vpn-detection-demo.botd.xyz
Open in
urlscan Pro
104.26.6.130
Public Scan
Submission: On September 18 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on August 21st 2023. Valid for: 3 months.
This is the only time vpn-detection-demo.botd.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 8 | 104.26.6.130 104.26.6.130 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 3.232.142.126 3.232.142.126 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 108.156.60.96 108.156.60.96 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 13.248.176.92 13.248.176.92 | 16509 (AMAZON-02) (AMAZON-02) | |
11 | 4 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-142-126.compute-1.amazonaws.com
staging.tcpip.fpjs.sh |
ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-96.ams1.r.cloudfront.net
fpnpmcdn.net |
ASN16509 (AMAZON-02, US)
PTR: a46a250059e296ddb.awsglobalaccelerator.com
api.fpjs.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
botd.xyz
1 redirects
vpn-detection-demo.botd.xyz |
85 KB |
2 |
fpjs.io
api.fpjs.io — Cisco Umbrella Rank: 74411 |
1 KB |
1 |
fpnpmcdn.net
fpnpmcdn.net — Cisco Umbrella Rank: 28442 |
43 KB |
1 |
fpjs.sh
staging.tcpip.fpjs.sh |
633 B |
11 | 4 |
Domain | Requested by | |
---|---|---|
8 | vpn-detection-demo.botd.xyz |
1 redirects
vpn-detection-demo.botd.xyz
|
2 | api.fpjs.io |
fpnpmcdn.net
|
1 | fpnpmcdn.net |
vpn-detection-demo.botd.xyz
|
1 | staging.tcpip.fpjs.sh |
vpn-detection-demo.botd.xyz
|
11 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
fingerprint.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
botd.xyz GTS CA 1P5 |
2023-08-21 - 2023-11-19 |
3 months | crt.sh |
staging.tcpip.fpjs.sh R3 |
2023-07-28 - 2023-10-26 |
3 months | crt.sh |
fpcdn.io Amazon RSA 2048 M01 |
2022-11-09 - 2023-12-08 |
a year | crt.sh |
api.fpjs.io Amazon RSA 2048 M01 |
2023-02-21 - 2024-01-13 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://vpn-detection-demo.botd.xyz/
Frame ID: 99AACB8E3AFB38395F9D419CD51453B9
Requests: 9 HTTP requests in this frame
Frame:
https://vpn-detection-demo.botd.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
Frame ID: F3B207C0B5962E6CF7194938D8C552B7
Requests: 2 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: article
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://vpn-detection-demo.botd.xyz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://vpn-detection-demo.botd.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
vpn-detection-demo.botd.xyz/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.246f3a1f.js
vpn-detection-demo.botd.xyz/static/js/ |
250 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.54e3fc33.css
vpn-detection-demo.botd.xyz/static/css/ |
159 B 560 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
vpn-detection-demo.botd.xyz/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/ Frame F3B2 Redirect Chain
|
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
vpn-detection-demo.botd.xyz/api/ |
79 B 492 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
80891109380d9b70
vpn-detection-demo.botd.xyz/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F3B2 |
0 563 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
staging.tcpip.fpjs.sh/ |
413 B 633 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader_v3.8.5.js
fpnpmcdn.net/v3/QJlqoANg0fGtdTnifv5g/ |
125 KB 43 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UmgdwtV
api.fpjs.io/Av8J/bLHB3P/zKqO0EF/ |
96 B 447 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
api.fpjs.io/ |
276 B 648 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
vpn
vpn-detection-demo.botd.xyz/api/ |
911 B 796 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture undefined| __fpjs_p_l_b string| __fpjs_pvid1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.botd.xyz/ | Name: cf_clearance Value: riMpXYX4cN4TAuhGJIvDKnEri8K.QGsnpzJ4DTbYouM-1695034631-0-1-f55640b0.ec8aff0d.a2571f50-0.2.1695034631 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.fpjs.io
fpnpmcdn.net
staging.tcpip.fpjs.sh
vpn-detection-demo.botd.xyz
104.26.6.130
108.156.60.96
13.248.176.92
3.232.142.126
015e232b7de788ad500a5f34285319422b1155287d74d216ed187914d0a2fa3b
386561304311457db03c000b93b6b9d587dc8861f54713c81088fd30b318b86a
4cd16d0a9ed0e1685d7f52ad22121a9013f14fa626e5efee960647d20c0952af
9e191d215d2ef7878ca2a634b7ed4bc890e34d2680825402502c3945dafd67b8
a52d45a874da01cb5ece87200e6ecbb87db92a76d189b532fa04a4b090aed5c7
a62df83ef029d12d2ac888874ab2a50bbfdab5948406b90af9b072546f0af5a4
bd5bb18e9bc68ccb0875cd6ce2b58ceab2933f00ea79fdbbe903c3678399145b
bf9f310d785364b4810853b917d0c21c5b37cfe4ca58ebfb3467ce0ae5efaeed
c82c479967dc61b12b9b9394d80aff3e762da6773074f3d8dfaf18bc70dda607
d8590792cb87eb1b1d2e6ede9bf268e88e7757133966594c1fd16a2e4c5f34d8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855