urlscan.io logo urlscan.io
SecurityTrails logo

nrezf.0ff365files.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://api.getjusto.com/redirect?to=https%3A%2F%2Fhydropod.sa.com%2Fnew%2Fauth%2Fsdbptq%2F%2F%2F%2FaGFucy5nZW5uZW5AY3Vyc...
Effective URL: https://nrezf.0ff365files.com/Mhans.gennen@currenta.de
Submission: On May 08 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 21 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is nrezf.0ff365files.com.
TLS certificate: Issued by GTS CA 1P5 on May 2nd 2023. Valid for: 3 months.
This is the only time nrezf.0ff365files.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 44.193.55.9 14618 (AMAZON-AES)
1 162.241.69.179 19871 (NETWORK-S...)
7 2a06:98c1:312... 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
21 4
Apex Domain
Subdomains		 Transfer
7 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 6491
133 KB
7 0ff365files.com
nrezf.0ff365files.com
261 KB
1 sa.com
hydropod.sa.com
272 B
1 getjusto.com
api.getjusto.com — Cisco Umbrella Rank: 830910
557 B
21 4
Domain Requested by
7 challenges.cloudflare.com nrezf.0ff365files.com
challenges.cloudflare.com
hydropod.sa.com
7 nrezf.0ff365files.com nrezf.0ff365files.com
1 hydropod.sa.com
1 api.getjusto.com 1 redirects
21 4

This site contains no links.

Subject Issuer Validity Valid
cpcontacts.hydropod.sa.com
R3		 2023-05-03 -
2023-08-01		 3 months crt.sh
0ff365files.com
GTS CA 1P5		 2023-05-02 -
2023-07-31		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://nrezf.0ff365files.com/Mhans.gennen@currenta.de
Frame ID: B44F66E893E39BFFA07BE5367A04277D
Requests: 11 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1gzco/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 18E1F4C93DAB8DB3AEF91175C03A030F
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading...

Page Statistics

21
Requests

71 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

394 kB
Transfer

736 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://api.getjusto.com/redirect?to=https%3A%2F%2Fhydropod.sa.com%2Fnew%2Fauth%2Fsdbptq%2F%2F%2F%2FaGFucy5nZW5uZW5AY3VycmVudGEuZGU= HTTP 302
  • https://hydropod.sa.com/new/auth/sdbptq////aGFucy5nZW5uZW5AY3VycmVudGEuZGU=

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
aGFucy5nZW5uZW5AY3VycmVudGEuZGU=
hydropod.sa.com/new/auth/sdbptq////
Redirect Chain
  • https://api.getjusto.com/redirect?to=https%3A%2F%2Fhydropod.sa.com%2Fnew%2Fauth%2Fsdbptq%2F%2F%2F%2FaGFucy5nZW5uZW5AY3VycmVudGEuZGU=
  • https://hydropod.sa.com/new/auth/sdbptq////aGFucy5nZW5uZW5AY3VycmVudGEuZGU=
0
272 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hydropod.sa.com/new/auth/sdbptq////aGFucy5nZW5uZW5AY3VycmVudGEuZGU=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.241.69.179 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
a.cruisevirusreviews.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 08 May 2023 17:02:50 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
refresh
0;url=https://nrezf.0ff365files.com/Mhans.gennen@currenta.de

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Access-Control-Allow-Origin,X-HTTP-Method-Override,Content-Type,Authorization,Accept,x-orion-nonce,x-orion-platform,x-orion-publickey,x-orion-signature,x-orion-locale,x-orion-twofactor,x-orion-deviceid,x-orion-fp,x-orion-domain,x-orion-appcode,x-orion-referrer,x-orion-posversion,x-orion-timezone,x-orion-pathname,x-orion-device-country-code,x-orion-jwt,x-orion-refresh,x-orion-wrapped-website,sentry-trace
access-control-allow-methods
POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
date
Mon, 08 May 2023 17:02:50 GMT
location
https://hydropod.sa.com/new/auth/sdbptq////aGFucy5nZW5uZW5AY3VycmVudGEuZGU=
Primary Request Mhans.gennen@currenta.de
nrezf.0ff365files.com/ 		8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nrezf.0ff365files.com/Mhans.gennen@currenta.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa6df173ec1cedf50bd50f7c862ffb900604f1dc34d8d8c5ba0e6d7202f3395b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://hydropod.sa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7c4345d54932b7a0-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Mon, 08 May 2023 17:02:51 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6m4Tl%2BE51PYnRPWNZUsYd%2F5vF%2FRV2nKaJG37knN36crZpfo%2FPStM%2Be%2B0Fb4peS%2BVfrDvSv%2FhqYwzFGW0VKrR4x3aRR7%2FuUzDTCUcuMxqv2dTElicStbDEk9w%2FJWlT0jcE9mB%2BXAWttLqFIageJkERW9PMoE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
v1
nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ 		147 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7c4345d54932b7a0
Requested by
Host: nrezf.0ff365files.com
URL: https://nrezf.0ff365files.com/Mhans.gennen@currenta.de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
517538ecd8b8b95bc57f3125d84ed37f36e1285c64930a3f8bf7da09c2c33dcd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nrezf.0ff365files.com/Mhans.gennen@currenta.de?__cf_chl_rt_tk=eN4QM.U8ozbwWMhyurifJQ0jnRl8gGtrm6YzeF7yBHk-1683565371-0-gaNycGzNC9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:02:52 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0a0ruRfNi9ASr9wWmm3O%2BfgaoW6RWCEbIb9rgxJZ92h2ZSWRUj0XbfY4w3AnWUI0PJBlikzwon1aMvW2Kp3O9mgQf%2F1wU01fydDFrkLhVUm0uxxVRa64PwcMPCuPAX%2B4IktzeE%2FnmcG7Dq3My3gtD72Sh7c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7c4345d81c3ab7a0-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
transparent.gif
nrezf.0ff365files.com/cdn-cgi/images/trace/managed/js/ 		42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrezf.0ff365files.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7c4345d54932b7a0
Requested by
Host: nrezf.0ff365files.com
URL: https://nrezf.0ff365files.com/Mhans.gennen@currenta.de?__cf_chl_rt_tk=eN4QM.U8ozbwWMhyurifJQ0jnRl8gGtrm6YzeF7yBHk-1683565371-0-gaNycGzNC9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nrezf.0ff365files.com/Mhans.gennen@currenta.de?__cf_chl_rt_tk=eN4QM.U8ozbwWMhyurifJQ0jnRl8gGtrm6YzeF7yBHk-1683565371-0-gaNycGzNC9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:02:52 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 Apr 2023 14:11:18 GMT
server
cloudflare
etag
"644bd406-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7c4345d81c3cb7a0-AMS
content-length
42
expires
Mon, 08 May 2023 19:02:52 GMT
api.js
challenges.cloudflare.com/turnstile/v0/g/b5e45436/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/b5e45436/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: nrezf.0ff365files.com
URL: https://nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7c4345d54932b7a0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5205e201bbd649a3a4af0ecb9b1e8a80f73aa8ea4aee1740302b1b8f7435b27f

Request headers

Referer
Origin
https://nrezf.0ff365files.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:02:52 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7c4345db1c290b8c-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
0ee451e55cdbe9f
nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1694446268:1683561995:yLGDER5XHy-Ol4Cox7W4Bl2QEDvZ4h2BBAWKKV1f33U/7c4345d54932b7a0/ 		258 KB
195 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1694446268:1683561995:yLGDER5XHy-Ol4Cox7W4Bl2QEDvZ4h2BBAWKKV1f33U/7c4345d54932b7a0/0ee451e55cdbe9f
Requested by
Host: nrezf.0ff365files.com
URL: https://nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7c4345d54932b7a0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28f7411a6bc287c8de9ad17be114680c042150df4a944d8756f31c284462c07f

Request headers

Referer
https://nrezf.0ff365files.com/Mhans.gennen@currenta.de
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
CF-Challenge
0ee451e55cdbe9f
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 08 May 2023 17:02:52 GMT
content-encoding
br
cf_chl_gen
Cop1tUg4wSHq0FNP83YdZV8ljB5U6UMMDpg3662I/FT/Qwk3w7bQNdKwdlFpxDJ/IGya24hqty95W/ZWXKkrQmdLyzaCpgaX5iwQZt2d7dy8gtGDcagvjTrAJ/NaViB4M6851cslXU3rM9Ssiy5RPjP/oDE0LTEyuOcnE5hXZEmJ3nH8lJj9JJ5sz4jPcDq1Nu4b6/tHN3gOmi/ZhSFZYH56Vzkqfdan7+V8XNa1TerJZC5ixYa7yvrH5rAr9CC25ZlfgkjnGjRrJhb8P/PnS6ttISiwxLjDTawFnwDdUP2ldX3lFkv7l8ExFiMjX6WBCUC6rTWEnZY9+nsDqS2mNC7doLa2FPRG4TCZV4ICX0NzxCvDDct7QOmON4LkkFiSXRJAQ4BhIzcduBiba9gl5lRbH56L4PeQIJLsq2hdrSBjzVv8jXwNh1P8uxtNDevDIxq10xp1Ia+4ThvNr8zPwA==$xO6nfLPFXtVZfi+vgemXJw==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZBo2hCvdA3gOrJs7USaT96k%2FMYWu186gxHVJRBoan2iVl9HXBrxxK0EHPHLQisNUXhF%2FBEL2JJRgSAYX9k7tgXINsbBSMAy75ENsBHE468ilNOBwSIcJMU3WWtXtNHbTslCsCJV%2FAQ7QIvLDgaUypXqMmE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7c4345d96a9bb7b8-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vlfyb1CxbzHWlJV
nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/img/7c4345d54932b7a0/1683565372394/ 		61 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/img/7c4345d54932b7a0/1683565372394/vlfyb1CxbzHWlJV
Requested by
Host: nrezf.0ff365files.com
URL: https://nrezf.0ff365files.com/Mhans.gennen@currenta.de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14d803b92e43a95d61d0df8e2655ae0966f2ae871788990d84ecdf46e9da5602

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nrezf.0ff365files.com/Mhans.gennen@currenta.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:02:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7c4345e45deab7b8-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djZ2n%2B434%2BzGoDzsl9AX3PiElvSL4HWxwchaV0hyP%2F%2FiPI5eKzariOPCsBfCe1EIrafobRVOzYWg7afrU1EIbPkmf%2BF0mCyxIYTW02auNNITdfLUS%2BLKvsYZEfuJPpLPbN8RuaDWViUNK%2FCEoIiBXT%2BZS7k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
540eb8fa-8c6b-4c90-95db-6c085aca07dc
https://nrezf.0ff365files.com/ 		539 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nrezf.0ff365files.com/540eb8fa-8c6b-4c90-95db-6c085aca07dc
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08c91791d18c8b35509f8951ba53b3868ebc91a142f78fb1294aadad03f537c8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nrezf.0ff365files.com/Mhans.gennen@currenta.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Length
539
Content-Type
text/javascript
ede7b585-9687-488c-92e4-72316f58fd7e
https://nrezf.0ff365files.com/ 		656 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://nrezf.0ff365files.com/ede7b585-9687-488c-92e4-72316f58fd7e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nrezf.0ff365files.com/Mhans.gennen@currenta.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Length
656
Content-Type
text/javascript
q9L9Gr5q8qe8oqu
nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/pat/7c4345d54932b7a0/1683565372395/0f05e245811397591f58f8b9b4f496e3c70dc2ef5495fbe1088f4d08137fd58a/ 		1 B
938 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/pat/7c4345d54932b7a0/1683565372395/0f05e245811397591f58f8b9b4f496e3c70dc2ef5495fbe1088f4d08137fd58a/q9L9Gr5q8qe8oqu
Requested by
Host: nrezf.0ff365files.com
URL: https://nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7c4345d54932b7a0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nrezf.0ff365files.com/Mhans.gennen@currenta.de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:02:54 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gDwXiRYETl1kfWPi5tPSW48cNwu9UlfvhCI9NCBN_1YoAFW5yZXpmLjBmZjM2NWZpbGVzLmNvbQ==, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAn23qyGdHVs28an7XXJsPKj7kVCaC9GVfIA_hqz7TYAdgPPPWwl9HHr2M2TPFejyc6bFISKBkmpvDiLNyAvKEm13RN65hHys38F97m-W3nV3CX88cMDzDhHNeSKqQo1MoCrKUVRA-HzoI7whFpb6oZatrsiQfT6e0EDSrkJ6AGKwW_hqtTq7Q8oQ8NMvLvQL4MtSLPzPcvwFOz2xb4cnOAAux7Xqj_X9nqx6jEU9gIxdjYa3s0NPyqM-bXlYDhp2Sss_2cyjfmadXK8iNYTmz68Ee9rJbH-kOjl28L1MjBPE6_7T93xkwiDUx1oIe6PkSyh1uv2wJROfbRBP3WttzJwIDAQAB, max-age=20
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8tJoRP1hYVWyLZFvl%2FgO3ZaYHf4WVfmuJ0BvKA7dOzk%2Flpud5DyyfLQuplIdkGIzLNyUukQxKMjP56NxN3WCYNdbLmBoZ%2F9u8tlyzGi7Q61RD8ikFqAYa4ogUR4zbvz24mmLTeAr5KXUUjJkFpNa5lFl3o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7c4345e82a51b7b8-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
0ee451e55cdbe9f
nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1694446268:1683561995:yLGDER5XHy-Ol4Cox7W4Bl2QEDvZ4h2BBAWKKV1f33U/7c4345d54932b7a0/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1694446268:1683561995:yLGDER5XHy-Ol4Cox7W4Bl2QEDvZ4h2BBAWKKV1f33U/7c4345d54932b7a0/0ee451e55cdbe9f
Requested by
Host: nrezf.0ff365files.com
URL: https://nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7c4345d54932b7a0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5d778860b6145f34100b9fb53cf67f55ac1f845367ad72cf14cdda90b0291aa

Request headers

Referer
https://nrezf.0ff365files.com/Mhans.gennen@currenta.de
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
CF-Challenge
0ee451e55cdbe9f
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 08 May 2023 17:02:56 GMT
content-encoding
br
cf_chl_gen
bo2RC+WGEremj5OWbRZMbDkRMGV56Uu2pFjnZbEsUMT3NgUdUz3UybI2AY7gMX8x$4vAo/CvwbbVKTg/RF3duyw==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38sz0hzKffZtWwARGfsBf7HfMPrRnUjPcPZagrAM1H9Hcx4iN2iTbiSssT5l5Ouv6uJ09tfUrpN%2BJFZGB36Xzuq5DtY2JuneFZYt4wD1Wrdw9HoZ3gcHBme%2BUklmB3nVvxziZMGLHzHvpSPvlS6%2FhQDAJfs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7c4345f02a64b7b8-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1gzco/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 18E1 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1gzco/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/b5e45436/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b972f71449a47f4ec7dd0a3a155f52aa4cc2a6432ec2b23fd729282ed23685d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7c4345f258090e78-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 08 May 2023 17:02:56 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 18E1 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7c4345f258090e78
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1gzco/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48b3fc62ba65f597a3fd4dcbdf233a69c49f5d370a0d2ed0a8306a925a75b343

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1gzco/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:02:56 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7c4345f35a200e78-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
ec2d5a1940df71a
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2023176989:1683562100:keEwAUMWMv_jQIakFSALcKuri22yerB4dYcd8Axqz98/7c4345f258090e78/ Frame 18E1 		107 KB
59 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2023176989:1683562100:keEwAUMWMv_jQIakFSALcKuri22yerB4dYcd8Axqz98/7c4345f258090e78/ec2d5a1940df71a
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7c4345f258090e78
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f77215388f8b6a75673ff8b0b29255d447c36a9f7a33c5e49a160c60476fd16

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1gzco/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
CF-Challenge
ec2d5a1940df71a
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 08 May 2023 17:02:56 GMT
content-encoding
br
cf_chl_gen
d6cs1NInIOUzFxDo8r1K3tfwgN6n9lSDvVlALZ9g59bCUoKv9xIKAe91I0NB/Z6s8p+/piuGhScjPPB+vDeJ/IZ9pRzqdgZF6ZLPrYTxt8UuGkeFoaE/1qXArNKliSoNZMM2uGZQfOclUF24W+XTgKzAJLLI53QrljlsRTu2gjUONOnNClonLOwX3hqvhx58+FlyQuB9n4fbfhebB5OAlorTekVTRh91owFSFPntT4i09HB6634+7HY/lEBvn9pfVZJmghPib1/mqa0n1U+IVr7mI5IX5OoaGyPoW+rvpi8y7cgpoZ+nCzzpm04RSOcu9Ygvc2R+qgansnGKUm31VAJWhr1j6toZJkgJrYeHZHtuFUS2KV9uVfc0D51BbDAQxkhPYQ5u2DXHyeXzDk0uAHxfrIptDoxpxg3Rn4N1wILSfbjXu3dVMCpRa+YY4T97$mgT+tZVG/D6aifg1FEpUjQ==
server
cloudflare
cf-ray
7c4345f57d930e78-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
3dd2d753-189d-49ee-9e33-c6425344f4ac
https://challenges.cloudflare.com/ Frame 18E1 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/3dd2d753-189d-49ee-9e33-c6425344f4ac
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f21ca931d1d42723c72512dc3665f02594b0c8a882ec8efe259231b8eaa0289

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1gzco/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Length
3394
Content-Type
text/javascript
3dd2d753-189d-49ee-9e33-c6425344f4ac
https://challenges.cloudflare.com/ Frame 18E1 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/3dd2d753-189d-49ee-9e33-c6425344f4ac
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f21ca931d1d42723c72512dc3665f02594b0c8a882ec8efe259231b8eaa0289

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1gzco/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Length
3394
Content-Type
text/javascript
3dd2d753-189d-49ee-9e33-c6425344f4ac
https://challenges.cloudflare.com/ Frame 18E1 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/3dd2d753-189d-49ee-9e33-c6425344f4ac
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f21ca931d1d42723c72512dc3665f02594b0c8a882ec8efe259231b8eaa0289

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1gzco/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Length
3394
Content-Type
text/javascript
d6ff1fd3-b38c-4fd2-a333-c9552b3374c4
https://challenges.cloudflare.com/ Frame 18E1 		656 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/d6ff1fd3-b38c-4fd2-a333-c9552b3374c4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1gzco/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Length
656
Content-Type
text/javascript
glqWgyTkMX5f0wA
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7c4345f258090e78/1683565376889/4738801f7174a1d27f645ecb078dfca2e7f16e8253c2f337b424633d9ccc7482/ Frame 18E1 		1 B
648 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7c4345f258090e78/1683565376889/4738801f7174a1d27f645ecb078dfca2e7f16e8253c2f337b424633d9ccc7482/glqWgyTkMX5f0wA
Requested by
Host: hydropod.sa.com
URL: https://hydropod.sa.com/new/auth/sdbptq////aGFucy5nZW5uZW5AY3VycmVudGEuZGU=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1gzco/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:02:58 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gRziAH3F0odJ_ZF7LB438oufxboJTwvM3tCRjPZzMdIIAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAn23qyGdHVs28an7XXJsPKj7kVCaC9GVfIA_hqz7TYAdgPPPWwl9HHr2M2TPFejyc6bFISKBkmpvDiLNyAvKEm13RN65hHys38F97m-W3nV3CX88cMDzDhHNeSKqQo1MoCrKUVRA-HzoI7whFpb6oZatrsiQfT6e0EDSrkJ6AGKwW_hqtTq7Q8oQ8NMvLvQL4MtSLPzPcvwFOz2xb4cnOAAux7Xqj_X9nqx6jEU9gIxdjYa3s0NPyqM-bXlYDhp2Sss_2cyjfmadXK8iNYTmz68Ee9rJbH-kOjl28L1MjBPE6_7T93xkwiDUx1oIe6PkSyh1uv2wJROfbRBP3WttzJwIDAQAB, max-age=20
server
cloudflare
cf-ray
7c4345feee7b0e78-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
1p2THDEPWnBvYq5
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7c4345f258090e78/1683565376890/ Frame 18E1 		61 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7c4345f258090e78/1683565376890/1p2THDEPWnBvYq5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
359f93416e76855dcae8673c8ce500b1a056c765275b4d4fc469bb00bd260d23

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1gzco/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Mon, 08 May 2023 17:02:58 GMT
server
cloudflare
cf-ray
7c43460008430e78-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
ec2d5a1940df71a
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2023176989:1683562100:keEwAUMWMv_jQIakFSALcKuri22yerB4dYcd8Axqz98/7c4345f258090e78/ Frame 18E1 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2023176989:1683562100:keEwAUMWMv_jQIakFSALcKuri22yerB4dYcd8Axqz98/7c4345f258090e78/ec2d5a1940df71a
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7c4345f258090e78
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22be7e6614afe546947c9799e0f6afcf93de18c32eb21f07ef69b4bcef3c7ca5

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1gzco/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
CF-Challenge
ec2d5a1940df71a
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 08 May 2023 17:02:59 GMT
content-encoding
br
cf_chl_gen
+SFwPdzaqFwSIQMpxNprG/Zsc9NgMqxA0bikoGFI9DnwBWFqp7z8XQ9+94jx6pCF$gS3aeUWjCTm4W+h0sqB5fQ==
server
cloudflare
cf-ray
7c4346034d690e78-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _cf_chl_opt function| sendRequest function| SHA256 function| _cf_chl_turnstile_l function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded undefined| _cf_gcr

0 Cookies

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://nrezf.0ff365files.com/Mhans.gennen@currenta.de
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/pat/7c4345d54932b7a0/1683565372395/0f05e245811397591f58f8b9b4f496e3c70dc2ef5495fbe1088f4d08137fd58a/q9L9Gr5q8qe8oqu
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7c4345f258090e78/1683565376889/4738801f7174a1d27f645ecb078dfca2e7f16e8253c2f337b424633d9ccc7482/glqWgyTkMX5f0wA
Message:
Failed to load resource: the server responded with a status of 401 ()