news.pathom.su Open in urlscan Pro
2606:4700:20::681a:8ba Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://occupynorwich.org/Smart/IGdpbydqZ0AnaWQtLQ==
Effective URL:
https://news.pathom.su/M
Submission: On March 15 via manual (March 15th 2023, 8:44:14 am UTC) from IT — Scanned from IT

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700:20::681a:8ba, located in United States and belongs to CLOUDFLARENET, US. The main domain is news.pathom.su.
TLS certificate: Issued by GTS CA 1P5 on February 24th 2023. Valid for: 3 months.

This is the only time news.pathom.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	66.70.229.148 66.70.229.148	16276 (OVH) (OVH)
7	2606:4700:20:... 2606:4700:20::681a:8ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2606:4700::68... 2606:4700::6812:7b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2

1 66.70.229.148 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ip148.ip-66-70-229.net

occupynorwich.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:8ba (United States)

ASN13335 (CLOUDFLARENET, US)

news.pathom.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:7b9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 5237	117 KB
7	pathom.su news.pathom.su	119 KB
1	occupynorwich.org 1 redirects occupynorwich.org	283 B
14	3

	Domain	Requested by
8	challenges.cloudflare.com	1 redirects news.pathom.su challenges.cloudflare.com
7	news.pathom.su	news.pathom.su
1	occupynorwich.org	1 redirects
14	3

This site contains no links.

Subject Issuer	Validity	Valid
*.pathom.su GTS CA 1P5	`2023-02-24` - `2023-05-25`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://news.pathom.su/M
Frame ID: F365E6863952137DE618613EF66E9BAB
Requests: 8 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/2aeoe/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 76F4234D37143501EFB5162565548375
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loading...

Page URL History Show full URLs

https://occupynorwich.org/Smart/IGdpbydqZ0AnaWQtLQ== HTTP 302
https://news.pathom.su/M Page URL

Page Statistics

14
Requests

93 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

236 kB
Transfer

513 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://occupynorwich.org/Smart/IGdpbydqZ0AnaWQtLQ== HTTP 302
https://news.pathom.su/M Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
https://challenges.cloudflare.com/turnstile/v0/b/78289926/api.js?onload=_cf_chl_turnstile_l&render=explicit

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

403

Primary Request M Show response
news.pathom.su/
Redirect Chain

https://occupynorwich.org/Smart/IGdpbydqZ0AnaWQtLQ==
https://news.pathom.su/M

7 KB
5 KB

92ms
24ms

Document
text/html

2606:4700:20::681a:8ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://news.pathom.su/M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f0d9078c570b426e0be4dd16fdcf79bcaba44df36398bd649cb840d65b7fbe2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7a837913fd1cbaeb-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Wed, 15 Mar 2023 08:44:10 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2BrAizPqKPPHjRuHWeDPqsuygJZLycB9vA562CNV7TYuVGVPeKTaeUWAHT3vizGa4SPl4RB8NjAY%2FxJUNj5paSFysRVVLDhAQCsDE00p152Gj4y3J5uO0ItJDTYi%2FRbP1CzAZ0r%2FCcwFMSa"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

Connection: Keep-Alive
Content-Encoding: br
Content-Length: 54
Content-Type: text/html; charset=UTF-8
Date: Wed, 15 Mar 2023 08:44:09 GMT
Keep-Alive: timeout=3, max=100
Location: https://news.pathom.su/M
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H2 200 v1 Show response
news.pathom.su/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ 150 KB
54 KB 33ms
32ms Script
application/javascript 2606:4700:20::681a:8ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news.pathom.su/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7a837913fd1cbaeb
Requested by: Host: news.pathom.su
URL: https://news.pathom.su/M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df643e6724f0fe5f41d4883a9f84effaa8135f8a880ba00b8397f1b0c59e0aea

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://news.pathom.su/M?__cf_chl_rt_tk=nVFcuK.uhGG1vB5.FdA6dr3Qy017QVpH9c_q4CYtqVs-1678869850-0-gaNycGzNCbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 08:44:10 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCpqxD57YxWU9DFJNB%2BYQ39KHkEtXGk56vpvVlloTgTsWfQMtu5T%2FT7wdDCXnSzQt9IPhBjC09L0mJglYzasLFRahAtd36Zse4AZyIZH58guXGF8i5sZU5NoEFj8gD1GbygBYAmMKXzGPyUZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 7a837914df21baeb-MXP

GET
H2 200 transparent.gif
news.pathom.su/cdn-cgi/images/trace/managed/js/ 42 B
219 B 18ms
18ms Image
image/gif 2606:4700:20::681a:8ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.pathom.su/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7a837913fd1cbaeb

Requested by

Host: news.pathom.su
URL: https://news.pathom.su/M?__cf_chl_rt_tk=nVFcuK.uhGG1vB5.FdA6dr3Qy017QVpH9c_q4CYtqVs-1678869850-0-gaNycGzNCbs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:8ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://news.pathom.su/M?__cf_chl_rt_tk=nVFcuK.uhGG1vB5.FdA6dr3Qy017QVpH9c_q4CYtqVs-1678869850-0-gaNycGzNCbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 08:44:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 22:56:11 GMT
server: cloudflare
etag: "6407c10b-2a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 7a837914df24baeb-MXP
content-length: 42
expires: Wed, 15 Mar 2023 10:44:10 GMT

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/b/78289926/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
https://challenges.cloudflare.com/turnstile/v0/b/78289926/api.js?onload=_cf_chl_turnstile_l&render=explicit

14 KB
5 KB

47ms
46ms

Script
application/javascript

2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/78289926/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by: Host: news.pathom.su
URL: https://news.pathom.su/M
Protocol: H2
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3987d36c0215af10ae03c644e5d8cb500b98e238e2be5cd06002287e198dab70

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 08:44:10 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7a837915aec9ba9f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Wed, 15 Mar 2023 08:44:10 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /turnstile/v0/b/78289926/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control: max-age=300, public
cf-ray: 7a8379157e42ba9f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 e0b1194ecd8ce1b Show response
news.pathom.su/cdn-cgi/challenge-platform/h/b/flow/ov1/296879082:1678867659:NSRYRrsYjnYfUfn6hwYE222DL-vsv5AE1YQ-lXggXxk/7a837913fd1cbaeb/ 91 KB
55 KB 73ms
73ms XHR
text/plain 2606:4700:20::681a:8ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news.pathom.su/cdn-cgi/challenge-platform/h/b/flow/ov1/296879082:1678867659:NSRYRrsYjnYfUfn6hwYE222DL-vsv5AE1YQ-lXggXxk/7a837913fd1cbaeb/e0b1194ecd8ce1b
Requested by: Host: news.pathom.su
URL: https://news.pathom.su/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7a837913fd1cbaeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1faf2153e9452e20cdd3295f086111a0e3ff61bf194f87aa9577c533d4cc1722

Request headers

Referer: https://news.pathom.su/M
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: e0b1194ecd8ce1b
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Mar 2023 08:44:10 GMT
content-encoding: br
cf_chl_gen: TNTW3JktmrxYb8ZFHticsgqz2riyfh0rkTRh+d5Z+TVEOeRLVls3joZjc1nTh/3fCbV5gkqMwStPZqYnWOj/bQreU0BWQKAANxvjT6228WxEaqCqNOM9LXNdTP4op3IqduNRK8TQgyQWWlwh0N31Q8mLVgRwkSkqGIXkaEPP7wrVw05ECwkBDr/2RT5LOQqcskAkrWtJ7v22bN/Zw7VHbxF0zp29jDeL0fMM7pVRSgwv1Pd8mGKtgX3GhbX73chQuADy1qltd0T4lspmlPoUesh4n98OlYTxROE6JflOjBSrWOH0KVXsDy7Vth8yQHEU7T3blAcnMnZVvEnTGoQ+7wyqbmQHd9SXFfUKccOYN5AWMH0R04bmv8vpngU+FTcyOXttwEBoryB/JH98GjYfLQR9klgObj92SFfAINuXo5U=$Kmwzq2cE/EjnSlBbJeUuYQ==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FxY8ZTl2ou3DhxJ0Amjpq%2B9F9Qf6yB5k4q1v1JqOa%2BI6MTAc6jfPgKKAZqL8d5P3ZkDonSQG6cshNY%2BBru3Ozg8OsaRONJUqGcCKOtm6zIe3pXTmlCbRK5fUb88dn0RB%2BkpeA6CHsgCS8EI"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7a837915e996baeb-MXP

GET
H2 401 99BTFmrCjL-Sf-s Show response
news.pathom.su/cdn-cgi/challenge-platform/h/b/pat/7a837913fd1cbaeb/1678869850565/e5fdd0cb9ed7e9f3591380d27d04477697e5ca851ac7c2158526ec486a8eea24/ 1 B
765 B 30ms
29ms Fetch
text/plain 2606:4700:20::681a:8ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news.pathom.su/cdn-cgi/challenge-platform/h/b/pat/7a837913fd1cbaeb/1678869850565/e5fdd0cb9ed7e9f3591380d27d04477697e5ca851ac7c2158526ec486a8eea24/99BTFmrCjL-Sf-s
Requested by: Host: news.pathom.su
URL: https://news.pathom.su/M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://news.pathom.su/M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 08:44:10 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g5f3Qy57X6fNZE4DSfQRHdpflyoUax8IVhSbsSGqO6iQADm5ld3MucGF0aG9tLnN1, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtK0fk8UgMasGK5V3T5wY7a3bUfa1Tk6cfuSReEDBgmTTk9fqUKZ-Ggt5F9FJ1uwqd0HYxixLl_RWXjBIvYJnQjOCdgocx_dtJX0HUsbnXCfqiYpIeSJFIKo1OEB2qE6Mo-yf5bNei97DT30-L3tp35JZNiva27hJ33lDc2DpBThSZJkQZOEUC0eIGteS9GpzKKOgBXDnY5uLmewDUWxRf75KVl_4xp4DYxyd6UHynCTcPH5J0UDGeGdnEK-l2On9Kao1M5xzKjKwaqHnc1XEcYw_43MSrFs8wlezfFYJE7k6y2acgGfGHmI9KKCy8EuyXzknUdo8saMec8jSdaf0rQIDAQAB, max-age=20
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a837918afd6baeb-MXP
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5UOWTmRsC9m%2BjaF%2BLbL2da25xdkQH1%2BnkuD7pFaz5V53uxSMHdpWaoboPtcGDKgTLBFYBu48LSyKGoDR85dhU0mBr4N5%2F%2BuKgeT5orNA%2FsJSm3ybrdTM6bZk42CLcOlFR8DTOKZTgIOF2lVH"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 oNTmLY4ZAH6qf42
news.pathom.su/cdn-cgi/challenge-platform/h/b/img/7a837913fd1cbaeb/1678869850575/ 61 B
366 B 29ms
28ms Image
image/png 2606:4700:20::681a:8ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.pathom.su/cdn-cgi/challenge-platform/h/b/img/7a837913fd1cbaeb/1678869850575/oNTmLY4ZAH6qf42
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76a73774b64e152e561efb0299433eb3f06c4612d107d7306024ab50e04c261a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://news.pathom.su/M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 08:44:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a83791aad70baeb-MXP
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48%2FdT%2BLo0hx3tu%2BjXx7ee8piiIg9hAxXTf%2FayLoLlfwGK8dT3qoxwaAeQf%2FS3pSmbHVevNFh4IdljGNmQCYwrn4UDPJc8YyS4dSluWllwf6D%2BtrzbuKFpaKvuEBL%2B7vf2U2eAxAfym7Ogzoo"}],"group":"cf-nel","max_age":604800}
content-type: image/png

POST
H2 200 e0b1194ecd8ce1b Show response
news.pathom.su/cdn-cgi/challenge-platform/h/b/flow/ov1/296879082:1678867659:NSRYRrsYjnYfUfn6hwYE222DL-vsv5AE1YQ-lXggXxk/7a837913fd1cbaeb/ 5 KB
4 KB 78ms
77ms XHR
text/plain 2606:4700:20::681a:8ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://news.pathom.su/cdn-cgi/challenge-platform/h/b/flow/ov1/296879082:1678867659:NSRYRrsYjnYfUfn6hwYE222DL-vsv5AE1YQ-lXggXxk/7a837913fd1cbaeb/e0b1194ecd8ce1b
Requested by: Host: news.pathom.su
URL: https://news.pathom.su/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7a837913fd1cbaeb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfce29e72c027c9f09f36dcec16a4d32b874855faad167c3279085c8431b9135

Request headers

Referer: https://news.pathom.su/M
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: e0b1194ecd8ce1b
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Mar 2023 08:44:11 GMT
content-encoding: br
cf_chl_gen: umHy16ts/vUrpbg9sZ188wKy26UBOj97aYUutKdB2Tm0beN2fb3H03M7XZGR/ek3$jaGveTTEeBZWT08T2m67iA==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SqsWR2cmagjKIvJrHTe32KGtbTEN0NpqG3XA%2BSHC0pfxNdj9TC8PeZ%2BQORKFA1uYDsU73LgudIc7YzxgFZ%2FTBkB3fbVdchm%2FSJOzejep6VD9aIE83RCqdfKEauYG6Z414vb3kUBFEmDCPnH"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7a83791bafdbbaeb-MXP

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/2aeoe/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 76F4 21 KB
7 KB 49ms
30ms Document
text/html 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/2aeoe/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e08152d3f9c666e747b60f6851e00a7cb350baf3fec18d7a45f2658d897fa6b7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7a83791c4bfe59a7-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 08:44:11 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 76F4 149 KB
54 KB 27ms
27ms Script
application/javascript 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7a83791c4bfe59a7
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/2aeoe/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 238e9da68f415b7953da7f8831f3ffcc4211a8f032198c9b915f4be738285b40

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/2aeoe/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 08:44:11 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7a83791cdd0159a7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

POST
H3 200 04d9c2d44cc162f Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1009530727:1678867815:U630YkfXTi11MJ7QR4NYdJtcuA8U3aGvbMSw_zQPhNM/7a83791c4bfe59a7/ Frame 76F4 64 KB
41 KB 65ms
64ms XHR
text/plain 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1009530727:1678867815:U630YkfXTi11MJ7QR4NYdJtcuA8U3aGvbMSw_zQPhNM/7a83791c4bfe59a7/04d9c2d44cc162f
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7a83791c4bfe59a7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cde29364d6a24672ae6bc154315877224082e8819a40b714ce38ace17b1f7b8

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/2aeoe/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: 04d9c2d44cc162f
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Mar 2023 08:44:11 GMT
content-encoding: br
cf_chl_gen: qn7gULuS8s1c9rqDJzESz2kpengGXKXdqM6q23i3kpB4qLRUj1XIXhBNZz3UvyrtNlmZElB07u0hTpp2xGDnxD/bMaSLiUAsMg1tvpVI1Z0++379yOmRvT68fI3DgtiIbCGeuB/2gDSlhPlNJPWc3Wg24goImA8RcPoYkEcp54lTbFKZuJapqKnhi+vIpYMjjloCjStrIf0+wknB8ssEWXXvOb4hGzUp4UCK5907j52CAEkTUluzxx7gmuChdV4z6R8llqm4IKN2kmaeSEzGtOtxvYmi0/RYFskJ9RKkcUhvZoCfZWhc1QpsPkK/I63LLUSSnKRq5FgeaFhoI6FtHb2pyMS60Svz+VIdQs7UZwtrjV2qE0cJznj/h04h8uzQRF5z142VlUqPe+D3g6PknXpVTfwnPmIdp0/HdHy6REPWhQfuwaPXt1HMiXclxkDP$mbGe5nkMVvA44LEDz+k8Gg==
server: cloudflare
cf-ray: 7a83791dff5a59a7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 oAwfLTRW4ghOl7M
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7a83791c4bfe59a7/1678869851856/ Frame 76F4 61 B
166 B 24ms
23ms Image
image/png 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7a83791c4bfe59a7/1678869851856/oAwfLTRW4ghOl7M
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd538e024adce1c0a6b429970ef6943bf5ef226ee340d47de3a407c7e141adf3

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/2aeoe/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 08:44:12 GMT
server: cloudflare
cf-ray: 7a837923bc1f59a7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/png

GET
H3 401 dC9NSM5h1CeAGKd Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7a83791c4bfe59a7/1678869851862/f0c488745321b6f2d94b6660d66d9b15a5c69640e2554d91b6dc9220651cd923/ Frame 76F4 1 B
646 B 25ms
25ms Fetch
text/plain 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7a83791c4bfe59a7/1678869851862/f0c488745321b6f2d94b6660d66d9b15a5c69640e2554d91b6dc9220651cd923/dC9NSM5h1CeAGKd
Requested by: Host: news.pathom.su
URL: https://news.pathom.su/M
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/2aeoe/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 08:44:12 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g8MSIdFMhtvLZS2Zg1m2bFaXGlkDiVU2RttySIGUc2SMAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtK0fk8UgMasGK5V3T5wY7a3bUfa1Tk6cfuSReEDBgmTTk9fqUKZ-Ggt5F9FJ1uwqd0HYxixLl_RWXjBIvYJnQjOCdgocx_dtJX0HUsbnXCfqiYpIeSJFIKo1OEB2qE6Mo-yf5bNei97DT30-L3tp35JZNiva27hJ33lDc2DpBThSZJkQZOEUC0eIGteS9GpzKKOgBXDnY5uLmewDUWxRf75KVl_4xp4DYxyd6UHynCTcPH5J0UDGeGdnEK-l2On9Kao1M5xzKjKwaqHnc1XEcYw_43MSrFs8wlezfFYJE7k6y2acgGfGHmI9KKCy8EuyXzknUdo8saMec8jSdaf0rQIDAQAB, max-age=20
server: cloudflare
cf-ray: 7a837923ec9659a7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

POST
H3 200 04d9c2d44cc162f Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1009530727:1678867815:U630YkfXTi11MJ7QR4NYdJtcuA8U3aGvbMSw_zQPhNM/7a83791c4bfe59a7/ Frame 76F4 11 KB
8 KB 45ms
43ms XHR
text/plain 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1009530727:1678867815:U630YkfXTi11MJ7QR4NYdJtcuA8U3aGvbMSw_zQPhNM/7a83791c4bfe59a7/04d9c2d44cc162f
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7a83791c4bfe59a7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3661549b234942250597d161f2e9597b2ea8fcd3664075184f7a728111e1f35b

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/2aeoe/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: 04d9c2d44cc162f
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Mar 2023 08:44:12 GMT
content-encoding: br
cf_chl_gen: CX+gyd1Ge4zjsB1mkmdOWbBOWj61gdLcNCEcD1Hs57pSs6apT6YQjZAmIbkK1Gd/$MhqcJ/8ncWaovlFo12nKlQ==
server: cloudflare
cf-ray: 7a837924fec659a7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://news.pathom.su/M Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://news.pathom.su/cdn-cgi/challenge-platform/h/b/pat/7a837913fd1cbaeb/1678869850565/e5fdd0cb9ed7e9f3591380d27d04477697e5ca851ac7c2158526ec486a8eea24/99BTFmrCjL-Sf-s Message: Failed to load resource: the server responded with a status of 401 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7a83791c4bfe59a7/1678869851862/f0c488745321b6f2d94b6660d66d9b15a5c69640e2554d91b6dc9220651cd923/dC9NSM5h1CeAGKd Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
news.pathom.su
occupynorwich.org
2606:4700:20::681a:8ba
2606:4700::6812:7b9
66.70.229.148
1faf2153e9452e20cdd3295f086111a0e3ff61bf194f87aa9577c533d4cc1722
238e9da68f415b7953da7f8831f3ffcc4211a8f032198c9b915f4be738285b40
2f0d9078c570b426e0be4dd16fdcf79bcaba44df36398bd649cb840d65b7fbe2
3661549b234942250597d161f2e9597b2ea8fcd3664075184f7a728111e1f35b
3987d36c0215af10ae03c644e5d8cb500b98e238e2be5cd06002287e198dab70
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
76a73774b64e152e561efb0299433eb3f06c4612d107d7306024ab50e04c261a
9cde29364d6a24672ae6bc154315877224082e8819a40b714ce38ace17b1f7b8
bfce29e72c027c9f09f36dcec16a4d32b874855faad167c3279085c8431b9135
cd538e024adce1c0a6b429970ef6943bf5ef226ee340d47de3a407c7e141adf3
df643e6724f0fe5f41d4883a9f84effaa8135f8a880ba00b8397f1b0c59e0aea
e08152d3f9c666e747b60f6851e00a7cb350baf3fec18d7a45f2658d897fa6b7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

news.pathom.su Open in urlscan Pro 2606:4700:20::681a:8ba Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

14 Requests

93 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

236 kBTransfer

513 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

0 Cookies

5 Console Messages

Security Headers

Indicators

news.pathom.su Open in urlscan Pro
2606:4700:20::681a:8ba Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

236 kB
Transfer

513 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions