bot.etheron.nl Open in urlscan Pro
172.67.188.241 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bot.etheron.nl/
Effective URL:
https://bot.etheron.nl/
Submission: On April 09 via api (April 9th 2024, 1:45:19 pm UTC) from US — Scanned from NL

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 13 HTTP transactions. The main IP is 172.67.188.241, located in United States and belongs to CLOUDFLARENET, US. The main domain is bot.etheron.nl.
TLS certificate: Issued by E1 on March 30th 2024. Valid for: 3 months.

This is the only time bot.etheron.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	172.67.188.241 172.67.188.241	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.217.18.4 172.217.18.4	15169 (GOOGLE) (GOOGLE)
1	172.67.71.214 172.67.71.214	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
13	6

4 172.67.188.241 (United States)

ASN13335 (CLOUDFLARENET, US)

bot.etheron.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.71.214 (United States)

ASN13335 (CLOUDFLARENET, US)

userfiles.uptimerobot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	google.com www.google.com — Cisco Umbrella Rank: 5	2 KB
4	etheron.nl bot.etheron.nl	7 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 381	121 KB
1	gstatic.com www.gstatic.com	201 KB
1	uptimerobot.com userfiles.uptimerobot.com	5 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 746	31 KB
13	6

	Domain	Requested by
4	www.google.com	bot.etheron.nl www.gstatic.com
4	bot.etheron.nl	bot.etheron.nl
2	cdnjs.cloudflare.com	bot.etheron.nl cdnjs.cloudflare.com
1	www.gstatic.com	www.google.com
1	userfiles.uptimerobot.com	bot.etheron.nl
1	ajax.googleapis.com	bot.etheron.nl
13	6

This site contains no links.

Subject Issuer	Validity	Valid
etheron.nl E1	`2024-03-30` - `2024-06-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
uptimerobot.com E1	`2024-03-09` - `2024-06-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://bot.etheron.nl/
Frame ID: BC3F2201AA73B727BF825CC39F26E557
Requests: 11 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lem3hUnAAAAAEdp_7_5napBhLGpZRDDI5DJYE_Z&co=aHR0cHM6Ly9ib3QuZXRoZXJvbi5ubDo0NDM.&hl=nl&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=p3y01au7d6w6
Frame ID: EBAFE1D9B87610E50C98804845CDB92C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsrKYmAAAAAH1Ikvv-ZG0uqol2BdvS8GAfxeII&co=aHR0cHM6Ly9ib3QuZXRoZXJvbi5ubDo0NDM.&hl=nl&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=5e6huyi6i0t4
Frame ID: 1257E0B186E93EAE0672289F90F90F22
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Etheron Hosting#5223 | Login

Page URL History Show full URLs

http://bot.etheron.nl/ HTTP 307
https://bot.etheron.nl/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

13
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

366 kB
Transfer

815 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bot.etheron.nl/ HTTP 307
https://bot.etheron.nl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
bot.etheron.nl/
Redirect Chain

http://bot.etheron.nl/
https://bot.etheron.nl/

2 KB
1 KB

157ms
76ms

Document
text/html

172.67.188.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bot.etheron.nl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.188.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c66356aba24c230dc4e18c8c9e6c12f2da7577fafa24671d92a4d19e110fa773

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 871aefb2dc3d0a70-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 09 Apr 2024 13:45:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qUeAMyiORx4jEndmFI7J95bqXY1AqLnIXtwiEIk%2B%2BY4dbyS86yCwky1A1nX%2FBYsqZWjBSHTPmQSlkVD1%2BE%2FTEfAtxUwLbImuSBAMNIW9RF0vtRNikSs7KSof32RHhNjMtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express

Redirect headers

Location: https://bot.etheron.nl/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.4/ 88 KB
31 KB 82ms
20ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js

Requested by

Host: bot.etheron.nl
URL: https://bot.etheron.nl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bot.etheron.nl/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 06 Apr 2024 22:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31154
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 03:27:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Apr 2025 22:14:52 GMT

GET
H3 200 errors.css
bot.etheron.nl/css/ 2 KB
1 KB 60ms
59ms Stylesheet
text/css 172.67.188.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bot.etheron.nl/css/errors.css
Requested by: Host: bot.etheron.nl
URL: https://bot.etheron.nl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.188.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e79861f35201e9e26fe33e4bcc196ef52fae697e6f5f07f8c81f303c51c7cbab

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bot.etheron.nl/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 13:45:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 16 Jun 2023 18:45:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"850-188c586f480"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6WvZpQu47yP33KHBemCq1gVc6%2FnNNc1QYOEinszY2Q%2BnIyHfrHWdTBe0X%2Fi67h%2BDHBQJZKeWvR9t7ABollqIdum7EJ4wqoIQ%2BDXmDPr669IDP3yb7UXGREBtSyOZ%2BZxQKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 871aefb36d570a70-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/ 98 KB
17 KB 58ms
28ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css

Requested by

Host: bot.etheron.nl
URL: https://bot.etheron.nl/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://bot.etheron.nl
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 13:45:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1451574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17041
last-modified: Tue, 22 Mar 2022 17:32:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "623a082a-4291"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ZXKjLTyjb4rQO%2BptHHFc0fI4AgIR57jW0L6mt7qTsK2NoGRnts2ku6RIWzhFxYPcYYzHEYQk8M1K75GYGoVQWEXYhTxVlm3FsNCCd54WTNHbvjt9aGN7de6uzD3dVtQzvR2xImY"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 871aefb3898d970d-AMS
expires: Sun, 30 Mar 2025 13:45:13 GMT

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
926 B 187ms
106ms Script
text/javascript 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6Lem3hUnAAAAAEdp_7_5napBhLGpZRDDI5DJYE_Z

Requested by

Host: bot.etheron.nl
URL: https://bot.etheron.nl/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f4.1e100.net

Software

GSE /

Resource Hash

0fae628f72a4ae00ef875102361dd9fd9c01c6aa6b370692edf691a2eb2f74bb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bot.etheron.nl/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 13:45:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 Apr 2024 13:45:13 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
882 B 125ms
44ms Script
text/javascript 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfsrKYmAAAAAH1Ikvv-ZG0uqol2BdvS8GAfxeII

Requested by

Host: bot.etheron.nl
URL: https://bot.etheron.nl/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f4.1e100.net

Software

GSE /

Resource Hash

c2cfaf91829c0a2b31592777fcdad204e419b1c2dba65e6d1c8684ebbc587aa6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bot.etheron.nl/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 13:45:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 09 Apr 2024 13:45:13 GMT

GET
H3 200 index.js Show response
bot.etheron.nl/js/ 482 B
735 B 38ms
38ms Script
application/javascript 172.67.188.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bot.etheron.nl/js/index.js
Requested by: Host: bot.etheron.nl
URL: https://bot.etheron.nl/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.188.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 02ba91887e16f3d891344d1d4526dd83fde64434163c736ac326f5b39a4dd01c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bot.etheron.nl/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 13:45:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 17 Jun 2023 12:18:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"1e2-188c94ae9f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mNJWVO1I2bie9ZTkQ7btFAm%2Fe4sG2Yvn8%2B7DySL%2BwdrsiFLA1VvFOVjPjFutYSkhB67i%2Bx1qgzjOuuATAS3Rq6XHNBYG4F9fCrVmjv1Qq0mVgGHTF3TAe1yyYpMk8kpHaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 871aefb43ed20a70-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 531122-1605292025.png
userfiles.uptimerobot.com/img/ 4 KB
5 KB 145ms
95ms Image
image/png 172.67.71.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userfiles.uptimerobot.com/img/531122-1605292025.png

Requested by

Host: bot.etheron.nl
URL: https://bot.etheron.nl/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.214 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67c5aa55b15feaf29e78e7c1c829e0855882f550c1f110e41dbd16ecf9e6196a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bot.etheron.nl/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 13:45:13 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=86400
content-length: 4442
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 02 Oct 2023 16:36:31 GMT
server: cloudflare
cross-origin-opener-policy: same-origin
etag: "651af18f-115a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nsBjjYXfZqtVPTR2QsoXgKO5ss9zdbvtFIpvWhockX7RK9bIiKHyTxLjjbW8HyG9jkQushIEm28sVORMnENDsZr%2BkpDbHWRlMbq7%2BhTR0vRRNxAxZFy8CICEqWoRRj9SFyZodnrX7KzxtT4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
accept-ranges: bytes
cf-ray: 871aefb3ae10b97b-AMS

GET
H2 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/ 500 KB
201 KB 105ms
33ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6Lem3hUnAAAAAEdp_7_5napBhLGpZRDDI5DJYE_Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b32851c632602843aa7dd7155d58e01e1c4b8171091654935d372d40597eb02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bot.etheron.nl/
Origin: https://bot.etheron.nl
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Apr 2024 17:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592214
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 204795
x-xss-protection: 0
last-modified: Fri, 29 Mar 2024 04:30:36 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Apr 2025 17:14:59 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/webfonts/ 103 KB
104 KB 23ms
23ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

404c746c8f7e3f9b7611a8f23d908c1a32a5c972236b9d89bb68b05d9bf4b905

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css
Origin: https://bot.etheron.nl
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 13:45:13 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1518555
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 105536
last-modified: Tue, 22 Mar 2022 17:32:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "623a082a-19c40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wbLa6G%2BGomOcFgM2TfEImCPCihIlaxMlxpDHzfc0kQ408pXYfwREpQ0YBwD69jV5kLcJrZ3p4RxjlEdLH9Tw%2Fx2qRoWZ1FdbrmsyQJjlNVYALg4A4B9S4FSD9JItPirJjYqFsjvE"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 871aefb49b07970d-AMS
expires: Sun, 30 Mar 2025 13:45:13 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame EBAF 0
0 121ms
47ms Document
text/html 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lem3hUnAAAAAEdp_7_5napBhLGpZRDDI5DJYE_Z&co=aHR0cHM6Ly9ib3QuZXRoZXJvbi5ubDo0NDM.&hl=nl&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=p3y01au7d6w6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v9CfCY3ajgXYioQIFppzZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bot.etheron.nl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-v9CfCY3ajgXYioQIFppzZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 09 Apr 2024 13:45:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 1257 0
0 107ms
35ms Document
text/html 172.217.18.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfsrKYmAAAAAH1Ikvv-ZG0uqol2BdvS8GAfxeII&co=aHR0cHM6Ly9ib3QuZXRoZXJvbi5ubDo0NDM.&hl=nl&v=rz4DvU-cY2JYCwHSTck0_qm-&size=invisible&cb=5e6huyi6i0t4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rz4DvU-cY2JYCwHSTck0_qm-/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AiGbTf7OocPl1uRrth3g3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bot.etheron.nl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-AiGbTf7OocPl1uRrth3g3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 09 Apr 2024 13:45:14 GMT
expires: Tue, 09 Apr 2024 13:45:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 favicon.ico
bot.etheron.nl/html/ 15 KB
4 KB 53ms
53ms Other
image/x-icon 172.67.188.241
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bot.etheron.nl/html/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.188.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5f9b30297c11370708b283b549be1cb095fc488db3181eb8f52433e598d933f4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://bot.etheron.nl/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 13:45:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 14 Jun 2023 07:50:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"3c2e-188b8e21bb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2koFynYCdvVj1jI6Wev3qqLJ24Tn1pUBngYVPQ5mHwpwPfGyXoYnjwnmOT7V31yRzEJg4qSQVt9wNT%2F6VmSe%2FobLU7W5iXMuv7D7BriuD%2F92ZiEYKjAuxWQm5B%2BCvdNLLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: public, max-age=14400
cf-ray: 871aefb91ea60a70-AMS
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bot.etheron.nl
cdnjs.cloudflare.com
userfiles.uptimerobot.com
www.google.com
www.gstatic.com
104.17.24.14
172.217.18.4
172.67.188.241
172.67.71.214
2a00:1450:4001:81c::2003
2a00:1450:4001:828::200a
02ba91887e16f3d891344d1d4526dd83fde64434163c736ac326f5b39a4dd01c
0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed
0fae628f72a4ae00ef875102361dd9fd9c01c6aa6b370692edf691a2eb2f74bb
404c746c8f7e3f9b7611a8f23d908c1a32a5c972236b9d89bb68b05d9bf4b905
5f9b30297c11370708b283b549be1cb095fc488db3181eb8f52433e598d933f4
67c5aa55b15feaf29e78e7c1c829e0855882f550c1f110e41dbd16ecf9e6196a
6b32851c632602843aa7dd7155d58e01e1c4b8171091654935d372d40597eb02
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
c2cfaf91829c0a2b31592777fcdad204e419b1c2dba65e6d1c8684ebbc587aa6
c66356aba24c230dc4e18c8c9e6c12f2da7577fafa24671d92a4d19e110fa773
e79861f35201e9e26fe33e4bcc196ef52fae697e6f5f07f8c81f303c51c7cbab

bot.etheron.nl Open in urlscan Pro 172.67.188.241 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

33 %IPv6

6 Domains

6 Subdomains

6 IPs

3 Countries

366 kBTransfer

815 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

0 Cookies

Indicators

bot.etheron.nl Open in urlscan Pro
172.67.188.241 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

366 kB
Transfer

815 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions