d2f3ffee.01dfaabb8fa0c59ab05b5c9b.workers.dev Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://links.m.edusites.net/ctt?m=34597709&r=NDkwMTUyMjM4ODM4S0&b=0&j=MjI4NDEwMjk5NwS2&k=text_University%20of%20Birmingham_u...
Effective URL:
https://d2f3ffee.01dfaabb8fa0c59ab05b5c9b.workers.dev/?qrc=douglas.dan@bia.gov
Submission: On July 28 via manual (July 28th 2023, 7:19:15 pm UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 12 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is d2f3ffee.01dfaabb8fa0c59ab05b5c9b.workers.dev.
TLS certificate: Issued by GTS CA 1P5 on July 2nd 2023. Valid for: 3 months.

This is the only time d2f3ffee.01dfaabb8fa0c59ab05b5c9b.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.199.11.207 44.199.11.207	14618 (AMAZON-AES) (AMAZON-AES)
1	192.185.190.186 192.185.190.186	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2606:4700::68... 2606:4700::6811:2b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	4

1 44.199.11.207 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-11-207.compute-1.amazonaws.com

links.m.edusites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.185.190.186 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 192-185-190-186.unifiedlayer.com

cjroi.bia.trazarte.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

d2f3ffee.01dfaabb8fa0c59ab05b5c9b.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:2b8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 6466	158 KB
1	workers.dev d2f3ffee.01dfaabb8fa0c59ab05b5c9b.workers.dev	2 KB
1	trazarte.pe cjroi.bia.trazarte.pe	1 KB
1	edusites.net 1 redirects links.m.edusites.net	182 B
12	4

	Domain	Requested by
8	challenges.cloudflare.com	1 redirects d2f3ffee.01dfaabb8fa0c59ab05b5c9b.workers.dev challenges.cloudflare.com
1	d2f3ffee.01dfaabb8fa0c59ab05b5c9b.workers.dev	cjroi.bia.trazarte.pe
1	cjroi.bia.trazarte.pe
1	links.m.edusites.net	1 redirects
12	4

This site contains no links.

Subject Issuer	Validity	Valid
01dfaabb8fa0c59ab05b5c9b.workers.dev GTS CA 1P5	`2023-07-02` - `2023-09-30`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://d2f3ffee.01dfaabb8fa0c59ab05b5c9b.workers.dev/?qrc=douglas.dan@bia.gov
Frame ID: 09F751F6566809C3C472372595D21E96
Requests: 3 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tqvo7/0x4AAAAAAAHgEi26l0c8gD2D/auto/normal
Frame ID: 3D854F4011B931402C0DA32451520055
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

http://links.m.edusites.net/ctt?m=34597709&r=NDkwMTUyMjM4ODM4S0&b=0&j=MjI4NDEwMjk5NwS2&k=text_University... HTTP 302
http://cjroi.bia.trazarte.pe/ZG91Z2xhcy5kYW5AYmlhLmdvdg== Page URL
https://d2f3ffee.01dfaabb8fa0c59ab05b5c9b.workers.dev/?qrc=douglas.dan@bia.gov Page URL

Page Statistics

12
Requests

58 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

162 kB
Transfer

339 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://links.m.edusites.net/ctt?m=34597709&r=NDkwMTUyMjM4ODM4S0&b=0&j=MjI4NDEwMjk5NwS2&k=text_University%20of%20Birmingham_us&kx=1&kt=1&kd=http://CjRoI.Bia.trazarte.pe%2FZG91Z2xhcy5kYW5AYmlhLmdvdg== HTTP 302
http://cjroi.bia.trazarte.pe/ZG91Z2xhcy5kYW5AYmlhLmdvdg== Page URL
https://d2f3ffee.01dfaabb8fa0c59ab05b5c9b.workers.dev/?qrc=douglas.dan@bia.gov Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://links.m.edusites.net/ctt?m=34597709&r=NDkwMTUyMjM4ODM4S0&b=0&j=MjI4NDEwMjk5NwS2&k=text_University%20of%20Birmingham_us&kx=1&kt=1&kd=http://CjRoI.Bia.trazarte.pe%2FZG91Z2xhcy5kYW5AYmlhLmdvdg== HTTP 302
http://cjroi.bia.trazarte.pe/ZG91Z2xhcy5kYW5AYmlhLmdvdg==

Request Chain 1

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
https://challenges.cloudflare.com/turnstile/v0/b/11b725eb/api.js?onload=onloadTurnstileCallback

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

ZG91Z2xhcy5kYW5AYmlhLmdvdg==
cjroi.bia.trazarte.pe/
Redirect Chain

http://links.m.edusites.net/ctt?m=34597709&r=NDkwMTUyMjM4ODM4S0&b=0&j=MjI4NDEwMjk5NwS2&k=text_University%20of%20Birmingham_us&kx=1&kt=1&kd=http://CjRoI.Bia.trazarte.pe%2FZG91Z2xhcy5kYW5AYmlhLmdvdg==
http://cjroi.bia.trazarte.pe/ZG91Z2xhcy5kYW5AYmlhLmdvdg==

2 KB
1 KB

686ms
330ms

Document
text/html

192.185.190.186
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: http://cjroi.bia.trazarte.pe/ZG91Z2xhcy5kYW5AYmlhLmdvdg==
Protocol: HTTP/1.1
Server: 192.185.190.186 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-190-186.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: none
Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 1226
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 Jul 2023 19:19:10 GMT
Keep-Alive: timeout=5, max=75
Server: Apache
Upgrade: h2,h2c
Vary: Accept-Encoding

Redirect headers

Connection: close
Content-Length: 0
Date: Fri, 28 Jul 2023 19:19:10 GMT
Location: http://CjRoI.Bia.trazarte.pe/ZG91Z2xhcy5kYW5AYmlhLmdvdg==
Server: Apache

GET
H2 200 Primary Request / Show response
d2f3ffee.01dfaabb8fa0c59ab05b5c9b.workers.dev/ 3 KB
2 KB 106ms
28ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d2f3ffee.01dfaabb8fa0c59ab05b5c9b.workers.dev/?qrc=douglas.dan@bia.gov
Requested by: Host: cjroi.bia.trazarte.pe
URL: http://cjroi.bia.trazarte.pe/ZG91Z2xhcy5kYW5AYmlhLmdvdg==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d40cb0bb349bc710ac481e981629324669ec7ab52f49e83fa0771148beb50dfa

Request headers

Referer: http://cjroi.bia.trazarte.pe/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 7edf78e5bcd39189-FRA
content-encoding: br
content-type: text/html;charset=UTF-8
date: Fri, 28 Jul 2023 19:19:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TbJPl2cU56j7%2FS5dWjB3okSt5sTGX%2FI%2F4tXhy0h63qcpNBhFeqorCMltlk3iIxXCbthVPSx3z83wLEGawn%2Bwd9FVVjyJ3LnYuz9m0YLKOFb6jTvYAygZlG85XZhOz9vHE%2Brinu7akCNkECdWwxLAs0eykp8kEKg5p7iDMSngIcx4TdQVoltGlgJjDsc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/b/11b725eb/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
https://challenges.cloudflare.com/turnstile/v0/b/11b725eb/api.js?onload=onloadTurnstileCallback

25 KB
9 KB

55ms
54ms

Script
application/javascript

2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/11b725eb/api.js?onload=onloadTurnstileCallback
Requested by: Host: d2f3ffee.01dfaabb8fa0c59ab05b5c9b.workers.dev
URL: https://d2f3ffee.01dfaabb8fa0c59ab05b5c9b.workers.dev/?qrc=douglas.dan@bia.gov
Protocol: H2
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecd0b8c3807eed23112c89bd06b4fdc99ac40add0d34bab2e3e3156ae6796e1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d2f3ffee.01dfaabb8fa0c59ab05b5c9b.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:19:11 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7edf78e67a120414-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 28 Jul 2023 19:19:11 GMT
server: cloudflare
vary: accept-encoding
location: /turnstile/v0/b/11b725eb/api.js?onload=onloadTurnstileCallback
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7edf78e6399d0414-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tqvo7/0x4AAAAAAAHgEi26l0c8gD2D/auto/ Frame 3D85 24 KB
8 KB 33ms
33ms Document
text/html 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tqvo7/0x4AAAAAAAHgEi26l0c8gD2D/auto/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b969882310d87181026c1863c47f9d5c232367d48b928beb6cdaee635f838ab9

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: https://d2f3ffee.01dfaabb8fa0c59ab05b5c9b.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7edf78e6db9e3a3e-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 19:19:11 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 3D85 176 KB
60 KB 29ms
29ms Script
application/javascript 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7edf78e6db9e3a3e
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tqvo7/0x4AAAAAAAHgEi26l0c8gD2D/auto/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a70abd911a911f29159d96f9de8af3618f4383a105864b40f9840c51782de623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tqvo7/0x4AAAAAAAHgEi26l0c8gD2D/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:19:11 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7edf78e73c0b3a3e-FRA
alt-svc: h3=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

GET
BLOB 200
OK ffe25cf1-2ba2-4092-baa6-77994a20cf82
https://challenges.cloudflare.com/ Frame 3D85 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/ffe25cf1-2ba2-4092-baa6-77994a20cf82
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tqvo7/0x4AAAAAAAHgEi26l0c8gD2D/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 200 3c32573572b1464 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/922857875:1690567807:CCCHty7FpX4q03N9Pahy3HQiuYCzC4_o6SkbjPSyDEc/7edf78e6db9e3a3e/ Frame 3D85 94 KB
70 KB 70ms
70ms XHR
text/plain 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/922857875:1690567807:CCCHty7FpX4q03N9Pahy3HQiuYCzC4_o6SkbjPSyDEc/7edf78e6db9e3a3e/3c32573572b1464
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7edf78e6db9e3a3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd62d411f6a42d1d3dfa883b4143efe690d39fbfefbe86bdbdaacf7ca8e1ef94

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tqvo7/0x4AAAAAAAHgEi26l0c8gD2D/auto/normal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
CF-Challenge: 3c32573572b1464
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: sDudEEFUxN3/NOHgCyNPPLVVUzyypKYln6t1qEaVOptr6DYPj7d7SZ4lbOFw5ZBvNgAgDQ2uZQDFprJz4LwUypaOuMy60+w5BqmWaMPFbkFCH6jkMJjuGZx+IlMGlbwFuRvPqPSjDWgvaJocXcrgWQLkhp3G7KnXkR7Sw7iDZruq9A3owCyYunAv5lb58fytOgF0DlhUIBsuS51eGWPHV3RkOLqlV/ZcgSzJLTT/CEuk/8x7QUaKLiRzae7GBXA9ZQlDKqDSKHS7ksNM1I4nTSK9ON1eChfIJJjTEiMtToS7KPJFdOaxEqIDzwhntYeq83iaP2uvcmn6RLwKtK2Quc47lOyPjWip2wxUyGc4odwmv0RJKhrM205u22OGwDcPiEB+QPBRa94KzuB40edKuw==$gvzrHb31iLDn6ig32pi0Dg==
date: Fri, 28 Jul 2023 19:19:11 GMT
content-encoding: br
server: cloudflare
cf-ray: 7edf78e86db13a3e-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
BLOB 200
OK fb98534c-97d2-495a-b803-7ed42499837c
https://challenges.cloudflare.com/ Frame 3D85 80 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/fb98534c-97d2-495a-b803-7ed42499837c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d5d7571ddb9876d6bdb02c3291e62d788f660b71e6eb9d9032234a691db4680

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tqvo7/0x4AAAAAAAHgEi26l0c8gD2D/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 80
Content-Type: text/javascript

GET
BLOB 200
OK a0619b6c-2e18-403b-8b60-e826f3902fe9
https://challenges.cloudflare.com/ Frame 3D85 656 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/a0619b6c-2e18-403b-8b60-e826f3902fe9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tqvo7/0x4AAAAAAAHgEi26l0c8gD2D/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 656
Content-Type: text/javascript

GET
H3 401 0pvaf_YqyVvIfnO Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7edf78e6db9e3a3e/1690571951443/67d012d2bb2a744a0dd56949576bdfbfd32b1b9738ea5290d2dd99518e23b364/ Frame 3D85 1 B
628 B 34ms
34ms Fetch
text/plain 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7edf78e6db9e3a3e/1690571951443/67d012d2bb2a744a0dd56949576bdfbfd32b1b9738ea5290d2dd99518e23b364/0pvaf_YqyVvIfnO
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7edf78e6db9e3a3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tqvo7/0x4AAAAAAAHgEi26l0c8gD2D/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:19:11 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gZ9AS0rsqdEoN1WlJV2vfv9MrG5c46lKQ0t2ZUY4js2QAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAvAJPp_tymNy24tzFnHwYAzYqYkGhCbu0yOIs40wj7UaanB5K7Y-OMGhqgFXq1gRVda20QppB16o5JWfqw56x9pUyZkX5NE3ao83zmBuo5k5YhxD1hC51zWbsBO4nl9IYlWfih99PZo9MeiG9vNzguCdJrVQLDCzqpouWrKKEjY1u6M6KTXbGNMorH_McvvsM0ZHaSglZ7osnBryUdVFLapT-dkzl5nRPevW7R2PFuvzZ9yuTmwdugysmDQtsPS3S6_hTagG4ZqfwHiPiNyxSbSMIepsGVJNB_24zvZG0GMGmf2nn9QlCrwPYu5GL2pVHjLj7I5lmgFKjIaUOfIZRdQIDAQAB, max-age=20
server: cloudflare
cf-ray: 7edf78ebdac83a3e-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 N-CdYTdhepdsOse
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/7edf78e6db9e3a3e/1690571951443/ Frame 3D85 61 B
147 B 27ms
27ms Image
image/png 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/7edf78e6db9e3a3e/1690571951443/N-CdYTdhepdsOse
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ab5ef48b2693ad185addeed939a93820696e7b6b33946fd0b382e44215c8e4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tqvo7/0x4AAAAAAAHgEi26l0c8gD2D/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:19:12 GMT
server: cloudflare
cf-ray: 7edf78ecdc173a3e-FRA
alt-svc: h3=":443"; ma=86400
content-type: image/png

POST
H3 200 3c32573572b1464 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/922857875:1690567807:CCCHty7FpX4q03N9Pahy3HQiuYCzC4_o6SkbjPSyDEc/7edf78e6db9e3a3e/ Frame 3D85 15 KB
11 KB 47ms
45ms XHR
text/plain 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/922857875:1690567807:CCCHty7FpX4q03N9Pahy3HQiuYCzC4_o6SkbjPSyDEc/7edf78e6db9e3a3e/3c32573572b1464
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7edf78e6db9e3a3e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2801f9fb9a4d47264bbee2f0a38ffe966665a86634bc4d18c8aef4689a5442cc

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/tqvo7/0x4AAAAAAAHgEi26l0c8gD2D/auto/normal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
CF-Challenge: 3c32573572b1464
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: aDHiTDwRZ+h+zPcLJZC7EMd8HGNCj3/jTd+ybwsm1bDFqQ7cDilQhxGh526jIbox$A6x6klLyhaAdxQ32Q37zQw==
date: Fri, 28 Jul 2023 19:19:12 GMT
content-encoding: br
server: cloudflare
cf-ray: 7edf78ed6cde3a3e-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| verifyCallback_CF function| onloadTurnstileCallback object| turnstile

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7edf78e6db9e3a3e/1690571951443/67d012d2bb2a744a0dd56949576bdfbfd32b1b9738ea5290d2dd99518e23b364/0pvaf_YqyVvIfnO Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
cjroi.bia.trazarte.pe
d2f3ffee.01dfaabb8fa0c59ab05b5c9b.workers.dev
links.m.edusites.net
192.185.190.186
2606:4700::6811:2b8
2a06:98c1:3121::3
44.199.11.207
1d5d7571ddb9876d6bdb02c3291e62d788f660b71e6eb9d9032234a691db4680
2801f9fb9a4d47264bbee2f0a38ffe966665a86634bc4d18c8aef4689a5442cc
2ab5ef48b2693ad185addeed939a93820696e7b6b33946fd0b382e44215c8e4c
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
a70abd911a911f29159d96f9de8af3618f4383a105864b40f9840c51782de623
b969882310d87181026c1863c47f9d5c232367d48b928beb6cdaee635f838ab9
cd62d411f6a42d1d3dfa883b4143efe690d39fbfefbe86bdbdaacf7ca8e1ef94
d40cb0bb349bc710ac481e981629324669ec7ab52f49e83fa0771148beb50dfa
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c
ecd0b8c3807eed23112c89bd06b4fdc99ac40add0d34bab2e3e3156ae6796e1a

d2f3ffee.01dfaabb8fa0c59ab05b5c9b.workers.dev Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

58 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

162 kBTransfer

339 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

d2f3ffee.01dfaabb8fa0c59ab05b5c9b.workers.dev Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

58 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

162 kB
Transfer

339 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions