urlscan.io logo urlscan.io
SecurityTrails logo

auth-connectscuritydomain.com Open in urlscan Pro
172.67.176.252  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.wearegoingtomakepeaceover.com/
Effective URL: https://auth-connectscuritydomain.com/1/?IjfArxruWMEj
Submission: On April 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 11 HTTP transactions. The main IP is 172.67.176.252, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth-connectscuritydomain.com.
TLS certificate: Issued by GTS CA 1P5 on February 21st 2024. Valid for: 3 months.
This is the only time auth-connectscuritydomain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 162.0.239.113 22612 (NAMECHEAP...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 10 172.67.176.252 13335 (CLOUDFLAR...)
11 3
Domain Requested by
11 auth-connectscuritydomain.com 1 redirects www.wearegoingtomakepeaceover.com
auth-connectscuritydomain.com
1 www.wearegoingtomakepeaceover.com
11 2

This site contains no links.

Subject Issuer Validity Valid
cpcalendars.wearegoingtomakepeaceover.com
R3		 2024-04-15 -
2024-07-14		 3 months crt.sh
auth-connectscuritydomain.com
GTS CA 1P5		 2024-02-21 -
2024-05-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://auth-connectscuritydomain.com/1/?IjfArxruWMEj
Frame ID: E02BE467CDDC1DF6D1885AA211F289DA
Requests: 9 HTTP requests in this frame

Frame: https://auth-connectscuritydomain.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: 9C598D9B2732DF8E7B2704DD77D40F34
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

  1. https://www.wearegoingtomakepeaceover.com/ Page URL
  2. https://auth-connectscuritydomain.com/1/?IjfArxruWMEj Page URL
  3. https://auth-connectscuritydomain.com/1/?IjfArxruWMEj Page URL
  4. https://auth-connectscuritydomain.com/1/?IjfArxruWMEj Page URL

Page Statistics

11
Requests

91 %
HTTPS

33 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

45 kB
Transfer

42 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.wearegoingtomakepeaceover.com/ Page URL
  2. https://auth-connectscuritydomain.com/1/?IjfArxruWMEj Page URL
  3. https://auth-connectscuritydomain.com/1/?IjfArxruWMEj Page URL
  4. https://auth-connectscuritydomain.com/1/?IjfArxruWMEj Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://auth-connectscuritydomain.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://auth-connectscuritydomain.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.wearegoingtomakepeaceover.com/ 		674 B
882 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.wearegoingtomakepeaceover.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.0.239.113 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
vacantheartedness-badass.vpsrdns.web-hosting.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 17 Apr 2024 03:47:45 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
/
auth-connectscuritydomain.com/1/ 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth-connectscuritydomain.com/1/?IjfArxruWMEj
Requested by
Host: www.wearegoingtomakepeaceover.com
URL: https://www.wearegoingtomakepeaceover.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b0fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a05e0650ffed118f81fbb4b1189a4250fcca331c08ebd7765f6485ebd1fa6a0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.wearegoingtomakepeaceover.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
87596f85096739ee-FRA
content-type
text/html; charset=utf-8
date
Wed, 17 Apr 2024 03:47:46 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2FylNSDYEGBAPG8GhLun70FdXuMCuhuQFEZvhf2iU48VIjBlUT7o%2BqSRrjUX6DxQm%2FvXt35UDq18XszBi2H9kkT%2FoioRJ8rVuvRJIkB2E6yxAipLiR1VpiaXX5fS9cyHkDqFT5tzX3OZaGfSls1cKr4IJRWF60tylfypDA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
/
auth-connectscuritydomain.com/1/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth-connectscuritydomain.com/1/?IjfArxruWMEj
Requested by
Host: www.wearegoingtomakepeaceover.com
URL: https://www.wearegoingtomakepeaceover.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
VH4Ibr-G3H45VxfrzqFiys7lk6Y
36282440
X-Requested-TimeStamp-Expire
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://auth-connectscuritydomain.com/1/?IjfArxruWMEj
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp
P5pnUstik5rFZVLWNHBspPAwbcQ
hLL2Ig-e0Lc-PnB-YBOC6rWGlKU
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 03:47:46 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IVJmcxWF6vhOvqpxvp%2FD8GpirdV%2BHdRl%2Bke68%2F1GHyLXbDL9x7CV4y88NK6b6FcWt6gWx498RheVkneFBgUXCmmipw5fkIitSVu7yozjMbnKaQfkIIb7pXUgINX6FL357cb%2FEhR7jnzfIe9zT25ylA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87596f85e9bd1c2e-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
main.js
auth-connectscuritydomain.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame 9C59
Redirect Chain
  • https://auth-connectscuritydomain.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://auth-connectscuritydomain.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth-connectscuritydomain.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Protocol
H3
Server
172.67.176.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c82157de884348896971014dd395afe18a0b43b4ff95b380b9612ce72793c6e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Apr 2024 03:47:46 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=spR2cVJH1VP2V51i2o4yfntQNIY0a2yPfQj4OqnnaqJ6khXRQV4gA8A1siNRcX5q7Ie9%2BWAv%2B6gxyMOiS0J%2Bir0Dkj%2FWevc02j8hIEp6wWQBoBY1rC%2Fo1FXgXVkaTSSMLmc8O8tcLCt8aKjy5i5m%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
87596f85f9c51c2e-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 17 Apr 2024 03:47:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R9SY6qA6iN1Mb2UaIimDwA2e1mlgHr3vqzLejvjMTkC5a9ymsWPkf5ly6thMywVWe%2F2DlOquUWKuQXRlA2Cct81n4JiTQzZD77yKg6NYP2rk%2BrHukRjysUDYoAAHB0J5bfpiHftxR1gwDIUR%2F1AnLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
87596f85e9be1c2e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
auth-connectscuritydomain.com/ 		6 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://auth-connectscuritydomain.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec1a729e2566ad5a1922665af5c2b39e4b4ab60af07755c707d2d13910996b84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://auth-connectscuritydomain.com/1/?IjfArxruWMEj
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 03:47:46 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f3ckHMyYnSO3y8xLtTQ6g0qpShVKttpxXW2n5idUL0AcqZ8cNBQ1sUlIAKOy%2FFvZjtl5325Y1tynPjE3b%2FXQAOJmF5hgj3l1DMe21E5I4Jg%2FZyID2PDvPXb%2Fq3QHz1VLoM6ZxbWIy1np2eV8FWWwKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87596f85e9c01c2e-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
87596f85096739ee
auth-connectscuritydomain.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 9C59 		0
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth-connectscuritydomain.com/cdn-cgi/challenge-platform/h/b/jsd/r/87596f85096739ee
Requested by
Host: auth-connectscuritydomain.com
URL: https://auth-connectscuritydomain.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 Apr 2024 03:47:46 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lb7nZZPxCnt2NwUkni7s3Xhp3M4CVX87kMrdomrM6L712Sj%2F7cJDEpvmmq1RNzpbP%2BNt33A2htcN0s1zkvi7hzA9KFjQwpRdJGXq5sWd8rDnXKeSCHvZ9t%2FiIoiBcicYRml4jAy0JA3R97eAOtS%2Bhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
87596f866a071c2e-FRA
alt-svc
h3=":443"; ma=86400
/
auth-connectscuritydomain.com/1/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth-connectscuritydomain.com/1/?IjfArxruWMEj
Requested by
Host: www.wearegoingtomakepeaceover.com
URL: https://www.wearegoingtomakepeaceover.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3cd0de897d5baffff02e47cfbe29259212da60dc52294fae852e135799e61bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://auth-connectscuritydomain.com/1/?IjfArxruWMEj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
87596f86aa401c2e-FRA
content-type
text/html; charset=utf-8
date
Wed, 17 Apr 2024 03:47:46 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AC6TpOV6h2rjRFa1tJhXLhnH2eOjyqrubAPl6mr4QLGBlznRoGgI%2Fdt62aHtqrItqpNbPhpxWiVzgGOUOQINZeJZ17CV2qozCmO9Hon%2FA1AiNoRizUmTqtgRwi2AceTAlXUVbI50zJ0UHSi%2FqMXDQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
/
auth-connectscuritydomain.com/1/ 		0
933 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth-connectscuritydomain.com/1/?IjfArxruWMEj
Requested by
Host: www.wearegoingtomakepeaceover.com
URL: https://www.wearegoingtomakepeaceover.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Requested-TimeStamp-Expire
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://auth-connectscuritydomain.com/1/?IjfArxruWMEj
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp
P5pnUstik5rFZVLWNHBspPAwbcQ
hLL2Ig-e0Lc-PnB-YBOC6rWGlKU
0suTdy3HJCHN-WQ0Boa39T6xY
36282440
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 03:47:46 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bG3vK%2BgFlf6L%2FM%2FHi9FneLaXatg9w3GY2IlBDQVMWJ5k3uPZXCLEci2tGjFOWvj05q5R5Br1v0dEi%2B3%2FEf%2FA54yLiWXWOgE7Sfy%2BCCgwaGIJLDJ2b6XkBgWu5LwzCbWSCEDP9CiJTbCN0Zs%2FkZxUGA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87596f871a7a1c2e-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
favicon.ico
auth-connectscuritydomain.com/ 		6 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://auth-connectscuritydomain.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://auth-connectscuritydomain.com/1/?IjfArxruWMEj
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 17 Apr 2024 03:47:46 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R2Jg1yPaRML32Z5oB2e5mzma1NO%2FDS6niMWCC7mQFfpXvMn7yWKgnVHrrLDuF59fg7e5J07CxSNQeBCqSG8kV1%2FJ%2FXtBivOP0NfGcVwAvuNuu26Pp0dCFZmAfpmiIA5Zi2QCbPBqBll2h1DBgiREGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87596f872a7e1c2e-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
Primary Request /
auth-connectscuritydomain.com/1/ 		548 B
565 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth-connectscuritydomain.com/1/?IjfArxruWMEj
Requested by
Host: www.wearegoingtomakepeaceover.com
URL: https://www.wearegoingtomakepeaceover.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://auth-connectscuritydomain.com/1/?IjfArxruWMEj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87596f87cae31c2e-FRA
content-encoding
br
content-type
text/html
date
Wed, 17 Apr 2024 03:47:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uEvbBVTQbexmUFBViw4ei%2F3m7dduSNTZT6%2FbLIWVEm2ekWdrsigc5U1mpxjUk7KozlYo0sAlI07%2Fk3aJaZf8gylLEYtDQQut%2Fx4Do%2FzabcHYXR6NAT0oOUBw3DOeg1XZHLiEH1h%2BuP28Z1VfHAC8gA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block 1; mode=block
favicon.ico
auth-connectscuritydomain.com/ 		548 B
644 B 		Other
General
Check archive.org
Download Go to
Full URL
https://auth-connectscuritydomain.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.176.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://auth-connectscuritydomain.com/1/?IjfArxruWMEj
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Wed, 17 Apr 2024 03:47:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jGpHwnrNf1yaXA6tUBfI5yFTjYy5JwOm9hzR4BHaq%2BFl35IXPPtnUgt%2Fr58ZhT2LRXdx7Lmp1EvhBSnjHStUIJ2Af4plwZ3DKlAOVw6i34optHafIzlvv4NOZYBgVOUx92PURyF9O2CGH%2FcgmfhS5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray
87596f884b271c2e-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Domain/Path Name / Value
auth-connectscuritydomain.com/ Name: 5UMRy2bpRgFXqamHPSYV6L9umpw
Value: _zvva3alNGvsi1WZo2LdvKsQuRQ
auth-connectscuritydomain.com/ Name: JfZhwprgYr7DZ5_iOQ9fw57Owow
Value: 1713325656
auth-connectscuritydomain.com/ Name: -w4BdkrL9WUdm9XSd38NkXs1ZeQ
Value: 1713412056
auth-connectscuritydomain.com/ Name: gMq0K5ghgce_90UuQiRnPr6mc7s
Value: 8sOOAqmyMRm7LZRc8Fft1ufDe50
auth-connectscuritydomain.com/ Name: uiYdihavlUkx8FNcnw-tC-7uhUc
Value: 6vS_lDGlgTkXQcTN2q5dKUpFbdY
.auth-connectscuritydomain.com/ Name: cf_clearance
Value: 20EH1bRAYn1rb3GyAZkmdFty1nLoXXgnNMQaPy5j8Z4-1713325666-1.0.1.1-_gtUN3FvnPYo5XoGixd9CbrpbzVO10etrMt9gBS4tEB8kXrooB.ENrDkAifPsx43PH_eTZHqa7Ll0XkO53soBw
auth-connectscuritydomain.com/ Name: EW85CFxAPc47I66TioIzZKm_N0o
Value: qxeyLumGVVD5RqTgPjFKbRqPTXY
auth-connectscuritydomain.com/ Name: hgA7pGkdi5vC6NLT5OwhOB4rdOU
Value: 1713325662
auth-connectscuritydomain.com/ Name: l69pS6EKUNleDVJaCQbusr_D6Fs
Value: 1713412062
auth-connectscuritydomain.com/ Name: tjs-DoJrY6cynu8_S7XK3djuutg
Value: yFMM9_uvl1_4Sjg_8Mp53060PnE
auth-connectscuritydomain.com/ Name: -W7GeTqXjfI2iq2bHP14VH9C63Q
Value: aP4hbgt4JCGKeG7z8LNr6ew-3j0
auth-connectscuritydomain.com/ Name: 7WlN7yu6qDy2NH25ybm11os1dp0
Value: JVCkAJJWlrEzYlyHi23TeyA5d3w
auth-connectscuritydomain.com/ Name: esFVfNtdYG_LZLA2AjBGVu2_7PY
Value: Y6RCXDw52S-lcrXC3aFohHuHc48
auth-connectscuritydomain.com/ Name: mEbpO7vUrI-Bn8BcAz8nYy1xJI8
Value: 1713325665
auth-connectscuritydomain.com/ Name: CmRGTd_LWw6cSwSGmS2P_eVYuEY
Value: 1713412065
auth-connectscuritydomain.com/ Name: aqZN92XDAzyWyzygeZGWuMLKz18
Value: IPMi10Oc4tOlhsQmbBAqYiAuzQA
auth-connectscuritydomain.com/ Name: zaChx9LOy2N4ji_zkKx4YnXNO-E
Value: 6yJricr0wlqtYP8iV5rHEr_Smsg

7 Console Messages

Source Level URL
Text
network error URL: https://auth-connectscuritydomain.com/1/?IjfArxruWMEj
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://auth-connectscuritydomain.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://auth-connectscuritydomain.com/1/?IjfArxruWMEj
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://auth-connectscuritydomain.com/1/?IjfArxruWMEj
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://auth-connectscuritydomain.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://auth-connectscuritydomain.com/1/?IjfArxruWMEj
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://auth-connectscuritydomain.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()