urlscan.io logo urlscan.io
SecurityTrails logo

pre.adanih.com Open in urlscan Pro
2606:4700:3031::6815:5193  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://pre.adanih.com/cl
Submission: On August 07 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3031::6815:5193, located in United States and belongs to CLOUDFLARENET, US. The main domain is pre.adanih.com.
TLS certificate: Issued by GTS CA 1P5 on July 11th 2023. Valid for: 3 months.
This is the only time pre.adanih.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
6 104.16.169.131 13335 (CLOUDFLAR...)
1 1 108.139.47.120 16509 (AMAZON-02)
1 13.225.223.52 16509 (AMAZON-02)
10 5
1    2606:4700:3031::6815:5193 (United States)

ASN13335 (CLOUDFLARENET, US)
pre.adanih.com
3    2606:4700::6811:2b8 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
6    104.16.169.131 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hcaptcha.com
newassets.hcaptcha.com
api2.hcaptcha.com
1    108.139.47.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-120.jfk50.r.cloudfront.net
findicons.com
1    13.225.223.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-52.jfk51.r.cloudfront.net
images.freeimages.com
Apex Domain
Subdomains		 Transfer
6 hcaptcha.com
js.hcaptcha.com — Cisco Umbrella Rank: 13262
newassets.hcaptcha.com — Cisco Umbrella Rank: 12132
api2.hcaptcha.com — Cisco Umbrella Rank: 23476
269 KB
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 6398
10 KB
1 freeimages.com
images.freeimages.com — Cisco Umbrella Rank: 205958
634 B
1 findicons.com
findicons.com — Cisco Umbrella Rank: 382758
307 B
1 adanih.com
pre.adanih.com
6 KB
10 5
Domain Requested by
4 newassets.hcaptcha.com js.hcaptcha.com
newassets.hcaptcha.com
3 challenges.cloudflare.com 1 redirects pre.adanih.com
challenges.cloudflare.com
1 api2.hcaptcha.com newassets.hcaptcha.com
1 images.freeimages.com pre.adanih.com
1 findicons.com 1 redirects
1 js.hcaptcha.com pre.adanih.com
1 pre.adanih.com
10 7

This site contains no links.

Subject Issuer Validity Valid
adanih.com
GTS CA 1P5		 2023-07-11 -
2023-10-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-15 -
2024-04-14		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 4 frames:

Primary Page: https://pre.adanih.com/cl
Frame ID: 7EE6F00B43CB59FA6864668496885E39
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/e7de24e/static/hcaptcha.html
Frame ID: A1E83EC8B7617AC6E3DB562CA3C39249
Requests: 2 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/e7de24e/static/hcaptcha.html
Frame ID: D02AFB8525AA66A06AA47B3FA9326B7B
Requests: 4 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9vls5/0x4AAAAAAAH51LUjEKUHjvhz/auto/normal
Frame ID: 38EBEAC4CDB1987BC7720D04BB82DF43
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page Statistics

10
Requests

80 %
HTTPS

40 %
IPv6

5
Domains

7
Subdomains

5
IPs

2
Countries

285 kB
Transfer

994 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/74ac0d47/api.js?onload=onloadTurnstileCallback
Request Chain 2
  • https://findicons.com/files/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png HTTP 301
  • https://images.freeimages.com/fic/images/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png?ref=findicons

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request cl
pre.adanih.com/ 		22 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.adanih.com/cl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:5193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b542343fcaafeb357e440d6164797b4a313f1003c0bdc2b0db3f12c4b1e41284

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f30861c4c2110a5-ORD
content-encoding
gzip
content-type
text/html
date
Mon, 07 Aug 2023 15:23:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdnixuYb0aYMOrThpsHoBSe7ArbAb0hO1Lf6RLrNi3PKyceNPuTvy%2FW9ZQuFLeb9iNynL1FdxW1sSxh3hNE2SqHScPFNSpZpBbs9jTqNo9hRzDxgl%2BwDaLjgGu40jV7PILG8eLyGciVvrT9Zxw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
api.js
challenges.cloudflare.com/turnstile/v0/g/74ac0d47/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
  • https://challenges.cloudflare.com/turnstile/v0/g/74ac0d47/api.js?onload=onloadTurnstileCallback
27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/74ac0d47/api.js?onload=onloadTurnstileCallback
Requested by
Host: pre.adanih.com
URL: https://pre.adanih.com/cl
Protocol
H2
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0f33190c14b543e76e11ab58c238e5d56508c3d0933c1cd7c64e478fedee376

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pre.adanih.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 15:23:59 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7f308622eb8601ca-ORD
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 07 Aug 2023 15:23:59 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/g/74ac0d47/api.js?onload=onloadTurnstileCallback
cache-control
max-age=300, public
cf-ray
7f308621395201ca-ORD
alt-svc
h3=":443"; ma=86400
api.js
js.hcaptcha.com/1/ 		313 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hcaptcha.com/1/api.js
Requested by
Host: pre.adanih.com
URL: https://pre.adanih.com/cl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dd1488cb95c47acc06568f4b0025ebe90af1f3f72ca71ce55dbf593d9ed35ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pre.adanih.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 15:23:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 1aa1b9cfd4a5b6f8748d1b91a3a687ce.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
dpFtj21lqddCTxD3RQerzp.gchQi5Xgb
age
0
x-amz-cf-pop
ORD52-C3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 07 Aug 2023 12:40:17 GMT
server
cloudflare
etag
W/"8eea60bd1081f1db59c6c48060f83799"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
cf-ray
7f30862148062bf4-ORD
x-amz-cf-id
GP7piuIOLeDWckNTGDPihC9ZLoki4pSKPyCL1qPa2o2U4nRm1BvC6w==
microsoft_new_logo_alt.png
images.freeimages.com/fic/images/icons/2796/metro_uinvert_dock/64/
Redirect Chain
  • https://findicons.com/files/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png
  • https://images.freeimages.com/fic/images/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png?ref=findicons
254 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.freeimages.com/fic/images/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png?ref=findicons
Requested by
Host: pre.adanih.com
URL: https://pre.adanih.com/cl
Protocol
H2
Server
13.225.223.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-52.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2267d1822dbefc10c25e17d1fa4a6d9331e5a126e2483c5aff542d6107ebca36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pre.adanih.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 07 Jul 2023 19:37:02 GMT
via
1.1 9e89086b4bc4697bea1e1dec6ddc5c5c.cloudfront.net (CloudFront)
last-modified
Tue, 20 Dec 2022 05:17:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK51-C1
age
2663219
etag
"57ab754695eb0a2c74201ecd6948c12f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
254
x-amz-cf-id
OI4l_fz1Z33XD3jnBDKH0FRpp6RTftmbF3y3H_ZHFvyCt-NmztUaUQ==

Redirect headers

date
Mon, 16 Jan 2023 23:54:10 GMT
via
1.1 e2d34a357aab1d6cff5cce981d09ebba.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P1
age
17508589
x-cache
Hit from cloudfront
location
https://images.freeimages.com/fic/images/icons/2796/metro_uinvert_dock/64/microsoft_new_logo_alt.png?ref=findicons
content-length
0
x-amz-cf-id
Hk6oSKUftvJaPvHjOyib1jU9P1d8lwyfdbPWQUUHu_vVmpnzr2L0wQ==
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/e7de24e/static/ Frame A1E8 		2 KB
934 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/e7de24e/static/hcaptcha.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b00dab5d32c9cc96359c7fe7a1462ffe183843ddd350a30cd7c67ad70d33f323
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pre.adanih.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
age
359
alt-svc
h3=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
7f3086238a832bf4-ORD
content-encoding
br
content-type
text/html
cross-origin-embedder-policy
credentialless
cross-origin-resource-policy
cross-origin
date
Mon, 07 Aug 2023 15:23:59 GMT
last-modified
Mon, 07 Aug 2023 12:40:17 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 28601bc57104f7fc6c8886bc07b5e7bc.cloudfront.net (CloudFront)
x-amz-cf-id
gD-Hg4GzwLtOxVJmvHbXU2V2JXtEwv2rIiYSmY_creVrWu6LjghvlQ==
x-amz-cf-pop
ORD52-C3
x-amz-server-side-encryption
AES256
x-amz-version-id
BQrU2zjxiNivxbKVSdky.zo.pJLrihw8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/e7de24e/static/ Frame D02A 		2 KB
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/e7de24e/static/hcaptcha.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b00dab5d32c9cc96359c7fe7a1462ffe183843ddd350a30cd7c67ad70d33f323
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pre.adanih.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
age
359
alt-svc
h3=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
7f3086238a812bf4-ORD
content-encoding
br
content-type
text/html
cross-origin-embedder-policy
credentialless
cross-origin-resource-policy
cross-origin
date
Mon, 07 Aug 2023 15:23:59 GMT
last-modified
Mon, 07 Aug 2023 12:40:17 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 28601bc57104f7fc6c8886bc07b5e7bc.cloudfront.net (CloudFront)
x-amz-cf-id
gD-Hg4GzwLtOxVJmvHbXU2V2JXtEwv2rIiYSmY_creVrWu6LjghvlQ==
x-amz-cf-pop
ORD52-C3
x-amz-server-side-encryption
AES256
x-amz-version-id
BQrU2zjxiNivxbKVSdky.zo.pJLrihw8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9vls5/0x4AAAAAAAH51LUjEKUHjvhz/auto/ Frame 38EB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/9vls5/0x4AAAAAAAH51LUjEKUHjvhz/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://pre.adanih.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7f308623a8d11177-ORD
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 07 Aug 2023 15:23:59 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/e7de24e/ Frame A1E8 		313 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/e7de24e/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e7de24e/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dd1488cb95c47acc06568f4b0025ebe90af1f3f72ca71ce55dbf593d9ed35ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/e7de24e/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 15:24:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 1aa1b9cfd4a5b6f8748d1b91a3a687ce.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
dpFtj21lqddCTxD3RQerzp.gchQi5Xgb
age
247
x-amz-cf-pop
ORD52-C3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 07 Aug 2023 12:40:17 GMT
server
cloudflare
etag
W/"8eea60bd1081f1db59c6c48060f83799"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
7f308623eaf02bf4-ORD
x-amz-cf-id
GP7piuIOLeDWckNTGDPihC9ZLoki4pSKPyCL1qPa2o2U4nRm1BvC6w==
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/e7de24e/ Frame D02A 		313 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/e7de24e/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e7de24e/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dd1488cb95c47acc06568f4b0025ebe90af1f3f72ca71ce55dbf593d9ed35ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/e7de24e/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 15:23:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 1aa1b9cfd4a5b6f8748d1b91a3a687ce.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
dpFtj21lqddCTxD3RQerzp.gchQi5Xgb
age
247
x-amz-cf-pop
ORD52-C3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 07 Aug 2023 12:40:17 GMT
server
cloudflare
etag
W/"8eea60bd1081f1db59c6c48060f83799"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
7f308623eaf22bf4-ORD
x-amz-cf-id
GP7piuIOLeDWckNTGDPihC9ZLoki4pSKPyCL1qPa2o2U4nRm1BvC6w==
truncated
/ Frame D02A 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
api2.hcaptcha.com/ Frame D02A 		682 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.hcaptcha.com/checksiteconfig?v=e7de24e&host=pre.adanih.com&sitekey=234adb2f-52ba-4697-82fa-abecbb14b173&sc=1&swa=1&spst=0
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/e7de24e/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bbcb5b575be48954b223ba0a63a9846199ebb27232e5981ec9d8101e31010e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://newassets.hcaptcha.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 15:24:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
access-control-allow-credentials
true
cf-ray
7f3086252c2e2bf4-ORD
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass
2
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| verifyCallback_CF function| verifyCallback_hCaptcha function| validateElement function| refreshCallBack function| switchToSecondCaptcha function| onloadTurnstileCallback function| incrementLoader object| Raven object| hcaptcha object| grecaptcha object| turnstile number| ticker

2 Cookies

Domain/Path Name / Value
.adanih.com/ Name: JerQ
Value: 5f1f547c2c66ee5601df52970c2b419c17d2e6b8a1f9d30eb6fb85a6c2b7d2bd
api2.hcaptcha.com/ Name: __cflb
Value: 02DiuHLwzyAZNoSCVjn6MALgguX5ocQp6hVjUyPoF5wji