skin-copy2.mobilesentrix.com Open in urlscan Pro
2606:4700:10::6816:345f  Public Scan

URL: https://skin-copy2.mobilesentrix.com/
Submission Tags: phishingrod
Submission: On June 23 via api from DE — Scanned from DE

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 25 HTTP transactions. The main IP is 2606:4700:10::6816:345f, located in United States and belongs to CLOUDFLARENET, US. The main domain is skin-copy2.mobilesentrix.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 2nd 2023. Valid for: a year.
This is the only time skin-copy2.mobilesentrix.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 2606:4700:10:... 13335 (CLOUDFLAR...)
8 2606:4700::68... 13335 (CLOUDFLAR...)
25 3
Apex Domain
Subdomains
Transfer
12 mobilesentrix.com
skin-copy2.mobilesentrix.com
153 KB
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5180
200 KB
25 2
Domain Requested by
12 skin-copy2.mobilesentrix.com skin-copy2.mobilesentrix.com
8 challenges.cloudflare.com skin-copy2.mobilesentrix.com
challenges.cloudflare.com
25 2

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
mobilesentrix.com
Cloudflare Inc ECC CA-3
2023-04-02 -
2024-04-01
a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3
2022-09-18 -
2023-09-17
a year crt.sh

This page contains 2 frames:

Primary Page: https://skin-copy2.mobilesentrix.com/
Frame ID: A3EA450A7B92B6D817A5CC6541E9CEC1
Requests: 19 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/r5xyj/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: 6D91E9E92FF31919240FBB8F8C997CA2
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://skin-copy2.mobilesentrix.com/ Page URL
  2. https://skin-copy2.mobilesentrix.com/ Page URL

Page Statistics

25
Requests

80 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

353 kB
Transfer

779 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://skin-copy2.mobilesentrix.com/ Page URL
  2. https://skin-copy2.mobilesentrix.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
skin-copy2.mobilesentrix.com/
7 KB
5 KB
Document
General
Full URL
https://skin-copy2.mobilesentrix.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:345f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799b1c7a8880fe787e75ad40da1d4f57a3883373fbda9b889b6a89427aeef8a9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7dbe30f928185c20-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 23 Jun 2023 16:43:40 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
challenges.css
skin-copy2.mobilesentrix.com/cdn-cgi/styles/
6 KB
3 KB
Stylesheet
General
Full URL
https://skin-copy2.mobilesentrix.com/cdn-cgi/styles/challenges.css
Requested by
Host: skin-copy2.mobilesentrix.com
URL: https://skin-copy2.mobilesentrix.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:345f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-copy2.mobilesentrix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 16:43:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Jun 2023 09:28:52 GMT
server
cloudflare
etag
W/"64941454-19c8"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
7dbe30f968825c20-FRA
expires
Fri, 23 Jun 2023 18:43:40 GMT
v1
skin-copy2.mobilesentrix.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/
168 KB
58 KB
Script
General
Full URL
https://skin-copy2.mobilesentrix.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7dbe30f928185c20
Requested by
Host: skin-copy2.mobilesentrix.com
URL: https://skin-copy2.mobilesentrix.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:345f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aa43ff2b0cc8a8d2dc9926bd307290369c87615d542859874caa49971b08d24
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-copy2.mobilesentrix.com/?__cf_chl_rt_tk=vbR2Oqc_njbQVahmTqoLMGKFsK7VvxRTgzdGUuGB7ac-1687538620-0-gaNycGzNCvs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 16:43:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7dbe30f98d7635e2-FRA
alt-svc
h3=":443"; ma=86400
transparent.gif
skin-copy2.mobilesentrix.com/cdn-cgi/images/trace/jsch/js/
42 B
258 B
Image
General
Full URL
https://skin-copy2.mobilesentrix.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7dbe30f928185c20
Requested by
Host: skin-copy2.mobilesentrix.com
URL: https://skin-copy2.mobilesentrix.com/?__cf_chl_rt_tk=vbR2Oqc_njbQVahmTqoLMGKFsK7VvxRTgzdGUuGB7ac-1687538620-0-gaNycGzNCvs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:345f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-copy2.mobilesentrix.com/?__cf_chl_rt_tk=vbR2Oqc_njbQVahmTqoLMGKFsK7VvxRTgzdGUuGB7ac-1687538620-0-gaNycGzNCvs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 16:43:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Jun 2023 09:28:52 GMT
server
cloudflare
etag
"64941454-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7dbe30f98d7835e2-FRA
content-length
42
expires
Fri, 23 Jun 2023 18:43:40 GMT
api.js
challenges.cloudflare.com/turnstile/v0/g/19b997cb/
19 KB
7 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/19b997cb/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: skin-copy2.mobilesentrix.com
URL: https://skin-copy2.mobilesentrix.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7dbe30f928185c20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7a5045877238b1271059b2175e224d73844f717d25ee6bb0bd4751d21490075

Request headers

Referer
Origin
https://skin-copy2.mobilesentrix.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 16:43:40 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7dbe30fa28979bb3-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
skin-copy2.mobilesentrix.com/
7 KB
7 KB
Image
General
Full URL
https://skin-copy2.mobilesentrix.com/favicon.ico
Requested by
Host: skin-copy2.mobilesentrix.com
URL: https://skin-copy2.mobilesentrix.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:345f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a975419cb7f2f9799b1b3516433cdb14488fd23e1cd252c82a4f0c9abfe5d740
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-copy2.mobilesentrix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 16:43:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
7dbe30fa0e0835e2-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/
586 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
b6c28d46-a678-488e-90e2-dd0da689a636
https://skin-copy2.mobilesentrix.com/
0
0
Other
General
Full URL
blob:https://skin-copy2.mobilesentrix.com/b6c28d46-a678-488e-90e2-dd0da689a636
Requested by
Host: skin-copy2.mobilesentrix.com
URL: https://skin-copy2.mobilesentrix.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-copy2.mobilesentrix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
20bf0aec1f2dd5c
skin-copy2.mobilesentrix.com/cdn-cgi/challenge-platform/h/g/flow/ov1/228167793:1687536419:b2nye5orWoTfyYwyrONF8VTycq_4UpBPrKvzprfUh2M/7dbe30f928185c20/
7 KB
6 KB
XHR
General
Full URL
https://skin-copy2.mobilesentrix.com/cdn-cgi/challenge-platform/h/g/flow/ov1/228167793:1687536419:b2nye5orWoTfyYwyrONF8VTycq_4UpBPrKvzprfUh2M/7dbe30f928185c20/20bf0aec1f2dd5c
Requested by
Host: skin-copy2.mobilesentrix.com
URL: https://skin-copy2.mobilesentrix.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7dbe30f928185c20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:345f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a72c4c917323b08158c7f08a9df30fb3dbfc3dbe0c24d89d88f1a8910d296b3f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://skin-copy2.mobilesentrix.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
CF-Challenge
20bf0aec1f2dd5c
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 23 Jun 2023 16:43:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
7dbe30faced135e2-FRA
alt-svc
h3=":443"; ma=86400
cf-chl-gen
uWqC87+NjXwF7HWEHJhoHnyYB/WkzemzcO4W2p5F/g6hec2WSmSLv1TH+yUCZmjJ$7uT2+n7ZEVd4Y2z6jNZXwA==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/r5xyj/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame 6D91
24 KB
8 KB
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/r5xyj/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/19b997cb/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
087ff510585e3801c26889766949fd5d17c626bdfcd868b6819861864d2992b7
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7dbe30fb5bd3085c-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 23 Jun 2023 16:43:40 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 6D91
178 KB
62 KB
Script
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7dbe30fb5bd3085c
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/r5xyj/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13ec0efb92b37f332835ae2ea8265a8b0c8732a2c4b4a1621bdfd2c386e8ab65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/r5xyj/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 16:43:40 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7dbe30fbbc4d085c-FRA
alt-svc
h3=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
9ce20750-3191-4f92-b327-ac545d0688c5
https://challenges.cloudflare.com/ Frame 6D91
0
0
Other
General
Full URL
blob:https://challenges.cloudflare.com/9ce20750-3191-4f92-b327-ac545d0688c5
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/r5xyj/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
5f9a57986e5cf36
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/254638520:1687536446:ZYX2IVeGBSTRriV_lYnhQxujQiQijymU-lgJasVmF9U/7dbe30fb5bd3085c/ Frame 6D91
153 KB
116 KB
XHR
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/254638520:1687536446:ZYX2IVeGBSTRriV_lYnhQxujQiQijymU-lgJasVmF9U/7dbe30fb5bd3085c/5f9a57986e5cf36
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7dbe30fb5bd3085c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24a8116e1618147d095527ba3ea5f7a39bbe115100a9c29e61cb9c69f94abc43

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/r5xyj/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
CF-Challenge
5f9a57986e5cf36
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
LBesZAKI2TVDa6kKqIYDwGGbjUqxIdkz+C6o6S/ym4M1ea+p8jE7+72kKItDxyDu8OnQIWOCbFSEzSzPQ38XYIKjm6YRMCnWiIG6CO1zGBuo6YnpOoaZr37GB4EnjxFf7uBC4OKrl8HN+VTv0uYFne3C+sK4jTTcBXomQiUaEHtN0vY5+Mv8JVikefCVRIQVITx8rqI9PR9kAtnc18Gn1psM6rQDaVeVd2fHLypTjfnSvCxtalBfaN4G5jWdsdDlyI0p8PLeW+8Q/ZSQlKQyreSaOjj7Uxe5a91iHZl+NkBB3b8qy8ZqVGXFo9AHu7ZqkHuHmh/2CUDWJcDHiqp837aMul82dx3eWIkryVK4nAKxHDUVgurKJDmVhz8thT7+g0I6QIV7JZqkjh3NAB88H0ab2syoddW/sDvN/sPIpWvKp9V3RAETizIAH2T1EyUY$OX9JiNrrl7d38/XA02lg7g==
date
Fri, 23 Jun 2023 16:43:40 GMT
content-encoding
br
server
cloudflare
cf-ray
7dbe30fcad5e085c-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
mqM5_hkemmbpNfs
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7dbe30fb5bd3085c/1687538620916/ Frame 6D91
61 B
147 B
Image
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7dbe30fb5bd3085c/1687538620916/mqM5_hkemmbpNfs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5790eb08ed1ecc820cc0bcbb4371434d555f3d16eb843ebafd272623281a8be9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/r5xyj/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 16:43:41 GMT
server
cloudflare
cf-ray
7dbe30fed80f085c-FRA
alt-svc
h3=":443"; ma=86400
content-type
image/png
79dd3466-e0e4-4591-99f5-1d5904a87e8d
https://challenges.cloudflare.com/ Frame 6D91
99 B
0
Other
General
Full URL
blob:https://challenges.cloudflare.com/79dd3466-e0e4-4591-99f5-1d5904a87e8d
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/r5xyj/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Length
99
Content-Type
text/javascript
kXqTmeyN0BWbX4d
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7dbe30fb5bd3085c/1687538620919/3e5b7cbc42c692fcb2be7252a44308b6abfa2839d7b8875c63c9fea0867532a4/ Frame 6D91
1 B
630 B
Fetch
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7dbe30fb5bd3085c/1687538620919/3e5b7cbc42c692fcb2be7252a44308b6abfa2839d7b8875c63c9fea0867532a4/kXqTmeyN0BWbX4d
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7dbe30fb5bd3085c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/r5xyj/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 16:43:42 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gPlt8vELGkvyyvnJSpEMItqv6KDnXuIdcY8n-oIZ1MqQAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAnJgGHXFgEEqq8yaRnYgQn1gT46uaFki3UUDjfp_VlgM4ql0jpjYyONf6FEHnvmresTEQj8ggUgOjwmVAYNUINe0ryVKYPPqHIQsLwFCx4Go6aX3SrDbGOL2nLpuHxRKdCnYZnNq34CWddkTwdC6bTBKIH0yiTJ9_LOxToByUeOIZOdSpG12LqdoZLIg6OmQerEqEl0wKgnCV4gy46nXHSnzf4xLci3n9NFoB_8x7eB7V5dfzS1h-FuZvLQOr2UqC5OT1Bt-gU_Hg0737bFk2zhcl6S9pQG1FtcHfZayW9mAHph43hRWcayf5lFab6SsMaWiEPQ4t87FVE61plQoVkQIDAQAB, max-age=20
server
cloudflare
cf-ray
7dbe3106a996085c-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
5f9a57986e5cf36
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/254638520:1687536446:ZYX2IVeGBSTRriV_lYnhQxujQiQijymU-lgJasVmF9U/7dbe30fb5bd3085c/ Frame 6D91
928 B
1 KB
XHR
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/254638520:1687536446:ZYX2IVeGBSTRriV_lYnhQxujQiQijymU-lgJasVmF9U/7dbe30fb5bd3085c/5f9a57986e5cf36
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7dbe30fb5bd3085c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5179a85b387b5bdab5eb9ce5648713661a418f9cd532688d61b8c581c8c2bf20

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/r5xyj/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
CF-Challenge
5f9a57986e5cf36
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-out
i0nHTgm32lzc2GoAdq+3lV3XjPkvccvD7TEw0zth+hOULOflJ/cegkk4WUhg873mAAKxJTkn59LNCUurE4U8V6lrVUw17+3yTOF0QcYUb5I=$zMYjbgR5cWaGxwBn4yvU2Q==
cf-chl-out-s
pdsCiVw7qbo/y8QgcH0oarCv+7sJTyTI75rRRhVCpEGScNKQsQUrQhvF2N0IvBR5XZxxMkPCAWoXe0vTqrmO2qVRS5bPN7XJTwkiwDb4M1FE00z6S5EkgTXXfyFXS4Px+IfcQxapuMHOl6+T6xt5tDIr6MaTNz+D2x6MS3kdcClOlUoN5+fQ2u13k8hpYQc2SqEY/tRjERpZkjXsGglUMH9XY4Ak2spuj6XAB+TDIf86YaCg5wdmmDzik6ZsOYQ9/MYJIeGFY3vOkMO/dXgV2zp5/+uzkJQZryLp32uc6uvpuFyIZSUonMzOEkIhNQh1uBJR0o3570ar+lsATH+IPqnFkWGYVSxuelJwJ/oa0Il1ICPXssCUjBT4bl1IBd9l0pzSc/NH1wA+3ystFiFc0MsZpXnFcjbKyjBCtFTPLktzTTlydRTYy84cgJbHGE+X5kcNgjfVx3Hg15rtTHR6gQ==$MijeOjRZ0yNIqeO0tHgRug==
date
Fri, 23 Jun 2023 16:43:42 GMT
content-encoding
br
server
cloudflare
content-type
text/html; charset=UTF-8
cf-ray
7dbe31073a5e085c-FRA
alt-svc
h3=":443"; ma=86400
20bf0aec1f2dd5c
skin-copy2.mobilesentrix.com/cdn-cgi/challenge-platform/h/g/flow/ov1/228167793:1687536419:b2nye5orWoTfyYwyrONF8VTycq_4UpBPrKvzprfUh2M/7dbe30f928185c20/
2 KB
2 KB
XHR
General
Full URL
https://skin-copy2.mobilesentrix.com/cdn-cgi/challenge-platform/h/g/flow/ov1/228167793:1687536419:b2nye5orWoTfyYwyrONF8VTycq_4UpBPrKvzprfUh2M/7dbe30f928185c20/20bf0aec1f2dd5c
Requested by
Host: skin-copy2.mobilesentrix.com
URL: https://skin-copy2.mobilesentrix.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7dbe30f928185c20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:345f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
050204bcf6912356a83459595e98640e9ef33be5880e1a2569ce8530d29a4a24
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://skin-copy2.mobilesentrix.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
CF-Challenge
20bf0aec1f2dd5c
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-out
TRQhoh6X9Gn2LDe0qLN9eluGWI3R3oRA4U8v8BwlB320UTYaHnCcBkg1OXsvzPB+5FmDaKVIYwsrOoXyF/C2IOoMztLerACuZEUWHpDwMZs=$HFU62UjYaBsD3B3KFLmnsA==
cf-chl-out-s
7CQt+OgpYqmOpgA+UXiagZ3HJI7or/uQ5WwaF8aSZ6wqRdEf3QUHYe3ra7HgVm2YbWyP4Kt43mPexsz13s6yjyqKlv6eR/N2b9ozlDXoy6797V/WPJlbGefLtcSBPZ8dzy4adqleU/uUTJ1ACa1bOA==$Ak4a9uxGXKJMVQtu/xzC3Q==
date
Fri, 23 Jun 2023 16:43:42 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
content-type
text/html; charset=UTF-8
cf-ray
7dbe31078d3435e2-FRA
alt-svc
h3=":443"; ma=86400
Primary Request /
skin-copy2.mobilesentrix.com/
7 KB
5 KB
Document
General
Full URL
https://skin-copy2.mobilesentrix.com/
Requested by
Host: skin-copy2.mobilesentrix.com
URL: https://skin-copy2.mobilesentrix.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7dbe30f928185c20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:345f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7414065b26523f46f25cc34d26bd56aa47668ff2f10a9aae7f5c228d81f1d771
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://skin-copy2.mobilesentrix.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7dbe31146c3f35e2-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 23 Jun 2023 16:43:44 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
challenges.css
skin-copy2.mobilesentrix.com/cdn-cgi/styles/
6 KB
3 KB
Stylesheet
General
Full URL
https://skin-copy2.mobilesentrix.com/cdn-cgi/styles/challenges.css
Requested by
Host: skin-copy2.mobilesentrix.com
URL: https://skin-copy2.mobilesentrix.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:345f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-copy2.mobilesentrix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 16:43:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Jun 2023 09:28:52 GMT
server
cloudflare
etag
W/"64941454-19c8"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
7dbe31148c5f35e2-FRA
expires
Fri, 23 Jun 2023 18:43:44 GMT
v1
skin-copy2.mobilesentrix.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/
167 KB
58 KB
Script
General
Full URL
https://skin-copy2.mobilesentrix.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7dbe31146c3f35e2
Requested by
Host: skin-copy2.mobilesentrix.com
URL: https://skin-copy2.mobilesentrix.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:345f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
449a1b87a4dce09ac46506703ce99614c476fa0aaed9d8ef0f68e388819fbdb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-copy2.mobilesentrix.com/?__cf_chl_rt_tk=nnmVb4JA.2trN0yp5NxkHP6teboWWNIXsljpE7.GyOA-1687538624-0-gaNycGzNCSU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 16:43:44 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7dbe31149c7635e2-FRA
alt-svc
h3=":443"; ma=86400
transparent.gif
skin-copy2.mobilesentrix.com/cdn-cgi/images/trace/jsch/js/
42 B
224 B
Image
General
Full URL
https://skin-copy2.mobilesentrix.com/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7dbe31146c3f35e2
Requested by
Host: skin-copy2.mobilesentrix.com
URL: https://skin-copy2.mobilesentrix.com/?__cf_chl_rt_tk=nnmVb4JA.2trN0yp5NxkHP6teboWWNIXsljpE7.GyOA-1687538624-0-gaNycGzNCSU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:345f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-copy2.mobilesentrix.com/?__cf_chl_rt_tk=nnmVb4JA.2trN0yp5NxkHP6teboWWNIXsljpE7.GyOA-1687538624-0-gaNycGzNCSU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 16:43:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 22 Jun 2023 09:28:52 GMT
server
cloudflare
etag
"64941454-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7dbe31149c7835e2-FRA
content-length
42
expires
Fri, 23 Jun 2023 18:43:44 GMT
api.js
challenges.cloudflare.com/turnstile/v0/g/19b997cb/
19 KB
7 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/19b997cb/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: skin-copy2.mobilesentrix.com
URL: https://skin-copy2.mobilesentrix.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=7dbe31146c3f35e2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7a5045877238b1271059b2175e224d73844f717d25ee6bb0bd4751d21490075

Request headers

Referer
Origin
https://skin-copy2.mobilesentrix.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 16:43:44 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7dbe3114df3a9bb3-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
skin-copy2.mobilesentrix.com/
7 KB
7 KB
Image
General
Full URL
https://skin-copy2.mobilesentrix.com/favicon.ico
Requested by
Host: skin-copy2.mobilesentrix.com
URL: https://skin-copy2.mobilesentrix.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:345f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c04efc3920da4fa0cd0007ee0a3ec99fdc9b3a568a9da2fef75200b28f5bdd2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-copy2.mobilesentrix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 16:43:44 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
7dbe3114dcef35e2-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/
586 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
aca72f4d-68a3-44bd-ab7c-a3d19ce232c2
https://skin-copy2.mobilesentrix.com/
0
0
Other
General
Full URL
blob:https://skin-copy2.mobilesentrix.com/aca72f4d-68a3-44bd-ab7c-a3d19ce232c2
Requested by
Host: skin-copy2.mobilesentrix.com
URL: https://skin-copy2.mobilesentrix.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-copy2.mobilesentrix.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
ec63294535fa0d0
skin-copy2.mobilesentrix.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1980293719:1687536496:Hl20v5pmcrXRyBN9HV0GCr1EvFq6a4pUxlNffNlFTJ0/7dbe31146c3f35e2/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
skin-copy2.mobilesentrix.com
URL
https://skin-copy2.mobilesentrix.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1980293719:1687536496:Hl20v5pmcrXRyBN9HV0GCr1EvFq6a4pUxlNffNlFTJ0/7dbe31146c3f35e2/ec63294535fa0d0

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| _cf_chl_opt function| _cf_chl_turnstile_l function| giZRRiQTBy function| SHA256 function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| WZbB0 object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded

1 Cookies

Domain/Path Name / Value
skin-copy2.mobilesentrix.com/ Name: cf_chl_rc_ni
Value: 1

8 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://skin-copy2.mobilesentrix.com/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://skin-copy2.mobilesentrix.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7dbe30fb5bd3085c/1687538620919/3e5b7cbc42c692fcb2be7252a44308b6abfa2839d7b8875c63c9fea0867532a4/kXqTmeyN0BWbX4d
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://skin-copy2.mobilesentrix.com/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://skin-copy2.mobilesentrix.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
skin-copy2.mobilesentrix.com
skin-copy2.mobilesentrix.com
2606:4700:10::6816:345f
2606:4700::6812:7b9
050204bcf6912356a83459595e98640e9ef33be5880e1a2569ce8530d29a4a24
087ff510585e3801c26889766949fd5d17c626bdfcd868b6819861864d2992b7
0aa43ff2b0cc8a8d2dc9926bd307290369c87615d542859874caa49971b08d24
13ec0efb92b37f332835ae2ea8265a8b0c8732a2c4b4a1621bdfd2c386e8ab65
24a8116e1618147d095527ba3ea5f7a39bbe115100a9c29e61cb9c69f94abc43
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
449a1b87a4dce09ac46506703ce99614c476fa0aaed9d8ef0f68e388819fbdb3
5179a85b387b5bdab5eb9ce5648713661a418f9cd532688d61b8c581c8c2bf20
5790eb08ed1ecc820cc0bcbb4371434d555f3d16eb843ebafd272623281a8be9
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7414065b26523f46f25cc34d26bd56aa47668ff2f10a9aae7f5c228d81f1d771
799b1c7a8880fe787e75ad40da1d4f57a3883373fbda9b889b6a89427aeef8a9
7c04efc3920da4fa0cd0007ee0a3ec99fdc9b3a568a9da2fef75200b28f5bdd2
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194
a72c4c917323b08158c7f08a9df30fb3dbfc3dbe0c24d89d88f1a8910d296b3f
a7a5045877238b1271059b2175e224d73844f717d25ee6bb0bd4751d21490075
a975419cb7f2f9799b1b3516433cdb14488fd23e1cd252c82a4f0c9abfe5d740
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa