urlscan.io logo urlscan.io
SecurityTrails logo

secure.anedot.com Open in urlscan Pro
2606:4700::6811:c3f9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click1.trk-washingtonexaminer.com/pqjqfgrmjjvbdvfjbyrmybrktmbgycsctwmtvryhjqcylj_lknhnqqjknrmnwhdqkqzz.html?a=When+they+saw+%E2%80...
Effective URL: https://secure.anedot.com/speech-first/f9dd874e-180c-44b8-9745-fe216177cc03?source_code=WEFU37028&utm_source=When%20they%2...
Submission: On March 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700::6811:c3f9, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.anedot.com. The Cisco Umbrella rank of the primary domain is 266467.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 13th 2022. Valid for: a year.
This is the only time secure.anedot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 74.214.203.11 14618 (AMAZON-AES)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
14 3
Apex Domain
Subdomains		 Transfer
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4950
120 KB
7 anedot.com
secure.anedot.com — Cisco Umbrella Rank: 266467
150 KB
1 trk-washingtonexaminer.com
click1.trk-washingtonexaminer.com
577 B
14 3
Domain Requested by
8 challenges.cloudflare.com 1 redirects secure.anedot.com
challenges.cloudflare.com
7 secure.anedot.com secure.anedot.com
1 click1.trk-washingtonexaminer.com 1 redirects
14 3

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-13 -
2023-08-13		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://secure.anedot.com/speech-first/f9dd874e-180c-44b8-9745-fe216177cc03?source_code=WEFU37028&utm_source=When%20they%20saw%20?Trump?%20Cherise%20Trump,%20Speech%20First_03/22/2023&utm_medium=email&utm_campaign=WEX_Examiner%20Today&rid=9688526&env=17c4f49e8a66e044f7652ea8106c808d4290a3baf47d3e69ab328938f2b1e89
Frame ID: 6E315982BCDD03939409683DB1D5E0D4
Requests: 10 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/knh4w/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: B0741501E868A48BD03171929F341E1E
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

One more step

Page URL History Show full URLs

  1. http://click1.trk-washingtonexaminer.com/pqjqfgrmjjvbdvfjbyrmybrktmbgycsctwmtvryhjqcylj_lknhnqqjknrmnwhdqkqzz.html?a=... HTTP 302
    https://secure.anedot.com/speech-first/f9dd874e-180c-44b8-9745-fe216177cc03?source_code=WEFU37028&utm_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

93 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

295 kB
Transfer

592 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click1.trk-washingtonexaminer.com/pqjqfgrmjjvbdvfjbyrmybrktmbgycsctwmtvryhjqcylj_lknhnqqjknrmnwhdqkqzz.html?a=When+they+saw+%E2%80%9CTrump%E2%80%9D+Cherise+Trump%2C+Speech+First&b=03%2F22%2F2023&c=WEX_Examiner+Today&d=9688526&e=17c4f49e8a66e044f7652ea8106c808d4290a3baf47d3e69ab328938f2b1e89 HTTP 302
    https://secure.anedot.com/speech-first/f9dd874e-180c-44b8-9745-fe216177cc03?source_code=WEFU37028&utm_source=When%20they%20saw%20?Trump?%20Cherise%20Trump,%20Speech%20First_03/22/2023&utm_medium=email&utm_campaign=WEX_Examiner%20Today&rid=9688526&env=17c4f49e8a66e044f7652ea8106c808d4290a3baf47d3e69ab328938f2b1e89 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/db880165/api.js?onload=_cf_chl_turnstile_l&render=explicit

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request f9dd874e-180c-44b8-9745-fe216177cc03
secure.anedot.com/speech-first/
Redirect Chain
  • http://click1.trk-washingtonexaminer.com/pqjqfgrmjjvbdvfjbyrmybrktmbgycsctwmtvryhjqcylj_lknhnqqjknrmnwhdqkqzz.html?a=When+they+saw+%E2%80%9CTrump%E2%80%9D+Cherise+Trump%2C+Speech+First&b=03%2F22%2F...
  • https://secure.anedot.com/speech-first/f9dd874e-180c-44b8-9745-fe216177cc03?source_code=WEFU37028&utm_source=When%20they%20saw%20?Trump?%20Cherise%20Trump,%20Speech%20First_03/22/2023&utm_medium=em...
68 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/speech-first/f9dd874e-180c-44b8-9745-fe216177cc03?source_code=WEFU37028&utm_source=When%20they%20saw%20?Trump?%20Cherise%20Trump,%20Speech%20First_03/22/2023&utm_medium=email&utm_campaign=WEX_Examiner%20Today&rid=9688526&env=17c4f49e8a66e044f7652ea8106c808d4290a3baf47d3e69ab328938f2b1e89
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c3f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b270381f6dca95ac7a5926d366617228eaf31715c209741410714729d654460
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7abe20e67ab75b92-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Wed, 22 Mar 2023 11:34:58 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html;charset=utf-8
Date
Wed, 22 Mar 2023 11:34:58 GMT
Keep-Alive
timeout=60
Location
https://secure.anedot.com/speech-first/f9dd874e-180c-44b8-9745-fe216177cc03?source_code=WEFU37028&utm_source=When they saw ?Trump? Cherise Trump, Speech First_03/22/2023&utm_medium=email&utm_campaign=WEX_Examiner Today&rid=9688526&env=17c4f49e8a66e044f7652ea8106c808d4290a3baf47d3e69ab328938f2b1e89
Server
Apache-Coyote/1.1
v1
secure.anedot.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ 		151 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7abe20e67ab75b92
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/speech-first/f9dd874e-180c-44b8-9745-fe216177cc03?source_code=WEFU37028&utm_source=When%20they%20saw%20?Trump?%20Cherise%20Trump,%20Speech%20First_03/22/2023&utm_medium=email&utm_campaign=WEX_Examiner%20Today&rid=9688526&env=17c4f49e8a66e044f7652ea8106c808d4290a3baf47d3e69ab328938f2b1e89
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c3f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db624abe312fa73a070b4ff8ded2254d0d20fc125d20a238b033e26f06d2e7a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.anedot.com/speech-first/f9dd874e-180c-44b8-9745-fe216177cc03?source_code=WEFU37028&utm_source=When%20they%20saw%20?Trump?%20Cherise%20Trump,%20Speech%20First_03/22/2023&utm_medium=email&utm_campaign=WEX_Examiner%20Today&rid=9688526&env=17c4f49e8a66e044f7652ea8106c808d4290a3baf47d3e69ab328938f2b1e89&__cf_chl_rt_tk=4jyFUaVkIMRREs1uhllaY0PUEvLZPcTTmRwWetYCME8-1679484898-0-gaNycGzNDLs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 11:34:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7abe20e6eb0b5b92-FRA
transparent.gif
secure.anedot.com/cdn-cgi/images/trace/managed/js/ 		42 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.anedot.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7abe20e67ab75b92
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/speech-first/f9dd874e-180c-44b8-9745-fe216177cc03?source_code=WEFU37028&utm_source=When%20they%20saw%20?Trump?%20Cherise%20Trump,%20Speech%20First_03/22/2023&utm_medium=email&utm_campaign=WEX_Examiner%20Today&rid=9688526&env=17c4f49e8a66e044f7652ea8106c808d4290a3baf47d3e69ab328938f2b1e89&__cf_chl_rt_tk=4jyFUaVkIMRREs1uhllaY0PUEvLZPcTTmRwWetYCME8-1679484898-0-gaNycGzNDLs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c3f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.anedot.com/speech-first/f9dd874e-180c-44b8-9745-fe216177cc03?source_code=WEFU37028&utm_source=When%20they%20saw%20?Trump?%20Cherise%20Trump,%20Speech%20First_03/22/2023&utm_medium=email&utm_campaign=WEX_Examiner%20Today&rid=9688526&env=17c4f49e8a66e044f7652ea8106c808d4290a3baf47d3e69ab328938f2b1e89&__cf_chl_rt_tk=4jyFUaVkIMRREs1uhllaY0PUEvLZPcTTmRwWetYCME8-1679484898-0-gaNycGzNDLs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 11:34:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 17 Mar 2023 11:52:04 GMT
server
cloudflare
etag
"64145464-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7abe20e6eb0c5b92-FRA
content-length
42
expires
Wed, 22 Mar 2023 13:34:58 GMT
truncated
/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e090dd6b1fa0da6eb78c308a1c66d0aa719c5e54634e2c8c24726b4d4c97805

Request headers

Referer
Origin
https://secure.anedot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18b327d19323b43c372071277b5eb99323c033a50b9c1ebfd72c198da05c66ff

Request headers

Referer
Origin
https://secure.anedot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
font/woff2
api.js
challenges.cloudflare.com/turnstile/v0/g/db880165/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/g/db880165/api.js?onload=_cf_chl_turnstile_l&render=explicit
14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/db880165/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/speech-first/f9dd874e-180c-44b8-9745-fe216177cc03?source_code=WEFU37028&utm_source=When%20they%20saw%20?Trump?%20Cherise%20Trump,%20Speech%20First_03/22/2023&utm_medium=email&utm_campaign=WEX_Examiner%20Today&rid=9688526&env=17c4f49e8a66e044f7652ea8106c808d4290a3baf47d3e69ab328938f2b1e89
Protocol
H2
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d395cc53363e6e22c75f73de0d4de7355ed844b65b8f0d149664ec06facd2d8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 11:34:58 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7abe20e779f4365d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Wed, 22 Mar 2023 11:34:58 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/g/db880165/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control
max-age=300, public
cf-ray
7abe20e769d5365d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
34eacab18689dc8
secure.anedot.com/cdn-cgi/challenge-platform/h/g/flow/ov1/328425676:1679483320:Zs5crvm1TPvHFYMtFV4NEJnKyoXUw7sDW84QzJVx1-M/7abe20e67ab75b92/ 		69 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/cdn-cgi/challenge-platform/h/g/flow/ov1/328425676:1679483320:Zs5crvm1TPvHFYMtFV4NEJnKyoXUw7sDW84QzJVx1-M/7abe20e67ab75b92/34eacab18689dc8
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7abe20e67ab75b92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c3f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72baacb0d84348c1fb5e2394bf7c6465842bcc71670577891ed464e165c6997
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/speech-first/f9dd874e-180c-44b8-9745-fe216177cc03?source_code=WEFU37028&utm_source=When%20they%20saw%20?Trump?%20Cherise%20Trump,%20Speech%20First_03/22/2023&utm_medium=email&utm_campaign=WEX_Examiner%20Today&rid=9688526&env=17c4f49e8a66e044f7652ea8106c808d4290a3baf47d3e69ab328938f2b1e89
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
CF-Challenge
34eacab18689dc8
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Mar 2023 11:34:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf_chl_gen
QdlOLMhxsh3ccrAK07frHtvMHlD5BKWcnhvt2hq/IWtqro5dPHQHPcQA/UvIj3Kfyp55LgAoBbUwBaqzHKrjSzxVACWey9LJ2EQReWDGa6nzmwQdXhQsIeZZP9HLRcx68BMXlIR8Re5GTW0fV1KyM9HQ5CU4lWaAyi/UEkGc1lMS+/X1WgwUNhUfxPkcwwki2zTsfSA1E5O/2PSFSeF68mwfwVHt8VWGhcEhOeLL01U+YH5W/LSx2NqB7pU2hj/gs/NyyoEYa/9OR5/ULGwebkcvWAJkysR7KY849AbB1ZVxF9cAj2J95tKkU6eBAmh+Ga3pJnENE0P0A0oRtHM5obH2Rdm9veBtWHXlSH6htgIaM2YRQ7+HDgk4nyfvmfQBoMs4/uq/n3PrFJvPTm9ZGA==$nzc1VpLIOkaobjU2u8p4Fw==
content-encoding
br
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
7abe20e7ebd55b92-FRA
s7c7G5LzhPRlbI5
secure.anedot.com/cdn-cgi/challenge-platform/h/g/img/7abe20e67ab75b92/1679484898557/ 		61 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.anedot.com/cdn-cgi/challenge-platform/h/g/img/7abe20e67ab75b92/1679484898557/s7c7G5LzhPRlbI5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c3f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
528bbb37968044fd7a5999dc5de416c7170d5cd1071bbdfd32b6dc0baa01c7a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.anedot.com/speech-first/f9dd874e-180c-44b8-9745-fe216177cc03?source_code=WEFU37028&utm_source=When%20they%20saw%20?Trump?%20Cherise%20Trump,%20Speech%20First_03/22/2023&utm_medium=email&utm_campaign=WEX_Examiner%20Today&rid=9688526&env=17c4f49e8a66e044f7652ea8106c808d4290a3baf47d3e69ab328938f2b1e89
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 11:34:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
7abe20e8dcbf5b92-FRA
content-type
image/png
T7k-NOg8lyxz0he
secure.anedot.com/cdn-cgi/challenge-platform/h/g/pat/7abe20e67ab75b92/1679484898560/3475938440c00370e290e90f516bdf75fb309a23ef0ec96e51ef4770ecd416f0/ 		1 B
574 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/cdn-cgi/challenge-platform/h/g/pat/7abe20e67ab75b92/1679484898560/3475938440c00370e290e90f516bdf75fb309a23ef0ec96e51ef4770ecd416f0/T7k-NOg8lyxz0he
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/speech-first/f9dd874e-180c-44b8-9745-fe216177cc03?source_code=WEFU37028&utm_source=When%20they%20saw%20?Trump?%20Cherise%20Trump,%20Speech%20First_03/22/2023&utm_medium=email&utm_campaign=WEX_Examiner%20Today&rid=9688526&env=17c4f49e8a66e044f7652ea8106c808d4290a3baf47d3e69ab328938f2b1e89
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c3f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.anedot.com/speech-first/f9dd874e-180c-44b8-9745-fe216177cc03?source_code=WEFU37028&utm_source=When%20they%20saw%20?Trump?%20Cherise%20Trump,%20Speech%20First_03/22/2023&utm_medium=email&utm_campaign=WEX_Examiner%20Today&rid=9688526&env=17c4f49e8a66e044f7652ea8106c808d4290a3baf47d3e69ab328938f2b1e89
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 11:34:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gNHWThEDAA3DikOkPUWvfdfswmiPvDsluUe9HcOzUFvAAEXNlY3VyZS5hbmVkb3QuY29t, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsZX7oXKP7loT52LdLGGhPx-FcBMIdXnohMZ_iqCvbnx5wO3UpaaYQijaS2knGPME34_57i843skNJNu0cqfk3kSO_UbCNZB1O7R-1HHR-ZeqVYD4DkZsO9MgvQyNI2dA-0ft0Hpg9ZWh8CvxSsydRSbQXQQ7njXvtE7Fgt-epNrnMmxQ1vdZvRFy06TPE1BYopLEuTNzMAh9-7c49XMNwctaTluD96isf1HWDhFRV33vn_F4nLEzOfSbQM2PWLMClyEk-6XFxMfoMxOz-DKqPWJ75hfxsdiW9U4-ylW0C6EFDNYLwJseHmFeb5bjkGR7pDkVj5QfYDajhmkBdl5ODwIDAQAB, max-age=20
x-content-type-options
nosniff
server
cloudflare
cf-ray
7abe20eb8f125b92-FRA
content-type
text/plain; charset=UTF-8
34eacab18689dc8
secure.anedot.com/cdn-cgi/challenge-platform/h/g/flow/ov1/328425676:1679483320:Zs5crvm1TPvHFYMtFV4NEJnKyoXUw7sDW84QzJVx1-M/7abe20e67ab75b92/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.anedot.com/cdn-cgi/challenge-platform/h/g/flow/ov1/328425676:1679483320:Zs5crvm1TPvHFYMtFV4NEJnKyoXUw7sDW84QzJVx1-M/7abe20e67ab75b92/34eacab18689dc8
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7abe20e67ab75b92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c3f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04154f0e6934690bed62d26938b066d155443d3f490a1d8c3ccd82242a9e928a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.anedot.com/speech-first/f9dd874e-180c-44b8-9745-fe216177cc03?source_code=WEFU37028&utm_source=When%20they%20saw%20?Trump?%20Cherise%20Trump,%20Speech%20First_03/22/2023&utm_medium=email&utm_campaign=WEX_Examiner%20Today&rid=9688526&env=17c4f49e8a66e044f7652ea8106c808d4290a3baf47d3e69ab328938f2b1e89
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
CF-Challenge
34eacab18689dc8
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Mar 2023 11:34:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf_chl_gen
EFB1JBdLzEelYoEuPmApdv5qnvOWf57Zg18mjd7L8xUULPcYPqbxv50tIJe9mG/8$/yiO9rvJBkJarPz3q/+0SQ==
content-encoding
br
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
7abe20ef2a9b5b92-FRA
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/knh4w/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame B074 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/knh4w/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e7fec1075fe3138aa8a620e547315ad46d34d09f9037f8379fa872955ce74fc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7abe20ef7de49ba7-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 22 Mar 2023 11:34:59 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame B074 		154 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7abe20ef7de49ba7
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/knh4w/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2610379769fc94a0fad65ccce5e216b9ec15b75bfc1b22a29a367fc06262869

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/knh4w/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 11:34:59 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7abe20effeb79ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
8394ab0a23e5804
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/153965301:1679483356:R8eu_pwBjWyrT0YMLg1OSzMxg2eXUG3c-Kt78aVi-b0/7abe20ef7de49ba7/ Frame B074 		74 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/153965301:1679483356:R8eu_pwBjWyrT0YMLg1OSzMxg2eXUG3c-Kt78aVi-b0/7abe20ef7de49ba7/8394ab0a23e5804
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7abe20ef7de49ba7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
559622cccb899d2a54552479b1a143bf5581ea00c3798e10d6a731d5b1902a2d

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/knh4w/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
CF-Challenge
8394ab0a23e5804
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Mar 2023 11:35:00 GMT
content-encoding
br
cf_chl_gen
hzHfhLel+G6xytEJPn6JY8B3peiODcGMvVB8yl+ZuyygrFSsHTYLRksEBmeDaxxm2+GLbSKEGAi/1HK+k2vXyXz4HJ9BJ+ZqzT+lQ5NV9P9CAfWf7DLZQcqD8gUfmCQOPRGcuXrKnhPbTx6yqhhHBI2i8nzmJSzArfM/oLhlqLlOyC0CKqzPbaFOKOS81t2ov9lQlvYhyDPYvRyxPzoTLsG4NM8/W4J3dehVakJ17PcH9oTo57X1txNUbYLDIiObluWRr0Z4gIPDBTCxKeWnqGC8KxWLnBVHYr/QKLI0x6M8M2/K6Z4fKMk2YcRCbVU2/iTuOlDHZnFxMhDVINS+V+lcPN0N4Wg3WA4LkUj+w1kIFzRmR8UoJRWI4v1VrvcPQ3z/SPN9v5nt47eD9uEeilhRPS9ZisqwhjNo16WLBmal4Imnw86+B5XXwa+KRdkW$a7XJ5h1d//pMPpQNxBvPNA==
server
cloudflare
cf-ray
7abe20f0f8699ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
PzcQe7NHM4PC35r
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7abe20ef7de49ba7/1679484900012/ Frame B074 		61 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7abe20ef7de49ba7/1679484900012/PzcQe7NHM4PC35r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deca400393bfcd56bf47717b644821d942dccec2ad7e8b2785a6d8a5a2d328ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/knh4w/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 11:35:00 GMT
server
cloudflare
cf-ray
7abe20f35c0d9ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
C_2X1x6kvhczGnf
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7abe20ef7de49ba7/1679484900014/a27d5b8bf5c73db079259e665c1bab470fe07c45c515eaf8aef32633f6744934/ Frame B074 		1 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7abe20ef7de49ba7/1679484900014/a27d5b8bf5c73db079259e665c1bab470fe07c45c515eaf8aef32633f6744934/C_2X1x6kvhczGnf
Requested by
Host: secure.anedot.com
URL: https://secure.anedot.com/speech-first/f9dd874e-180c-44b8-9745-fe216177cc03?source_code=WEFU37028&utm_source=When%20they%20saw%20?Trump?%20Cherise%20Trump,%20Speech%20First_03/22/2023&utm_medium=email&utm_campaign=WEX_Examiner%20Today&rid=9688526&env=17c4f49e8a66e044f7652ea8106c808d4290a3baf47d3e69ab328938f2b1e89
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/knh4w/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 11:35:00 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gon1bi_XHPbB5JZ5mXBurRw_gfEXFFer4rvMmM_Z0STQAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsZX7oXKP7loT52LdLGGhPx-FcBMIdXnohMZ_iqCvbnx5wO3UpaaYQijaS2knGPME34_57i843skNJNu0cqfk3kSO_UbCNZB1O7R-1HHR-ZeqVYD4DkZsO9MgvQyNI2dA-0ft0Hpg9ZWh8CvxSsydRSbQXQQ7njXvtE7Fgt-epNrnMmxQ1vdZvRFy06TPE1BYopLEuTNzMAh9-7c49XMNwctaTluD96isf1HWDhFRV33vn_F4nLEzOfSbQM2PWLMClyEk-6XFxMfoMxOz-DKqPWJ75hfxsdiW9U4-ylW0C6EFDNYLwJseHmFeb5bjkGR7pDkVj5QfYDajhmkBdl5ODwIDAQAB, max-age=20
server
cloudflare
cf-ray
7abe20f3fcff9ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
8394ab0a23e5804
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/153965301:1679483356:R8eu_pwBjWyrT0YMLg1OSzMxg2eXUG3c-Kt78aVi-b0/7abe20ef7de49ba7/ Frame B074 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/153965301:1679483356:R8eu_pwBjWyrT0YMLg1OSzMxg2eXUG3c-Kt78aVi-b0/7abe20ef7de49ba7/8394ab0a23e5804
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7abe20ef7de49ba7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eebfbe19476a6b2e9bf7050398005054185d1d9e990a3975f8631a8d1ef6fb6f

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/knh4w/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
CF-Challenge
8394ab0a23e5804
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Mar 2023 11:35:01 GMT
content-encoding
br
cf_chl_gen
3z72flzYi98dRR9m0+vpCm9qpQBK926+Ywl72FsaHgl1gVaJ9e/BCM5CPnEw79Sm$/S59WHX0ZiqVzXF1dTC8Kg==
server
cloudflare
cf-ray
7abe20f97e979ba7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _cf_chl_opt function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| __cf_md5 function| _cf_chl_turnstile_l function| sendRequest function| SHA256 object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded object| _ undefined| _cf_gcr

2 Cookies

Domain/Path Name / Value
click1.trk-washingtonexaminer.com/ Name: JSESSIONID
Value: AB4771240DCAD0FFF58AEC1174F34A11
secure.anedot.com/ Name: cf_chl_2
Value: 34eacab18689dc8

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://secure.anedot.com/speech-first/f9dd874e-180c-44b8-9745-fe216177cc03?source_code=WEFU37028&utm_source=When%20they%20saw%20?Trump?%20Cherise%20Trump,%20Speech%20First_03/22/2023&utm_medium=email&utm_campaign=WEX_Examiner%20Today&rid=9688526&env=17c4f49e8a66e044f7652ea8106c808d4290a3baf47d3e69ab328938f2b1e89
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.anedot.com/cdn-cgi/challenge-platform/h/g/pat/7abe20e67ab75b92/1679484898560/3475938440c00370e290e90f516bdf75fb309a23ef0ec96e51ef4770ecd416f0/T7k-NOg8lyxz0he
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7abe20ef7de49ba7/1679484900014/a27d5b8bf5c73db079259e665c1bab470fe07c45c515eaf8aef32633f6744934/C_2X1x6kvhczGnf
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN