urlscan.io logo urlscan.io
SecurityTrails logo

referal.top Open in urlscan Pro
172.67.131.84  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://facjaia.r.bh.d.sendibt3.com/tr/cl/AHCQy-mXjAbiJKUbMRP0xF69-ArQQE7r3c6PFIYygr_pjKvVeA6L7vdX4gV1rvdCiVmaIUA-7NvPxLWBZ7wj7cwHNI...
Effective URL: https://referal.top/_hitler_alpha/?login=a.nair@tamimi.com&page=null&request_type=load&page_bg=null&no_redrct=null&p...
Submission: On June 10 via manual from EG — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 12 HTTP transactions. The main IP is 172.67.131.84, located in United States and belongs to CLOUDFLARENET, US. The main domain is referal.top.
TLS certificate: Issued by GTS CA 1P5 on April 25th 2024. Valid for: 3 months.
This is the only time referal.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 1.179.112.196 396982 (GOOGLE-CL...)
1 52.219.176.226 16509 (AMAZON-02)
1 5 172.67.147.250 13335 (CLOUDFLAR...)
2 172.67.131.84 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 104.17.3.184 13335 (CLOUDFLAR...)
12 6
1    1.179.112.196 (France)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: m1179112196.mailinblue.me
facjaia.r.bh.d.sendibt3.com
1    52.219.176.226 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
warsee.s3.us-east-2.amazonaws.com
5    172.67.147.250 (United States)

ASN13335 (CLOUDFLARENET, US)
webso.click
2    172.67.131.84 (United States)

ASN13335 (CLOUDFLARENET, US)
referal.top
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    104.17.3.184 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
5 webso.click
webso.click
8 KB
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4303
14 KB
2 referal.top
referal.top
1 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 461
31 KB
1 amazonaws.com
warsee.s3.us-east-2.amazonaws.com
4 KB
1 sendibt3.com
facjaia.r.bh.d.sendibt3.com
228 B
12 6
Domain Requested by
5 webso.click 1 redirects warsee.s3.us-east-2.amazonaws.com
webso.click
3 challenges.cloudflare.com 1 redirects referal.top
challenges.cloudflare.com
2 referal.top webso.click
1 ajax.googleapis.com referal.top
1 warsee.s3.us-east-2.amazonaws.com
1 facjaia.r.bh.d.sendibt3.com 1 redirects
12 6

This site contains no links.

Subject Issuer Validity Valid
*.s3.us-east-2.amazonaws.com
Amazon RSA 2048 M01		 2024-02-29 -
2025-02-12		 a year crt.sh
webso.click
GTS CA 1P5		 2024-05-03 -
2024-08-01		 3 months crt.sh
referal.top
GTS CA 1P5		 2024-04-25 -
2024-07-24		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh

This page contains 3 frames:

Primary Page: https://referal.top/_hitler_alpha/?login=a.nair@tamimi.com&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Frame ID: 65B4796AF309AF5704D348ADE47CD5AD
Requests: 9 HTTP requests in this frame

Frame: https://webso.click/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Frame ID: 3ABA0D2AB99A1E1C4C053DC8A2CA2514
Requests: 2 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/rtdh6/0x4AAAAAAAEWIpby81ba-muQ/auto/normal
Frame ID: C920C705F8FC0F29B2C198053DCA2346
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://facjaia.r.bh.d.sendibt3.com/tr/cl/AHCQy-mXjAbiJKUbMRP0xF69-ArQQE7r3c6PFIYygr_pjKvVeA6L7vdX4gV1rvdCiVmaIU... HTTP 302
    https://warsee.s3.us-east-2.amazonaws.com/control_miyohumiyah.html?login=a.nair@tamimi.com&vcnt=100&request_type=load Page URL
  2. https://webso.click/control_miyoh/?login=a.nair@tamimi.com&page=null&request_type=load&page_bg=n... Page URL
  3. https://referal.top/_hitler_alpha/?login=a.nair@tamimi.com&page=null&request_type=load&page_bg=n... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

67 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

58 kB
Transfer

146 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://facjaia.r.bh.d.sendibt3.com/tr/cl/AHCQy-mXjAbiJKUbMRP0xF69-ArQQE7r3c6PFIYygr_pjKvVeA6L7vdX4gV1rvdCiVmaIUA-7NvPxLWBZ7wj7cwHNIPHQM8o3FxUCzGaJNKLijhqNlORfvtopGIpn9hU7b_b7c7QjMK49Ggp3BDHWHsUyC2epHsY8bqT4-QGiHtDOr1cCiwc_0j7JVljs4iKf0P_Jl6AH5Gb8sN5wqMH0PVC8awKX5IXuOf7I920mTu3uaKEntLiyB5_3Y9cRM0VkZx7u5_0PlBnzju7RBa7bYR4v6TWXGQzRwzSNBRLIvFLNMqKJGBDZlKZ5uTFFrlUwF8Sly8M963h4vOw3iWz8UcxiWAa34ySV9QPPecidm8fTdvxdPseBNeALTsYaWWbBj29TdmJTkynd5L-qoIcIhovd-wYCDlDEvI HTTP 302
    https://warsee.s3.us-east-2.amazonaws.com/control_miyohumiyah.html?login=a.nair@tamimi.com&vcnt=100&request_type=load Page URL
  2. https://webso.click/control_miyoh/?login=a.nair@tamimi.com&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null Page URL
  3. https://referal.top/_hitler_alpha/?login=a.nair@tamimi.com&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://facjaia.r.bh.d.sendibt3.com/tr/cl/AHCQy-mXjAbiJKUbMRP0xF69-ArQQE7r3c6PFIYygr_pjKvVeA6L7vdX4gV1rvdCiVmaIUA-7NvPxLWBZ7wj7cwHNIPHQM8o3FxUCzGaJNKLijhqNlORfvtopGIpn9hU7b_b7c7QjMK49Ggp3BDHWHsUyC2epHsY8bqT4-QGiHtDOr1cCiwc_0j7JVljs4iKf0P_Jl6AH5Gb8sN5wqMH0PVC8awKX5IXuOf7I920mTu3uaKEntLiyB5_3Y9cRM0VkZx7u5_0PlBnzju7RBa7bYR4v6TWXGQzRwzSNBRLIvFLNMqKJGBDZlKZ5uTFFrlUwF8Sly8M963h4vOw3iWz8UcxiWAa34ySV9QPPecidm8fTdvxdPseBNeALTsYaWWbBj29TdmJTkynd5L-qoIcIhovd-wYCDlDEvI HTTP 302
  • https://warsee.s3.us-east-2.amazonaws.com/control_miyohumiyah.html?login=a.nair@tamimi.com&vcnt=100&request_type=load
Request Chain 4
  • https://webso.click/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://webso.click/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Request Chain 8
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/api.js

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
control_miyohumiyah.html
warsee.s3.us-east-2.amazonaws.com/
Redirect Chain
  • https://facjaia.r.bh.d.sendibt3.com/tr/cl/AHCQy-mXjAbiJKUbMRP0xF69-ArQQE7r3c6PFIYygr_pjKvVeA6L7vdX4gV1rvdCiVmaIUA-7NvPxLWBZ7wj7cwHNIPHQM8o3FxUCzGaJNKLijhqNlORfvtopGIpn9hU7b_b7c7QjMK49Ggp3BDHWHsUyC2...
  • https://warsee.s3.us-east-2.amazonaws.com/control_miyohumiyah.html?login=a.nair@tamimi.com&vcnt=100&request_type=load
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://warsee.s3.us-east-2.amazonaws.com/control_miyohumiyah.html?login=a.nair@tamimi.com&vcnt=100&request_type=load
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.219.176.226 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
9d3c5ec1a1bd08f403e96cd80e1104acbfb71cf3eb78739b04557ce0e559cc35

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Content-Length
3403
Content-Type
text/html
Date
Mon, 10 Jun 2024 08:17:51 GMT
ETag
"a74351c832f7420025656c9fe0752f26"
Last-Modified
Fri, 07 Jun 2024 06:38:18 GMT
Server
AmazonS3
x-amz-id-2
m7BfHS4QqOqHkluBNcNrKf+CoCNLwhH+H8MWPVCTK+ph6+XL6z7NFv+YYUSVBTrCej0saKjS/+g=
x-amz-request-id
NBEBKB3ZQD4S4DBJ
x-amz-server-side-encryption
AES256

Redirect headers

content-length
148
content-type
text/html; charset=utf-8
date
Mon, 10 Jun 2024 08:17:50 GMT
location
https://warsee.s3.us-east-2.amazonaws.com/control_miyohumiyah.html?login=a.nair@tamimi.com&vcnt=100&request_type=load
x-content-type-options
nosniff
x-sib-server
gke-public-cluster-v2-1-179-112-170
x-xss-protection
1
control_miyohumiyah.html
warsee.s3.us-east-2.amazonaws.com/ 		0
0
favicon.ico
warsee.s3.us-east-2.amazonaws.com/ 		0
0
/
webso.click/control_miyoh/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webso.click/control_miyoh/?login=a.nair@tamimi.com&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Requested by
Host: warsee.s3.us-east-2.amazonaws.com
URL: https://warsee.s3.us-east-2.amazonaws.com/control_miyohumiyah.html?login=a.nair@tamimi.com&vcnt=100&request_type=load
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
674cf10a64198a178380d7b1bf7749c79abf2a5cfeed73c682e8a61d62ec9adc

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://warsee.s3.us-east-2.amazonaws.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8917ed649a38228e-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 10 Jun 2024 08:17:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VRA4f28MWPACi57PrXLPwlWkxejp4N7KtDzTCoSDHY5PoFAls1dzfs8I9rccsZ80QMCVgRGpijWbKIz8My09fMRHE8ujSZ1e2DVU7av2O3w5Tpxx%2B11GQwuaGiQ9CA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.30
main.js
webso.click/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/ Frame 3ABA
Redirect Chain
  • https://webso.click/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://webso.click/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webso.click/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Protocol
H3
Server
172.67.147.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Mon, 10 Jun 2024 08:17:51 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iSHrxbgTVXh0QLyaPVoBNu9HIwoQWmF3OXouOg%2BUDXCK%2FNWrZyZPbc58h9u9xyby%2BxwSJBnMBxC3ONJlgP6vSNV1j5x1gI32eVnHrvYPc9W4PPMQUiLbYlMdj2LM7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8917ed65cb7e228e-CDG
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 10 Jun 2024 08:17:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LMwnuako8qPPNPQkiJRwO8UW%2BvIklQ%2BqTTRTZVPUGnCiGT2w%2FTA4xTX505Ugz9ugwsvNQiC6fG3yazB7hZH%2Fv4w%2FgRjvaaIOFKb7KZJjZUsn7gUyoKIhKG0jR%2FXTgA%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
8917ed659b54228e-CDG
alt-svc
h3=":443"; ma=86400
content-length
0
Primary Request /
referal.top/_hitler_alpha/ 		729 B
846 B 		Document
General
Check archive.org
Download Go to
Full URL
https://referal.top/_hitler_alpha/?login=a.nair@tamimi.com&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Requested by
Host: webso.click
URL: https://webso.click/control_miyoh/?login=a.nair@tamimi.com&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.30
Resource Hash
2271af8ff6f1c56da8f690185bc866c46d705e1b5a38777475fe82e2b2669b90

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://webso.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8917ed667dc29e60-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 10 Jun 2024 08:17:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RrvMlDwzEu40uXEblZ12O0jPxW%2B1064mOGPd7VZIfHM69STrgegcugWjuhWaVD90UTtfvvm9CQSCZD%2FxTZ3TT10QrRoETh6RB95cDYoF3eIBi6p9%2FBSPxgwFRRRO9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.30
favicon.ico
webso.click/ 		298 B
660 B 		Other
General
Check archive.org
Download Go to
Full URL
https://webso.click/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://webso.click/control_miyoh/?login=a.nair@tamimi.com&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 08:17:51 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1aLTuNcRZ71KPyurXD3LliBDin5GDPGB%2Fkf9ok9IiUMEk7O7jSoQV0N3UfWKCYB24K6OzlWmT7x1KnMZZMSaf8qIO8x38kWkhTAdExSu%2FTCuohO%2FY%2BeT1iInzbf0dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8917ed65ab5d228e-CDG
alt-svc
h3=":443"; ma=86400
8917ed649a38228e
webso.click/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3ABA 		0
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://webso.click/cdn-cgi/challenge-platform/h/g/jsd/r/8917ed649a38228e
Requested by
Host: webso.click
URL: https://webso.click/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.147.250 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 10 Jun 2024 08:17:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DXcTLtxYKxQRFJyJgKHgi3gLaF7YhdlFu0ZfHBDrHr770%2FwgwZv4mJfxOM4sBDVPOB9dIVpht3sMqYQ%2BTO7wu%2FWWeqH3Hrk%2B25Qr5JIY4CgVS2lagav887oMg0E%2Byg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8917ed668c03228e-CDG
alt-svc
h3=":443"; ma=86400
content-length
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.3/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
Requested by
Host: referal.top
URL: https://referal.top/_hitler_alpha/?login=a.nair@tamimi.com&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://referal.top/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 12:53:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
501873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31191
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 12:53:18 GMT
api.js
challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/api.js
42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/api.js
Requested by
Host: referal.top
URL: https://referal.top/_hitler_alpha/?login=a.nair@tamimi.com&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Protocol
H3
Server
104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22401f58443400f39ce653a1736059092e1e5f85ffbbbaeda4b11c16b5bade6e

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://referal.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Mon, 10 Jun 2024 08:17:51 GMT
content-encoding
br
last-modified
Thu, 06 Jun 2024 21:04:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8917ed68681a6eb4-CDG
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 10 Jun 2024 08:17:51 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/g/6aac8896f227/api.js
cache-control
max-age=300, public
cross-origin-resource-policy
cross-origin
cf-ray
8917ed681fbc6eb4-CDG
alt-svc
h3=":443"; ma=86400
content-length
0
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/rtdh6/0x4AAAAAAAEWIpby81ba-muQ/auto/ Frame C920 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/rtdh6/0x4AAAAAAAEWIpby81ba-muQ/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://referal.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8917ed6918f23ce9-CDG
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 10 Jun 2024 08:17:51 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
favicon.ico
referal.top/ 		298 B
654 B 		Other
General
Check archive.org
Download Go to
Full URL
https://referal.top/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb234a70590eaf15292fbcbd08cb592a8c9baf57271c67df5c09a6ce86f3659b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://referal.top/_hitler_alpha/?login=a.nair@tamimi.com&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 10 Jun 2024 08:17:51 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HUBjIe8s3SAJuw4vRbFR9cEsdsVUgCUzaKUv646sXWHWXkN%2FkcO0s1yGWDoYLtj21%2BGe%2Fzj1YIucCPJRyzS1wKMz9qQqFzEkv8XEvH00iFKU1COiG2psDgkZJfBmSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8917ed6a185b9e60-CDG
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
warsee.s3.us-east-2.amazonaws.com
URL
https://warsee.s3.us-east-2.amazonaws.com/control_miyohumiyah.html?login=a.nair@tamimi.com&vcnt=100&request_type=load
Domain
warsee.s3.us-east-2.amazonaws.com
URL
https://warsee.s3.us-east-2.amazonaws.com/favicon.ico

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| javascriptCallback object| turnstile

1 Cookies

Domain/Path Name / Value
.webso.click/ Name: cf_clearance
Value: uIwCsgBWT0vOTG9BiSl3PY.NfrnQ.afDZ4g4LcUh2BE-1718007471-1.0.1.1-kOr7hDZ7nJ0h6w4P69XLSrg89L0nUWdYchTVrIOOHsQm3kkF7fC9ElluuZ79DUDZdXH365iM.fPd3Wedz6MNNA

3 Console Messages

Source Level URL
Text
network error URL: https://webso.click/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://referal.top/_hitler_alpha/?login=a.nair@tamimi.com&page=null&request_type=load&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=100&use_cdtimr=null
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://referal.top/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()