5qfefed.site - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3035::ac43:a8f3, located in United States and belongs to CLOUDFLARENET, US. The main domain is 5qfefed.site.
TLS certificate: Issued by GTS CA 1P5 on February 10th 2024. Valid for: 3 months.

This is the only time 5qfefed.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 8	2606:4700:303... 2606:4700:3035::ac43:a8f3		13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2

8 2606:4700:3035::ac43:a8f3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

5qfefed.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	5qfefed.site 2 redirects 5qfefed.site	18 KB
7	1

	Domain	Requested by
8	5qfefed.site	2 redirects 5qfefed.site
7	1

This site contains no links.

Subject Issuer	Validity	Valid
5qfefed.site GTS CA 1P5	`2024-02-10` - `2024-05-10`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://5qfefed.site/
Frame ID: 4DAACA6B2325CCFA639CF43350D8B39F
Requests: 3 HTTP requests in this frame

Frame: https://5qfefed.site/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Frame ID: AB25E57EEB3E7024B7AF90AD621FB572
Requests: 2 HTTP requests in this frame

Frame: https://5qfefed.site/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Frame ID: D1E51832C63FD67F08E23D224AFBD26F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

https://5qfefed.site/ Page URL
https://5qfefed.site/ Page URL

Page Statistics

7
Requests

57 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

18 kB
Transfer

23 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://5qfefed.site/ Page URL
https://5qfefed.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://5qfefed.site/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://5qfefed.site/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

Request Chain 4

https://5qfefed.site/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://5qfefed.site/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 503 / Show response
5qfefed.site/ 7 KB
8 KB 222ms
111ms Document
text/html 2606:4700:3035::ac43:a8f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5qfefed.site/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a8f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f2939165b9ed56084005084d6f2c4584ec403f1ece11bc0c94a7913ce7ab83b

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 8542d4e8bb3435ec-FRA
content-type: text/html; charset=utf-8
date: Mon, 12 Feb 2024 06:38:57 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x47%2Btj1OXdiSMWcqJTD7a6TKsgJhq1b9gg%2Fap%2BKUzf8OvO14qMijQNaqPL8L8RV7tijdbo1w%2BkOH7CZnNaJFOFiA0MVmOo5jXt0qEp0d1aNWsQ2FlzVnOD2JYmRyFJ2CKmOCuDRgsPlpg70%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

POST
H2 204 /
5qfefed.site/ 0
700 B 86ms
85ms XHR
text/plain 2606:4700:3035::ac43:a8f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5qfefed.site/

Requested by

Host: 5qfefed.site
URL: https://5qfefed.site/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a8f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Fx77ZNJKq4NOdVuOfdNc7paDTU0: B0LXUFYXbGEtC15tlDnn5bNlWs
X-Requested-TimeStamp-Expire
VnkDk5mw2OBLc8iN0CcDwyYklI: 31262235
accept-language: de-DE,de;q=0.9
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination: GET
Content-type: application/x-www-form-urlencoded
X-Requested-Type: GET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Referer: https://5qfefed.site/
X-Requested-with: XMLHttpRequest
X-Requested-TimeStamp

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 06:38:57 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xnRzPzSGeKLpAYGylWfbjcjrT%2FpAP72gxYc3ON0yklQOrnftoFDFu4wz0CkZHZ7wOpPoGcpPriEIoeSUTav%2FwknU95kOuPEgn4gJJ57KszTtfSioybvCWKBR0dLa%2F9%2FWksuOaFLfG7fjkk4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8542d4e9dc1435ec-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
expires: 0

GET
H2

200

main.js
5qfefed.site/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/ Frame AB25
Redirect Chain

https://5qfefed.site/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://5qfefed.site/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

7 KB
4 KB

49ms
48ms

Script
application/javascript

2606:4700:3035::ac43:a8f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5qfefed.site/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

Protocol

H2

Server

2606:4700:3035::ac43:a8f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N70ByflAjI6UgNWE53Fg59B%2F0KyvazBorjcwy05lSMvvaiSRkgdd08sUnb7om4L7muDhDaaBm8ZH2HX7W7X1P6goFEDd5%2Fi7AlFjwUf3cBmViuSoRF2Kn%2FIfz50vPlgP9R1xLWcoFsDjei4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8542d4ea3c6335ec-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 12 Feb 2024 06:38:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QiZ%2FKiaYavuU0j%2BneVzcApJqFc25VjWK805EpKwbn%2BP3UIjjFTFcIyvI7YbBYNOarpXQa9u28g%2FYQqTiH278BPL4CBDUyBjozNl%2Be0bz1O8WKj%2FYnoWkyxwm8YckvaX5c58YR4chcZf4o8Y%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
cache-control: max-age=300, public
cf-ray: 8542d4e9ec2735ec-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 403 Primary Request / Show response
5qfefed.site/ 2 KB
966 B 88ms
87ms Document
text/html 2606:4700:3035::ac43:a8f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5qfefed.site/

Requested by

Host: 5qfefed.site
URL: https://5qfefed.site/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:a8f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58d1d22bc83173b07ceb775d7fa1d5cef20bfcad1a95799aac12441372af4f8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Referer: https://5qfefed.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8542d4ea7ca035ec-FRA
content-encoding: br
content-type: text/html
date: Mon, 12 Feb 2024 06:38:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FArBH9wxpM3RXRUE3IA7d%2FAQDPiHCMSu6xuvPc19OjkXp%2BHOsEUgvw7nOgflSDFZ1F5Mn%2BoiFs641eW%2FyRrX5i4XSlt7NWg2WKOaLsx4ijI9J6GN7hdo%2F8Wnwj%2BfL0Sbxt2PlrcZIemt%2BUQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-xss-protection: 1; mode=block 1; mode=block

POST 8542d4e8bb3435ec
5qfefed.site/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame AB25 0
0

GET
H2

200

main.js Show response
5qfefed.site/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/ Frame D1E5
Redirect Chain

https://5qfefed.site/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://5qfefed.site/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

7 KB
4 KB

46ms
45ms

Script
application/javascript

2606:4700:3035::ac43:a8f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5qfefed.site/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

Protocol

H2

Server

2606:4700:3035::ac43:a8f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e7a09cb6145508151587de87092ac799e28877ab1534e457f322dd3d66d31c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 06:38:57 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S43fxmH1n4Snhugsl0Jr2hOM7XUHQ3VVpuduU32VPAQcC1tiZagRu%2FKXiKbxWK7MeJCVDvjVMDAzLZAZ%2FGgb2DRAf2Ya0pQWf8nZPyyIWwTgWx62rdgwd0vhrgETdMt0oZO%2F%2FCqel%2BG%2FWJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8542d4ebde2d35ec-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 12 Feb 2024 06:38:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IE9Zp9jAwFowQVRr1Um%2BLhDTIcd0Uty%2FcQOqbS%2Ff4936WY94w4lmmUucOy2TIwrcTPdHJ5%2B%2Fe8p68ovZYkixBXR1eF%2BSkEeTEO2hYwaOdLaoTi0uJO3CvVW5uazAB%2FK%2FPwoF1I%2B6LJtYphA%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8542d4eb8df035ec-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 8542d4ea7ca035ec Show response
5qfefed.site/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame D1E5 0
600 B 57ms
57ms XHR
text/plain 2606:4700:3035::ac43:a8f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5qfefed.site/cdn-cgi/challenge-platform/h/b/jsd/r/8542d4ea7ca035ec
Requested by: Host: 5qfefed.site
URL: https://5qfefed.site/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:a8f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Feb 2024 06:38:58 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wc21UslWRjYCkpNy8oULyR5f24JzMCkEaM0WY1U3MHT0rMJF8vfPXO1icZWK8cOqoWQ5W2lRqyd%2B6z3SmLx6jtsploysFjuQcAG16kGlcSczjl2FPwRVI0foxfKnc8AoINTQth8xtFXhjXw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8542d4ecbef435ec-FRA
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 5qfefed.site
URL: https://5qfefed.site/cdn-cgi/challenge-platform/h/b/jsd/r/8542d4e8bb3435ec

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
5qfefed.site/	1970-01-20 18:23:26	Name: YCPgOyXlkshfDmyCpcoh7NMI3mU Value: CGm_KZ-K5r_aLU8SBG7S953GKQg
5qfefed.site/	1970-01-20 18:23:26	Name: U5j-2ZmRMjWCYyW1kHQTbrkw7q4 Value: 1707719897
5qfefed.site/	1970-01-20 18:23:26	Name: 9UvDDqHIgdN7-GV6_Le8TMJodWs Value: 1707806297
5qfefed.site/	1970-01-20 18:23:26	Name: 5Z_TDxop9IgYVGsijCEB4qqvils Value: zNyvGMhUw70bRDk-EW9J2fXCP0k
5qfefed.site/	1970-01-20 18:23:26	Name: _mcnB2EP_7J4LL6fiUs19R5i0yY Value: iBi0lEgrVvn-a_Zp7bwwGT7r_0g
5qfefed.site/	1970-01-20 18:23:26	Name: 3JoeXQYqj38SWNEw3xG3kpXDb6k Value: wK7-6NPWomvVY31N8F_4YhzrIBo
5qfefed.site/	1970-01-20 18:23:26	Name: P3sJh5J7H8qxIUcd__091AK4rhY Value: 1707719937
5qfefed.site/	1970-01-20 18:23:26	Name: nf1AGuYa2NBABiO6oNtyW8xfcRI Value: 1707806337
5qfefed.site/	1970-01-20 18:23:26	Name: OG7dnubhiK0y8HgCKMcSLIGbBvE Value: eqD8XO4mfOKxI-8pnuc4bwZF_K4
5qfefed.site/	1970-01-20 18:23:26	Name: MKSRohG6KXAdJ_S5YBh7O_jPvv8 Value: mzda5enPsCDv1VodENQDyNYGciY
.5qfefed.site/	1970-01-21 03:07:35	Name: cf_clearance Value: 4H7qX4jhoITN796UfUvk9rH4W5xhihGgQitOcO6f4g4-1707719938-1-AZPpHXyO+oPJcfpmf0EbyJFiLTBdyDonmblYfTuecYFRKjS/rBhtVTThsBEgGrFOBPfgg9n/KNNHGx/0JMlCw2M=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://5qfefed.site/#newdomain Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://5qfefed.site/#newdomain Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5qfefed.site
5qfefed.site
2606:4700:3035::ac43:a8f3
1e7a09cb6145508151587de87092ac799e28877ab1534e457f322dd3d66d31c0
58d1d22bc83173b07ceb775d7fa1d5cef20bfcad1a95799aac12441372af4f8b
6f2939165b9ed56084005084d6f2c4584ec403f1ece11bc0c94a7913ce7ab83b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

5qfefed.site Open in urlscan Pro 2606:4700:3035::ac43:a8f3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

7 Requests

57 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

18 kBTransfer

23 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

11 Cookies

2 Console Messages

Security Headers

Indicators

5qfefed.site Open in urlscan Pro
2606:4700:3035::ac43:a8f3 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

57 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

18 kB
Transfer

23 kB
Size

11
Cookies

7 HTTP transactions
0 data transactions