![](/screenshots/da53971f-9bd2-4292-aced-5c93e088de24.png)
dl-protect.link
Open in
urlscan Pro
2606:4700:3030::ac43:8654
Public Scan
Submission Tags: falconsandbox
Submission: On May 24 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on April 29th 2024. Valid for: 3 months.
This is the only time dl-protect.link was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 2606:4700:303... 2606:4700:3030::ac43:8654 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 3 | 2606:4700::68... 2606:4700::6811:3b8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3030::6815:5bbc | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3034::6815:86c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
18 | 5 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
dl-protect.link
dl-protect.link |
141 KB |
3 |
cloudflare.com
1 redirects
challenges.cloudflare.com — Cisco Umbrella Rank: 4500 |
14 KB |
1 |
pubtrky.com
pubtrky.com — Cisco Umbrella Rank: 35269 |
434 B |
1 |
youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 33352 |
481 B |
1 |
wcnhhqqueu.com
wcnhhqqueu.com |
23 KB |
18 | 5 |
Domain | Requested by | |
---|---|---|
13 | dl-protect.link |
dl-protect.link
|
3 | challenges.cloudflare.com |
1 redirects
dl-protect.link
challenges.cloudflare.com |
1 | pubtrky.com |
wcnhhqqueu.com
|
1 | youradexchange.com |
dl-protect.link
|
1 | wcnhhqqueu.com |
dl-protect.link
|
18 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
random-affiliate.atimaze.com |
notjdyincro.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
dl-protect.link GTS CA 1P5 |
2024-04-29 - 2024-07-28 |
3 months | crt.sh |
wcnhhqqueu.com GTS CA 1P5 |
2024-05-05 - 2024-08-03 |
3 months | crt.sh |
youradexchange.com GTS CA 1P5 |
2024-04-14 - 2024-07-13 |
3 months | crt.sh |
challenges.cloudflare.com Cloudflare Inc ECC CA-3 |
2023-08-18 - 2024-08-17 |
a year | crt.sh |
pubtrky.com GTS CA 1P5 |
2024-05-16 - 2024-08-14 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://dl-protect.link/9c4205af?fn=U2VudWFzIFNhZ2EgSGVsbGJsYWRlIElJICB2MS4wLjAuMC4xNTg1MjMgW1BDXQ%3D%3D&rl=c2
Frame ID: 7F89A4C464F3871979A380F1B6A89A5C
Requests: 17 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/8zfa3/0x4AAAAAAABKK-fmValRCMjW/auto/normal
Frame ID: B85BF5AB1B8D20A42C2E88ABE28D72BC
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/da53971f-9bd2-4292-aced-5c93e088de24.png)
Page Title
Protect your linksDetected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 7- https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
- https://challenges.cloudflare.com/turnstile/v0/b/695da7821231/api.js
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
9c4205af
dl-protect.link/ |
173 KB 49 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.css
dl-protect.link/assets/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
font-awesome.min.css
dl-protect.link/assets/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
dl-protect.link/assets/css/ |
1 KB 938 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-3.1.1.min.js
dl-protect.link/assets/js/ |
85 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.js
dl-protect.link/assets/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logook.png
dl-protect.link/assets/images/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
afl5.png
dl-protect.link/assets/images/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
api.js
challenges.cloudflare.com/turnstile/v0/b/695da7821231/ Redirect Chain
|
42 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
GCipKxxMq9.js
dl-protect.link/ |
26 B 510 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main2.js
dl-protect.link/ |
23 B 512 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adsc.js
dl-protect.link/ |
21 B 517 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
afl5.png
dl-protect.link/assets/images/ |
9 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ut.js
wcnhhqqueu.com/script/ |
61 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
suurl5.php
youradexchange.com/script/ |
1 B 481 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/8zfa3/0x4AAAAAAABKK-fmValRCMjW/auto/ Frame B85B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
hb.php
pubtrky.com/ut/ |
0 434 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
dl-protect.link/ |
1 KB 604 B |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 function| $ function| jQuery string| WEBROOT function| onSubmit2 function| canSubmit function| setCookie function| getCookie boolean| scriptDisabled boolean| main2script function| Adcash function| AtcshAltNm string| rgxngibqxq object| aclib object| Zwq7cpX6j boolean| canRunAds object| turnstile boolean| user_engagement524 string| utsid-send1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
dl-protect.link/ | Name: PHPSESSID Value: 5qk48utt9e13a8t3ihpv3a7i64 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
challenges.cloudflare.com
dl-protect.link
pubtrky.com
wcnhhqqueu.com
youradexchange.com
2606:4700:3030::6815:5bbc
2606:4700:3030::ac43:8654
2606:4700:3034::6815:86c
2606:4700::6811:3b8
2a06:98c1:3120::3
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
04d8cc0aacc3f172f638e608d3f08e8457d849290ae553090cb951d4b3f1b97b
0f8af5762722ff6c14ef4e011d2c25ff39f86846b8790c1f911f460d5393c3cc
3327eafbac9b5b2673ce8f46f94e10b80e399b4a5fd4caf1fdadcdd62babbec6
438542ed295fb2260e7c600767790ca9bf9175203031b4e99b9e299b1fca2548
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
94d7b3fe5deb063360d28cc209d699bcc2eba11d02f72a7849b30de744d5a5c9
aa4bc33df4f324e0b92041ab92c2e79ab9ce88ab84fb36460bf1e5e71cd444e3
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
b114323245593252fcb9bfc4facbcb80c0312728867f12280e9b393239af939a
e158035a6f740b0245a027bf0d559c56782ebbeec7cab5a827083bd16aa47901
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8900efd69708090fee586fda1c037cff54f3d8d0462862b34fa9eb37951d150
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c