

299 kBTransfer

603 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

3 Cookies

6 Console Messages

Security Headers

Indicators

secure.anedot.com Open in urlscan Pro
2606:4700::6812:eec5 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

86 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

299 kB
Transfer

603 kB
Size

3
Cookies

14 HTTP transactions
4 data transactions