Submitted URL: http://eulerian.officiel-des-vacances.com/dynclick/officiel-vacances/?eml-publisher=MREL&eml-name=mindbaz_retargeting_m4&eml-ctype=CTYPE&e...
Effective URL: https://nxdbku.cyttek.ru/Memilykam@voguelaundry.com
Submission: On June 09 via manual from IN — Scanned from FR

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is nxdbku.cyttek.ru.
TLS certificate: Issued by E1 on May 30th 2023. Valid for: 3 months.
This is the only time nxdbku.cyttek.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 109.232.193.197 50234 (EULERIAN-AS)
1 198.59.144.130 17378 (AS17378)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
14 4
Apex Domain
Subdomains
Transfer
7 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5410
212 KB
4 cyttek.ru
nxdbku.cyttek.ru
70 KB
2 officiel-des-vacances.com
eulerian.officiel-des-vacances.com
1 KB
1 negociosverdes.org
negociosverdes.org
244 B
14 4
Domain Requested by
7 challenges.cloudflare.com nxdbku.cyttek.ru
challenges.cloudflare.com
4 nxdbku.cyttek.ru nxdbku.cyttek.ru
2 eulerian.officiel-des-vacances.com 2 redirects
1 negociosverdes.org
14 4

This site contains no links.

Subject Issuer Validity Valid
negociosverdes.org
R3
2023-06-04 -
2023-09-02
3 months crt.sh
cyttek.ru
E1
2023-05-30 -
2023-08-28
3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3
2022-09-18 -
2023-09-17
a year crt.sh

This page contains 2 frames:

Primary Page: https://nxdbku.cyttek.ru/Memilykam@voguelaundry.com
Frame ID: CEBB9944C28E8EF1EE3EDC5D6984B721
Requests: 6 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9e4g4/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 497A183574A5F89338682F4B971188EF
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Loading...

Page Statistics

14
Requests

86 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

282 kB
Transfer

588 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://eulerian.officiel-des-vacances.com/dynclick/officiel-vacances/?eml-publisher=MREL&eml-name=mindbaz_retargeting_m4&eml-ctype=CTYPE&eemail=958c5e006c0d43c2ae3f77f528032e88&eurl=https%3A%2F%2Fnegociosverdes.org%2Fcss%2Fadmine%2Ffhbhb%2Fsf_rand_string_lowercase6%2F%2F%2F%2FZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ== HTTP 302
  • https://eulerian.officiel-des-vacances.com/dynclick/officiel-vacances/?eml-publisher=MREL&eml-name=mindbaz_retargeting_m4&eml-ctype=CTYPE&eemail=958c5e006c0d43c2ae3f77f528032e88&eurl=https%3A%2F%2Fnegociosverdes.org%2Fcss%2Fadmine%2Ffhbhb%2Fsf_rand_string_lowercase6%2F%2F%2F%2FZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ== HTTP 302
  • https://negociosverdes.org/css/admine/fhbhb/sf_rand_string_lowercase6////ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==?ectrans=1

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==
negociosverdes.org/css/admine/fhbhb/sf_rand_string_lowercase6////
Redirect Chain
  • http://eulerian.officiel-des-vacances.com/dynclick/officiel-vacances/?eml-publisher=MREL&eml-name=mindbaz_retargeting_m4&eml-ctype=CTYPE&eemail=958c5e006c0d43c2ae3f77f528032e88&eurl=https%3A%2F%2Fn...
  • https://eulerian.officiel-des-vacances.com/dynclick/officiel-vacances/?eml-publisher=MREL&eml-name=mindbaz_retargeting_m4&eml-ctype=CTYPE&eemail=958c5e006c0d43c2ae3f77f528032e88&eurl=https%3A%2F%2F...
  • https://negociosverdes.org/css/admine/fhbhb/sf_rand_string_lowercase6////ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==?ectrans=1
0
244 B
Document
General
Full URL
https://negociosverdes.org/css/admine/fhbhb/sf_rand_string_lowercase6////ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==?ectrans=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.59.144.130 , United States, ASN17378 (AS17378, US),
Reverse DNS
svgr317.serverneubox.com.mx
Software
Apache / PHP/7.4.33
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 09 Jun 2023 01:26:49 GMT
referrer-policy
no-referrer-when-downgrade
refresh
0;url=https://nxdbku.cyttek.ru/Memilykam@voguelaundry.com
server
Apache
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.33
x-xss-protection
1

Redirect headers

Accept-Ranges
none
Cache-Control
max-age=0, private
Connection
Close
Content-Length
0
Date
Fri, 09 Jun 2023 01:26:49 GMT
Location
https://negociosverdes.org/css/admine/fhbhb/sf_rand_string_lowercase6////ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==?ectrans=1
Pragma
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Server
EWS
Strict-Transport-Security
max-age=604800
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex
X-XSS-Protection
0
Primary Request Memilykam@voguelaundry.com
nxdbku.cyttek.ru/
8 KB
5 KB
Document
General
Full URL
https://nxdbku.cyttek.ru/Memilykam@voguelaundry.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09ef94dbc70eb3cb78accceda4e871c45bf3b5facb010e0cde85dc2826e061d7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://negociosverdes.org/css/admine/fhbhb/sf_rand_string_lowercase6////ZW1pbHlrYW1Adm9ndWVsYXVuZHJ5LmNvbQ==?ectrans=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7d4596b0df03024f-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 09 Jun 2023 01:26:49 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGgnvGPFf2zo8oEmdGfeNIuy3QpP3gl3x7dSf2PNUuUZ4nMchlcQN%2FlpSL%2FKOBTHMpWr4jIL%2F1I9Ey%2FQlg5x36KL%2BHcjointqLSnRAvjH%2BvQleIPv6R9%2FeU5mcKlPz0utQGk9fb8eoSMnC2lOyKW"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
v1
nxdbku.cyttek.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/
169 KB
58 KB
Script
General
Full URL
https://nxdbku.cyttek.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7d4596b0df03024f
Requested by
Host: nxdbku.cyttek.ru
URL: https://nxdbku.cyttek.ru/Memilykam@voguelaundry.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
236d4e0577843cd5f12371f7302f2691632824e945befd36ef22658b653fdd99

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nxdbku.cyttek.ru/Memilykam@voguelaundry.com?__cf_chl_rt_tk=_xRbRFqhFHojPynWP8aDaQFXOTLbDCN4kf6M6EIl_PM-1686274009-0-gaNycGzNDCU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 01:26:49 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMlGhl31U6TBhPwdY8BkzeW5HwC4RqcWBKF3URfdjP0DEBCAh60MKUrV15Tkx2U%2F9%2BBEw%2FwlK%2FTbnPixD%2FWFmGcFTlsv%2Bme%2Fm648S%2B7983muZHGpahJ4YgM2MhsvYvSbPn3Jg1bfQTI6xh5PP5so"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7d4596b13f1e024f-CDG
alt-svc
h3=":443"; ma=86400
transparent.gif
nxdbku.cyttek.ru/cdn-cgi/images/trace/managed/js/
42 B
220 B
Image
General
Full URL
https://nxdbku.cyttek.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d4596b0df03024f
Requested by
Host: nxdbku.cyttek.ru
URL: https://nxdbku.cyttek.ru/Memilykam@voguelaundry.com?__cf_chl_rt_tk=_xRbRFqhFHojPynWP8aDaQFXOTLbDCN4kf6M6EIl_PM-1686274009-0-gaNycGzNDCU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://nxdbku.cyttek.ru/Memilykam@voguelaundry.com?__cf_chl_rt_tk=_xRbRFqhFHojPynWP8aDaQFXOTLbDCN4kf6M6EIl_PM-1686274009-0-gaNycGzNDCU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 01:26:49 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 May 2023 15:20:42 GMT
server
cloudflare
etag
"6476144a-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7d4596b13f1f024f-CDG
content-length
42
expires
Fri, 09 Jun 2023 03:26:49 GMT
api.js
challenges.cloudflare.com/turnstile/v0/b/5da7637f/
19 KB
7 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/5da7637f/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: nxdbku.cyttek.ru
URL: https://nxdbku.cyttek.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7d4596b0df03024f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2760f96d3b7629100aee1cb3ec7c47a3b6f0dee1152c339dc91a6fd67cb87887

Request headers

Referer
Origin
https://nxdbku.cyttek.ru
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 01:26:49 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7d4596b20d5c017b-CDG
alt-svc
h3=":443"; ma=86400
816f055b62f59c2
nxdbku.cyttek.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/504990355:1686272810:eDEFG_83jaHXrxwjBNmr0U22M4VkULXNIj3WQNgFSOI/7d4596b0df03024f/
8 KB
6 KB
XHR
General
Full URL
https://nxdbku.cyttek.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/504990355:1686272810:eDEFG_83jaHXrxwjBNmr0U22M4VkULXNIj3WQNgFSOI/7d4596b0df03024f/816f055b62f59c2
Requested by
Host: nxdbku.cyttek.ru
URL: https://nxdbku.cyttek.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7d4596b0df03024f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa641d08ba2de886467c7863501bdecc8fb131f646d7cf3b6ebe74455bd7c676

Request headers

Referer
https://nxdbku.cyttek.ru/Memilykam@voguelaundry.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
CF-Challenge
816f055b62f59c2
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 09 Jun 2023 01:26:50 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ot%2FtO6AuSSPC1FE4edgSMhgQtqByDJXZ4LFpMMDBO0o9cCJb1WdaHmGcGfrSjrXcVNe3LPwdDqsRIKflwMwVj1aHCpZiVmA2jGVIpIWTD%2B%2BqhkkdTiOjPTq36hdr9bfji75ZhyyNhi1LG1RpywsV"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7d4596b26d3a0346-CDG
alt-svc
h3=":443"; ma=86400
cf-chl-gen
6BRBhPLChd5tF18R57oxRJkBb5m0NbCOxJJErx3BiRl4aFm3GOWkqbvo3FECrLd4$Q6AtqD0Kx3UFwV+MvW//4Q==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9e4g4/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 497A
24 KB
7 KB
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9e4g4/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/5da7637f/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe78b4b1d91cc2633d7f8dae21749bf04bae2444a36acfd1acedd64934cb42f8
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7d4596b318582a3f-CDG
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 09 Jun 2023 01:26:50 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 497A
176 KB
61 KB
Script
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7d4596b318582a3f
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9e4g4/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecb81198ecdc821f2a308a620dcc0bf6027e335361fdb6cc47576e25ccce1d50

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9e4g4/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 01:26:50 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7d4596b378822a3f-CDG
alt-svc
h3=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
3f88a5c305e48ac
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1418021780:1686272859:ns7i-APfejL3JwAMQkKO4yvIJ9FMHzjx-DFYZ2Tauw0/7d4596b318582a3f/ Frame 497A
172 KB
127 KB
XHR
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1418021780:1686272859:ns7i-APfejL3JwAMQkKO4yvIJ9FMHzjx-DFYZ2Tauw0/7d4596b318582a3f/3f88a5c305e48ac
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7d4596b318582a3f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705a3486c55dbb36ab2276191819a7067c991037a4644868aa20bc2c4dce6d49

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9e4g4/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
CF-Challenge
3f88a5c305e48ac
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
MNnetk41Gx2iFsgy3K8tsLdluW5r66wirvTM3b9Hc04SXpcr95gD9TG3lv/VNClJjFxgF5W/e+SNRwf7FRFfgJig0d2KJ0JCwrxfVRxlnKOIEJ07UpVybmugwDXjFr4WH3YZmLO2MLLU6edjSfagqxjwdWj0nQVvFk0vqDwNbTE8d/spHGo1Y32io0ujAP9lGbiXbkbIvxD5OTvLdNSeUPO+xwTQ02FfEPROegb2468QQ3JgsQ67uhzkhBRTbJCBHAZYDTQjhwsBoW2pkHczlL95u+co8XzyWWZI2o+59Y2RjjsBLLIgLpCmAC4iZlP7fnp4u/FXNOXEsyNdg2invunNcWdAEiC1vDwDxOjHyoDGOGZY4uFa93kkv/DpxrMpY6lm4Gp1POP/86rG+oxuabIH0JA8AQpJvqbv462quOKda96KMYa1JA1z3NSji7g1/agySmD3mnzb0CmWjydcTfJ7N0G+Y9uLI1Nwb1vv0r2mY+J3wxKuQMq2U/b5Tb4h$chS+d4fRkzbPIowRZ7lpVA==
date
Fri, 09 Jun 2023 01:26:50 GMT
content-encoding
br
server
cloudflare
cf-ray
7d4596b4d8e82a3f-CDG
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
SNulo15I9lUOa_X
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7d4596b318582a3f/1686274010391/caef303f9cace226b0838af8023c3688b1a6b7403ce5581079a39a242837d181/ Frame 497A
1 B
626 B
Fetch
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7d4596b318582a3f/1686274010391/caef303f9cace226b0838af8023c3688b1a6b7403ce5581079a39a242837d181/SNulo15I9lUOa_X
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7d4596b318582a3f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9e4g4/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 01:26:50 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gyu8wP5ys4iawg4r4Ajw2iLGmt0A85VgQeaOaJCg30YEAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAojBPEhHbcKehbsRgb6MQwTLnz6FfOWY3U7htx8zvI-_YjK6t2DJdiGR2PgLAZTWqUHvv7eW53jhfv6u2qjbB0GhscHTQPn82jBzC5A9LjI7Y6_IOaPVsbnKqPWxPTNAND0HPMBt1t_vRUWrh142sUJwPDLdW4nQ04c-fuBJFSbNk1hDr8_t-WuQKb52Kf7pyde3Nvk_e6oJs_Ebm1EZ_XYcove1AKMrM5Mf0rIsbI8gZRw1qcUtHJZN12i5le0Ocw6qj2gfeojfbTcmwDgUscUtJTnFKFGTMiRrV2rc2F_oAwbqOCH6BSKzO54OWUwWXFfQ8upcvrBhu6JWg-MBRBwIDAQAB, max-age=20
server
cloudflare
cf-ray
7d4596b779bf2a3f-CDG
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
f0861563-fa25-45fd-b9d4-540d2161b9e1
https://challenges.cloudflare.com/ Frame 497A
656 B
0
Other
General
Full URL
blob:https://challenges.cloudflare.com/f0861563-fa25-45fd-b9d4-540d2161b9e1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9e4g4/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Length
656
Content-Type
text/javascript
Jno5QHJsffFIegw
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7d4596b318582a3f/1686274010395/ Frame 497A
61 B
147 B
Image
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7d4596b318582a3f/1686274010395/Jno5QHJsffFIegw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12852b43bf8a66c48640a9a36048148f2b1edaddbd018bc2c7425340202a7ed9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9e4g4/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 01:26:52 GMT
server
cloudflare
cf-ray
7d4596c49e202a3f-CDG
alt-svc
h3=":443"; ma=86400
content-type
image/png
65a7fce2-07c6-44f0-892b-468612b77f58
https://challenges.cloudflare.com/ Frame 497A
99 B
0
Other
General
Full URL
blob:https://challenges.cloudflare.com/65a7fce2-07c6-44f0-892b-468612b77f58
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9e4g4/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Length
99
Content-Type
text/javascript
3f88a5c305e48ac
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1418021780:1686272859:ns7i-APfejL3JwAMQkKO4yvIJ9FMHzjx-DFYZ2Tauw0/7d4596b318582a3f/ Frame 497A
13 KB
10 KB
XHR
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1418021780:1686272859:ns7i-APfejL3JwAMQkKO4yvIJ9FMHzjx-DFYZ2Tauw0/7d4596b318582a3f/3f88a5c305e48ac
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7d4596b318582a3f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7133c7470ab088168ed6f296980c23aad179d2906f0a0df788ec0c79c35ba05

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/9e4g4/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
CF-Challenge
3f88a5c305e48ac
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
iey53vdjz8qE5tYOh2VGSBUNeIpfKzCjhoS6Ty0TRDS7vbtyF8pIlOI4kb6lBIpM$J+6GJJeVxzUyxjpoyaK+ag==
date
Fri, 09 Jun 2023 01:26:53 GMT
content-encoding
br
server
cloudflare
cf-ray
7d4596c6feeb2a3f-CDG
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| _cf_chl_opt function| _cf_chl_turnstile_l function| pKMxd4 function| SHA256 function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| bCjsOZCfgW object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded

1 Cookies

Domain/Path Name / Value
.officiel-des-vacances.com/ Name: etuix
Value: 1JJIxbEy_iX323Nplfb3IsXCrTecaUkDKZBRpbNhASKhqKIjdp0lAA--

4 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://nxdbku.cyttek.ru/Memilykam@voguelaundry.com
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7d4596b318582a3f/1686274010391/caef303f9cace226b0838af8023c3688b1a6b7403ce5581079a39a242837d181/SNulo15I9lUOa_X
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1