ukkasjksajfksaljfklsja-uk.preview-domain.com Open in urlscan Pro
104.18.25.120 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://yourls.bttr.li/ng023/
Effective URL:
https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
Submission: On September 15 via api (September 15th 2021, 12:43:45 pm UTC) from IE — Scanned from DE

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 4 countries across 4 domains to perform 14 HTTP transactions. The main IP is 104.18.25.120, located in and belongs to CLOUDFLARENET, US. The main domain is ukkasjksajfksaljfklsja-uk.preview-domain.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2021. Valid for: a year.

This is the only time ukkasjksajfksaljfklsja-uk.preview-domain.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	176.52.243.240 176.52.243.240	15817 (MITTWALD-...) (MITTWALD-AS Mittwald CM Service GmbH und Co. KG)
1	185.51.191.50 185.51.191.50	43359 (TARHELY) (TARHELY)
1 1	45.67.219.78 45.67.219.78	63473 (HOSTHATCH) (HOSTHATCH)
12	104.18.25.120 104.18.25.120	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	3

1 176.52.243.240 (Germany) 1 redirects

ASN15817 (MITTWALD-AS Mittwald CM Service GmbH und Co. KG, DE)

yourls.bttr.li	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.51.191.50 (Hungary)

ASN43359 (TARHELY, HU)
PTR: thfifty.tarhely.eu

go.paradoxon.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.67.219.78 (Los Angeles, United States) 1 redirects

ASN63473 (HOSTHATCH, US)
PTR: mail.sicxstanc.com

jc.al	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.25.120 (None, )

ASN13335 (CLOUDFLARENET, US)

ukkasjksajfksaljfklsja-uk.preview-domain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	preview-domain.com ukkasjksajfksaljfklsja-uk.preview-domain.com	112 KB
1	jc.al 1 redirects jc.al	169 B
1	paradoxon.me go.paradoxon.me	469 B
1	bttr.li 1 redirects yourls.bttr.li	288 B
14	4

	Domain	Requested by
12	ukkasjksajfksaljfklsja-uk.preview-domain.com	go.paradoxon.me ukkasjksajfksaljfklsja-uk.preview-domain.com
1	jc.al	1 redirects
1	go.paradoxon.me
1	yourls.bttr.li	1 redirects
14	4

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
www.cloud.paradoxon.me R3	`2021-08-18` - `2021-11-16`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
Frame ID: 258ACA8885ED543865D790F654B8A4E2
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

http://yourls.bttr.li/ng023/ HTTP 301
https://go.paradoxon.me/b Page URL
https://jc.al/6 HTTP 301
https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct= Page URL
https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct= Page URL

Detected technologies

hCaptcha (Security) Expand

Overall confidence: 100%
Detected patterns

<style[^>]+[^<]+#cf-hcaptcha-container[^<]+</style>

Page Statistics

14
Requests

93 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

4
Countries

113 kB
Transfer

213 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/5xx-error-landing/
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://yourls.bttr.li/ng023/ HTTP 301
https://go.paradoxon.me/b Page URL
https://jc.al/6 HTTP 301
https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct= Page URL
https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://yourls.bttr.li/ng023/ HTTP 301
https://go.paradoxon.me/b

Request Chain 1

https://jc.al/6 HTTP 301
https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=

14 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

b
go.paradoxon.me/
Redirect Chain

http://yourls.bttr.li/ng023/
https://go.paradoxon.me/b

262 B
469 B

357ms
118ms

Document
text/html

185.51.191.50
TARHELY

General

Check archive.org

Show headers Download Go to

Full URL: https://go.paradoxon.me/b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.51.191.50 , Hungary, ASN43359 (TARHELY, HU),
Reverse DNS: thfifty.tarhely.eu
Software: Apache /
Resource Hash

Request headers

Host: go.paradoxon.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 15 Sep 2021 12:43:39 GMT
Server: Apache
Keep-Alive: timeout=5, max=20
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 15 Sep 2021 12:43:40 GMT
Server: Apache
X-Robots-Tag: noindex
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://go.paradoxon.me/b
Content-Length: 0
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8

GET
H2

503

/ Show response
ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/
Redirect Chain

https://jc.al/6
https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=

10 KB
10 KB

98ms
31ms

Document
text/html

104.18.25.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=

Requested by

Host: go.paradoxon.me
URL: https://go.paradoxon.me/b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.120 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cacb9cfee74b09aa7b81e7eae1b877df8610b18ad603f61c04d18dfba7851dcc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: ukkasjksajfksaljfklsja-uk.preview-domain.com
:scheme: https
:path: /auth/login/?direct=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://go.paradoxon.me/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://go.paradoxon.me/b

Response headers

date: Wed, 15 Sep 2021 12:43:41 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 68f1f12e488427a0-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

server: nginx
date: Wed, 15 Sep 2021 12:43:41 GMT
content-type: text/html; charset=UTF-8
location: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
x-robots-tag: noindex
strict-transport-security: max-age=31536000

GET
H2 200 v1 Show response
ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 39 KB
14 KB 80ms
79ms Script
text/javascript 104.18.25.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=68f1f12e488427a0
Requested by: Host: ukkasjksajfksaljfklsja-uk.preview-domain.com
URL: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72a86e61b9d3aa6a535470fd25f779fdfdbf9ef35c713bec5242cc43da7bb8b4

Request headers

:path: /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=68f1f12e488427a0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ukkasjksajfksaljfklsja-uk.preview-domain.com
referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:41 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, must-revalidate
cf-ray: 68f1f12e991127a0-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 transparent.gif
ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/images/trace/jschal/js/ 42 B
220 B 15ms
14ms Image
image/gif 104.18.25.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=68f1f12e488427a0

Requested by

Host: ukkasjksajfksaljfklsja-uk.preview-domain.com
URL: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.120 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/js/transparent.gif?ray=68f1f12e488427a0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ukkasjksajfksaljfklsja-uk.preview-domain.com
referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 12:25:28 GMT
server: cloudflare
etag: "61375a38-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 68f1f12e991227a0-PRG
vary: Accept-Encoding
content-length: 42
expires: Wed, 15 Sep 2021 14:43:41 GMT

GET
H2 200 transparent.gif
ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/images/trace/jschal/nojs/ 42 B
101 B 15ms
15ms Image
image/gif 104.18.25.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=68f1f12e488427a0

Requested by

Host: ukkasjksajfksaljfklsja-uk.preview-domain.com
URL: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.25.120 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=68f1f12e488427a0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ukkasjksajfksaljfklsja-uk.preview-domain.com
referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 12:25:28 GMT
server: cloudflare
etag: "61375a38-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 68f1f12e991327a0-PRG
vary: Accept-Encoding
content-length: 42
expires: Wed, 15 Sep 2021 14:43:41 GMT

POST
H3 200 eb7c3b83224afae Show response
ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.06074655620927273:1631707476:283d8e72ad9552d7d5fa50d52919595ebf74cb2f2ecc7d40472b53a95b2f492f/68f1f12e488427a0/ 54 KB
31 KB 136ms
135ms XHR
text/plain 104.18.25.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.06074655620927273:1631707476:283d8e72ad9552d7d5fa50d52919595ebf74cb2f2ecc7d40472b53a95b2f492f/68f1f12e488427a0/eb7c3b83224afae
Requested by: Host: ukkasjksajfksaljfklsja-uk.preview-domain.com
URL: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=68f1f12e488427a0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.25.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e2f136916f7d6b4e2b8b984f192a7141e6a92e23ab95daf7b74eb7b7ab0f48e

Request headers

sec-fetch-mode: cors
origin: https://ukkasjksajfksaljfklsja-uk.preview-domain.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: cf_chl_2=eb7c3b83224afae; cf_chl_prog=e
content-length: 1943
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.06074655620927273:1631707476:283d8e72ad9552d7d5fa50d52919595ebf74cb2f2ecc7d40472b53a95b2f492f/68f1f12e488427a0/eb7c3b83224afae
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: ukkasjksajfksaljfklsja-uk.preview-domain.com
referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
:scheme: https
sec-fetch-site: same-origin
cf-challenge: eb7c3b83224afae
:method: POST
Referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
CF-Challenge: eb7c3b83224afae
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Sep 2021 12:43:41 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
set-cookie: cf_chl_seq_eb7c3b83224afae=6081c6d5737b04a;SameSite=Strict;Secure;HttpOnly
cf-ray: 68f1f12f5ff2f9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 eb7c3b83224afae Show response
ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/challenge-platform/h/g/beacon/ov1/0.06074655620927273:1631707476:283d8e72ad9552d7d5fa50d52919595ebf74cb2f2ecc7d40472b53a95b2f492f/68f1f12e488427a0/ 0
219 B 30ms
29ms XHR
text/plain 104.18.25.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/challenge-platform/h/g/beacon/ov1/0.06074655620927273:1631707476:283d8e72ad9552d7d5fa50d52919595ebf74cb2f2ecc7d40472b53a95b2f492f/68f1f12e488427a0/eb7c3b83224afae
Requested by: Host: ukkasjksajfksaljfklsja-uk.preview-domain.com
URL: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=68f1f12e488427a0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.25.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
origin: https://ukkasjksajfksaljfklsja-uk.preview-domain.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: cf_chl_2=eb7c3b83224afae; cf_chl_prog=a9
content-length: 483
:path: /cdn-cgi/challenge-platform/h/g/beacon/ov1/0.06074655620927273:1631707476:283d8e72ad9552d7d5fa50d52919595ebf74cb2f2ecc7d40472b53a95b2f492f/68f1f12e488427a0/eb7c3b83224afae
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: ukkasjksajfksaljfklsja-uk.preview-domain.com
referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Sep 2021 12:43:41 GMT
server: cloudflare
cf-ray: 68f1f1321d66f9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H3 503 Primary Request / Show response
ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/ 9 KB
10 KB 33ms
33ms Document
text/html 104.18.25.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.120 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c4d3169e4e784b9238904b5299c8c56334de40b5a7200d60dbe062c0bcf20f8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: ukkasjksajfksaljfklsja-uk.preview-domain.com
:scheme: https
:path: /auth/login/?direct=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
accept-encoding: gzip, deflate, br
cookie: cf_chl_2=eb7c3b83224afae; cf_chl_prog=b; cf_chl_rc_ni=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=

Response headers

date: Wed, 15 Sep 2021 12:43:44 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 68f1f141e9b3f9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 v1 Show response
ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 35 KB
13 KB 51ms
50ms Script
text/javascript 104.18.25.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=68f1f141e9b3f9e2
Requested by: Host: ukkasjksajfksaljfklsja-uk.preview-domain.com
URL: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.25.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74faf05d50a9e495b17c1672d0fe0e6450042e158bde1a1d19a58bb5183e2d5d

Request headers

:path: /cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=68f1f141e9b3f9e2
pragma: no-cache
cookie: cf_chl_2=eb7c3b83224afae; cf_chl_prog=b; cf_chl_rc_ni=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ukkasjksajfksaljfklsja-uk.preview-domain.com
referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:44 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, must-revalidate
cf-ray: 68f1f1422a4af9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 transparent.gif
ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/images/trace/jschal/js/ 42 B
222 B 19ms
18ms Image
image/gif 104.18.25.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=68f1f141e9b3f9e2

Requested by

Host: ukkasjksajfksaljfklsja-uk.preview-domain.com
URL: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.120 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/js/transparent.gif?ray=68f1f141e9b3f9e2
pragma: no-cache
cookie: cf_chl_2=eb7c3b83224afae; cf_chl_prog=b; cf_chl_rc_ni=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ukkasjksajfksaljfklsja-uk.preview-domain.com
referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 12:25:28 GMT
server: cloudflare
etag: "61375a38-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 68f1f1422a4bf9e2-PRG
vary: Accept-Encoding
content-length: 42
expires: Wed, 15 Sep 2021 14:43:44 GMT

GET
H3 200 transparent.gif
ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/images/trace/jschal/nojs/ 42 B
222 B 19ms
19ms Image
image/gif 104.18.25.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=68f1f141e9b3f9e2

Requested by

Host: ukkasjksajfksaljfklsja-uk.preview-domain.com
URL: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.120 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=68f1f141e9b3f9e2
pragma: no-cache
cookie: cf_chl_2=eb7c3b83224afae; cf_chl_prog=b; cf_chl_rc_ni=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ukkasjksajfksaljfklsja-uk.preview-domain.com
referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 12:43:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 12:25:28 GMT
server: cloudflare
etag: "61375a38-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 68f1f1422a4df9e2-PRG
vary: Accept-Encoding
content-length: 42
expires: Wed, 15 Sep 2021 14:43:44 GMT

POST
H3 200 83e37a7b62591f4 Show response
ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.944108281937092:1631707464:76f9a57e7c0597674ad244a604c27a55385be781761b1ed23175b6c1435044ef/68f1f141e9b3f9e2/ 63 KB
32 KB 96ms
96ms XHR
text/plain 104.18.25.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.944108281937092:1631707464:76f9a57e7c0597674ad244a604c27a55385be781761b1ed23175b6c1435044ef/68f1f141e9b3f9e2/83e37a7b62591f4
Requested by: Host: ukkasjksajfksaljfklsja-uk.preview-domain.com
URL: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=68f1f141e9b3f9e2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.25.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9a46a6b467c58974123934738e1902e1bf65f6c6bf97b12313e2a11528951c0

Request headers

sec-fetch-mode: cors
origin: https://ukkasjksajfksaljfklsja-uk.preview-domain.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: cf_chl_rc_ni=1; cf_chl_2=83e37a7b62591f4; cf_chl_prog=e
content-length: 1935
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.944108281937092:1631707464:76f9a57e7c0597674ad244a604c27a55385be781761b1ed23175b6c1435044ef/68f1f141e9b3f9e2/83e37a7b62591f4
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: ukkasjksajfksaljfklsja-uk.preview-domain.com
referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 83e37a7b62591f4
:method: POST
Referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
CF-Challenge: 83e37a7b62591f4
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Sep 2021 12:43:44 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
set-cookie: cf_chl_seq_83e37a7b62591f4=4bbdd5a81ae9769;SameSite=Strict;Secure;HttpOnly
cf-ray: 68f1f142ab6bf9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
BLOB 200
OK f825cf1b-e622-4761-aea0-f5de12466ab8
https://ukkasjksajfksaljfklsja-uk.preview-domain.com/ 120 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ukkasjksajfksaljfklsja-uk.preview-domain.com/f825cf1b-e622-4761-aea0-f5de12466ab8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 120
Content-Type: application/javascript

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 83e37a7b62591f4 Show response
ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.944108281937092:1631707464:76f9a57e7c0597674ad244a604c27a55385be781761b1ed23175b6c1435044ef/68f1f141e9b3f9e2/ 2 KB
2 KB 313ms
312ms XHR
text/plain 104.18.25.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.944108281937092:1631707464:76f9a57e7c0597674ad244a604c27a55385be781761b1ed23175b6c1435044ef/68f1f141e9b3f9e2/83e37a7b62591f4
Requested by: Host: ukkasjksajfksaljfklsja-uk.preview-domain.com
URL: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=68f1f141e9b3f9e2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.25.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 368b10570c1ed9889da2e79c8949b134e2a0d9724532f6c326948ef30fcf0f91

Request headers

sec-fetch-mode: cors
origin: https://ukkasjksajfksaljfklsja-uk.preview-domain.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: cf_chl_seq_83e37a7b62591f4=4bbdd5a81ae9769; cf_chl_rc_ni=1; cf_chl_2=83e37a7b62591f4; cf_chl_prog=a1
content-length: 18829
:path: /cdn-cgi/challenge-platform/h/g/flow/ov1/0.944108281937092:1631707464:76f9a57e7c0597674ad244a604c27a55385be781761b1ed23175b6c1435044ef/68f1f141e9b3f9e2/83e37a7b62591f4
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: ukkasjksajfksaljfklsja-uk.preview-domain.com
referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 83e37a7b62591f4
:method: POST
Referer: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct=
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
CF-Challenge: 83e37a7b62591f4
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Sep 2021 12:43:45 GMT
content-encoding: gzip
server: cloudflare
cf_chl_out: yrZ40NkXYO7yD3no2WibHGoXn0v4SWgywaJFFdU34jiDQcP6vLGG89I+4SVRyfDJSQXN0z0dK7a20LuiVThnIA==$3/pZiqZKIfBirBM4MX4YJg==
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/plain;charset=UTF-8
cf_chl_out_s: 2K4ZlIYqe++6h0uceHcQW5+spjoI0PEnyZMFbcxLMH4xKZXFRjWQG25GVReuBWdGZ+NzMOkZgrzrUjWUsbc+cQ==$LQ7WQ18eEkAVS+1tSu22eQ==
set-cookie: cf_chl_seq_83e37a7b62591f4=;Expires=Tue, 14 Sep 2021 12:43:44 GMT;SameSite=Strict;Secure;HttpOnly
cf-ray: 68f1f1450f71f9e2-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.06074655620927273:1631707476:283d8e72ad9552d7d5fa50d52919595ebf74cb2f2ecc7d40472b53a95b2f492f/68f1f12e488427a0	1969-12-31 23:59:59	Name: cf_chl_seq_eb7c3b83224afae Value: 6081c6d5737b04a
ukkasjksajfksaljfklsja-uk.preview-domain.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.944108281937092:1631707464:76f9a57e7c0597674ad244a604c27a55385be781761b1ed23175b6c1435044ef/68f1f141e9b3f9e2	1969-12-31 23:59:59	Name: cf_chl_seq_83e37a7b62591f4 Value: 4bbdd5a81ae9769
ukkasjksajfksaljfklsja-uk.preview-domain.com/	1970-01-19 21:15:13	Name: cf_chl_rc_ni Value: 1
ukkasjksajfksaljfklsja-uk.preview-domain.com/	1970-01-19 21:15:13	Name: cf_chl_2 Value: 83e37a7b62591f4
ukkasjksajfksaljfklsja-uk.preview-domain.com/	1970-01-19 21:15:13	Name: cf_chl_prog Value: a1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct= Message: Failed to load resource: the server responded with a status of 503 ()
deprecation	warning	(Line 4) Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://ukkasjksajfksaljfklsja-uk.preview-domain.com/auth/login/?direct= Message: Failed to load resource: the server responded with a status of 503 ()
deprecation	warning	(Line 4) Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

go.paradoxon.me
jc.al
ukkasjksajfksaljfklsja-uk.preview-domain.com
yourls.bttr.li
104.18.25.120
176.52.243.240
185.51.191.50
45.67.219.78
2e2f136916f7d6b4e2b8b984f192a7141e6a92e23ab95daf7b74eb7b7ab0f48e
368b10570c1ed9889da2e79c8949b134e2a0d9724532f6c326948ef30fcf0f91
4c4d3169e4e784b9238904b5299c8c56334de40b5a7200d60dbe062c0bcf20f8
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
72a86e61b9d3aa6a535470fd25f779fdfdbf9ef35c713bec5242cc43da7bb8b4
74faf05d50a9e495b17c1672d0fe0e6450042e158bde1a1d19a58bb5183e2d5d
c609febe6499f4d3ca41a5a6266ea0f7f1f5641c8917d26a20261f3c7ae89185
cacb9cfee74b09aa7b81e7eae1b877df8610b18ad603f61c04d18dfba7851dcc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9a46a6b467c58974123934738e1902e1bf65f6c6bf97b12313e2a11528951c0

ukkasjksajfksaljfklsja-uk.preview-domain.com Open in urlscan Pro 104.18.25.120 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

4 Countries

113 kBTransfer

213 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

5 Cookies

6 Console Messages

Indicators

ukkasjksajfksaljfklsja-uk.preview-domain.com Open in urlscan Pro
104.18.25.120 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

4
Countries

113 kB
Transfer

213 kB
Size

5
Cookies

14 HTTP transactions
2 data transactions