urlscan.io logo urlscan.io
SecurityTrails logo

xu69d.canksru.ru Open in urlscan Pro
2606:4700:20::681a:66a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.engage.ticketmaster.com/ctt?m=9313380&r=ndiynzazodq4ndu3s0&b=0&j=mtcwmduyoda4oas2&k=link-0&kx=1&kt=1&kd=http%3a%2f%2fatf...
Effective URL: https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==
Submission: On March 31 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 2606:4700:20::681a:66a, located in United States and belongs to CLOUDFLARENET, US. The main domain is xu69d.canksru.ru.
TLS certificate: Issued by GTS CA 1P5 on March 1st 2023. Valid for: 3 months.
This is the only time xu69d.canksru.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.60.182.80 16509 (AMAZON-02)
1 109.71.43.147 24768 (ALMOUROLTEC)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
15 3
Apex Domain
Subdomains		 Transfer
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5123
132 KB
7 canksru.ru
xu69d.canksru.ru
111 KB
1 pt.
atfxj.rp8la.bvlamego.pt.
562 B
1 ticketmaster.com
links.engage.ticketmaster.com — Cisco Umbrella Rank: 121589
194 B
15 4
Domain Requested by
8 challenges.cloudflare.com 1 redirects xu69d.canksru.ru
challenges.cloudflare.com
atfxj.rp8la.bvlamego.pt.
7 xu69d.canksru.ru atfxj.rp8la.bvlamego.pt.
xu69d.canksru.ru
1 atfxj.rp8la.bvlamego.pt.
1 links.engage.ticketmaster.com 1 redirects
15 4

This site contains no links.

Subject Issuer Validity Valid
*.canksru.ru
GTS CA 1P5		 2023-03-01 -
2023-05-30		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==
Frame ID: C4C9793BFF535AD1E6C40C33890818B5
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/a579r/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 2BB2C3381701B0E3F3FE720F1F1E5547
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading...

Page URL History Show full URLs

  1. http://links.engage.ticketmaster.com/ctt?m=9313380&r=ndiynzazodq4ndu3s0&b=0&j=mtcwmduyoda4oas2&k=link-0&kx=1&kt=1... HTTP 302
    http://atfxj.rp8la.bvlamego.pt./?yyy:// Page URL
  2. https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq== Page URL

Page Statistics

15
Requests

87 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

244 kB
Transfer

550 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.engage.ticketmaster.com/ctt?m=9313380&r=ndiynzazodq4ndu3s0&b=0&j=mtcwmduyoda4oas2&k=link-0&kx=1&kt=1&kd=http%3a%2f%2fatfxj.rp8la.bvlamego.pt./?yyy%3a%2f%2f%23.yxjpdmvyyubtyxjjag9ulmnvbq== HTTP 302
    http://atfxj.rp8la.bvlamego.pt./?yyy:// Page URL
  2. https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://links.engage.ticketmaster.com/ctt?m=9313380&r=ndiynzazodq4ndu3s0&b=0&j=mtcwmduyoda4oas2&k=link-0&kx=1&kt=1&kd=http%3a%2f%2fatfxj.rp8la.bvlamego.pt./?yyy%3a%2f%2f%23.yxjpdmvyyubtyxjjag9ulmnvbq== HTTP 302
  • http://atfxj.rp8la.bvlamego.pt./?yyy://
Request Chain 3
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
atfxj.rp8la.bvlamego.pt./
Redirect Chain
  • http://links.engage.ticketmaster.com/ctt?m=9313380&r=ndiynzazodq4ndu3s0&b=0&j=mtcwmduyoda4oas2&k=link-0&kx=1&kt=1&kd=http%3a%2f%2fatfxj.rp8la.bvlamego.pt./?yyy%3a%2f%2f%23.yxjpdmvyyubtyxjjag9ulmnvbq==
  • http://atfxj.rp8la.bvlamego.pt./?yyy://
397 B
562 B 		Document
General
Check archive.org
Download Go to
Full URL
http://atfxj.rp8la.bvlamego.pt./?yyy://
Protocol
HTTP/1.1
Server
109.71.43.147 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT),
Reverse DNS
dourocom.pt
Software
nginx / PHP/7.4.33
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 31 Mar 2023 20:33:41 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.33
X-Scale
YXBvY2FzQGdpdGh1Yg==

Redirect headers

Connection
close
Content-Length
0
Date
Fri, 31 Mar 2023 20:33:41 GMT
Location
http://atfxj.rp8la.bvlamego.pt./?yyy://#.yxjpdmvyyubtyxjjag9ulmnvbq==
Server
Apache
Primary Request M.yxjpdmvyyubtyxjjag9ulmnvbq==
xu69d.canksru.ru/ 		8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==
Requested by
Host: atfxj.rp8la.bvlamego.pt.
URL: http://atfxj.rp8la.bvlamego.pt./?yyy://
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f574f74f31d8162762374ade73c663db011ff1476edce88504df12f736ced68
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://atfxj.rp8la.bvlamego.pt./
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7b0b5e6c085f5b16-IAD
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 31 Mar 2023 20:33:41 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTRQ%2B%2FF8jPgHQeWmX9sPDwYJXCJUIYfGBzKOWdYfXm%2BrWLcNxsCLgECxPSdacdWazBIE6aKwpdHT9yP1wKGiTDlvSdXdS%2FUKUGHVsZ56Ao9qaJKSeh2reqcVHh59MxB5oentTpc3F%2Fxp6DCTiAE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
v1
xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ 		144 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7b0b5e6c085f5b16
Requested by
Host: xu69d.canksru.ru
URL: https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0b6819c76c5ff34740ccb8438ba7c1e3af5f0fab77b9ee6cce674151316c9ef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==?__cf_chl_rt_tk=nbkmj2pJWP47oASB4ZQuU2bEfAYw_3JHZIWLqQgFzsE-1680294821-0-gaNycGzNC5A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:33:41 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxVHtSRwzKbz%2F1GljmaSGhL74%2BJp9UExwjPDJjlqINIWfzWJ4dhG4flPVZCId48Q1zA6iNATGHbalgI6lPSgEW3NdqVY%2Bupd2tJ4h2SmiWs6v8irb9PdS8M2aTKv0jptLGnWUGMQE1uu3enByp4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7b0b5e6d59605b16-IAD
transparent.gif
xu69d.canksru.ru/cdn-cgi/images/trace/managed/js/ 		42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xu69d.canksru.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7b0b5e6c085f5b16
Requested by
Host: xu69d.canksru.ru
URL: https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==?__cf_chl_rt_tk=nbkmj2pJWP47oASB4ZQuU2bEfAYw_3JHZIWLqQgFzsE-1680294821-0-gaNycGzNC5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==?__cf_chl_rt_tk=nbkmj2pJWP47oASB4ZQuU2bEfAYw_3JHZIWLqQgFzsE-1680294821-0-gaNycGzNC5A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:33:41 GMT
x-content-type-options
nosniff
last-modified
Tue, 21 Mar 2023 12:30:57 GMT
server
cloudflare
etag
"6419a381-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7b0b5e6d59625b16-IAD
content-length
42
expires
Fri, 31 Mar 2023 22:33:41 GMT
api.js
challenges.cloudflare.com/turnstile/v0/b/c09a1a74/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit
14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: xu69d.canksru.ru
URL: https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==
Protocol
H2
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38065ca232356314bc86aad8e1b1ad253d7b20a16bc6387d01ab225c29e86490

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:33:42 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7b0b5e6ed91e33f7-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Fri, 31 Mar 2023 20:33:42 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control
max-age=300, public
cf-ray
7b0b5e6e584733f7-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ea87d3674ec14b4
xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1563101647:1680293267:7ARjBrncMuJFdmjGX8sEQRQ0SMPUlbVaFUTL0j96GE0/7b0b5e6c085f5b16/ 		92 KB
48 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1563101647:1680293267:7ARjBrncMuJFdmjGX8sEQRQ0SMPUlbVaFUTL0j96GE0/7b0b5e6c085f5b16/ea87d3674ec14b4
Requested by
Host: xu69d.canksru.ru
URL: https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7b0b5e6c085f5b16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27228e91754fbeed184348db4a666ddcea90df0f8f06c40ef2e24eaa730c551f

Request headers

Referer
https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
CF-Challenge
ea87d3674ec14b4
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 31 Mar 2023 20:33:42 GMT
content-encoding
br
cf_chl_gen
YGPQ8jfKrZsnm/ZT9oUtgXKDXlZXpzbOh5ipONB05h1SShgKWuQhLM9PDOldaDZcDdHaPTVbeIm9sXuAANx1knSWHD4WMtDR+V61R3GFQ5Ur5/2Bwppt9TVBiES4rE35YRKK5s79RCm5av/7gGM3njyPhBkH4uuqrw/4ZmELhK5MyTM1ZEdzOSGDxKJgC2RYYJlUMivwpkkybGEv8lhTmafyXpqsLLCqZ8Xqb37ToYN2rQdrg8h5RFIW2YyQ9OfVmXwxhgjc5d625hjqg1cB9wD0UQElKB1kvmMsi/lTYeFms6BpYHDVT8QaxHNHKHGlmbllUC/8ZIx7OSx4qOHKBgfbqliSVsL9Jsfd6IKKt1tVhlzk08SzToFKv+cvxEA+SlER2jG90ZPiPJUHuAF62UzRkz/J2oLUEZbolRX7nIg=$RMK2KyYPVDVEyG8bucxzPw==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DGcDWR81urr9XmvCMSluEZxJQKo9EFuNqrPLFyNvV3Mvd0R9%2F2RsDugiggPNORUyBlIHxrwswTLlnvQb3p4WUP3XO2Qlvz%2BzpzTB7H%2BB5WTqE4tCuh2PbFVeRivu68y4d62dNtzlzHW%2FPZD4ZE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7b0b5e6ecac75b16-IAD
q7RS6tQnOc0LW1a
xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/img/7b0b5e6c085f5b16/1680294822224/ 		61 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/img/7b0b5e6c085f5b16/1680294822224/q7RS6tQnOc0LW1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31c945ad0d7981fe89eb6f774b9e455254a9bbe017f02f871b928d2cdabbee91

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:33:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7b0b5e711ca35b16-IAD
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNBg1zja60ssxgVbjLryul6Z2%2Bs1d9T5U0rhES0AtZT%2FFB7oeCHrqpjnKNVw%2FAqQEpc1jxeIspNcXWME8z5kOg9J%2BZg9iXBKmk9auQLdfTrRdehYUc8cxXTDTmhgWEL28fcS1ammFfvHR97YP2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
1GevePKhxTg8oGY
xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/pat/7b0b5e6c085f5b16/1680294822229/600370977db5fba2c5837259fda431f4e671078bc9004bf59f9364cf82baf81a/ 		1 B
798 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/pat/7b0b5e6c085f5b16/1680294822229/600370977db5fba2c5837259fda431f4e671078bc9004bf59f9364cf82baf81a/1GevePKhxTg8oGY
Requested by
Host: atfxj.rp8la.bvlamego.pt.
URL: http://atfxj.rp8la.bvlamego.pt./?yyy://
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:33:43 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gYANwl321-6LFg3JZ_aQx9OZxB4vJAEv1n5Nkz4K6-BoAEHh1NjlkLmNhbmtzcnUucnU=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAosgoN3xmwny44x-b3uhcfXXPKHIjdLBDH6qWJkmK-lLNepJd9XkfZUhHXsrVh6dzzlG-78EYB_2by01p8nVTQ1aNZ_rL3t0CYrClRTJqD5u7jiZqQmXtLMdIwOgSVlmpZ3E1uQpAY1u0YJgfVayHdzwjAvVfouhmPwUEyFCjy6NTlUQvV2mZXUmXwwis17sQI6DlNu3UNK2tm5s-MaIjJKVibP1sHHMgJmKUJfYvLXb6URhUNpiRD8HP6LpCdEG6sk4ga7xzrhgd7WSq2Ty1NGCBzyiYx-pm2tWO-rSpSPj6Icm7PKNWIGdCoorskjZXZqEM9gHeOR1-RRaYu75E7wIDAQAB, max-age=20
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7b0b5e76c9c25b16-IAD
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JOne%2BZigdkxVZ3Kf%2FqWCaIUYtMdnUPxVWydan3cYo6sP2yZaUkosYWUPx%2Fmot5pb6IPgoHcbHsNY4%2FJpoj9IE29FlhUYIthrMGqgXJ4zj%2FTHL4BdgpV8nfNAedHCaurT5W2oA5cjhz9LxVVtmqE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
ea87d3674ec14b4
xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1563101647:1680293267:7ARjBrncMuJFdmjGX8sEQRQ0SMPUlbVaFUTL0j96GE0/7b0b5e6c085f5b16/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1563101647:1680293267:7ARjBrncMuJFdmjGX8sEQRQ0SMPUlbVaFUTL0j96GE0/7b0b5e6c085f5b16/ea87d3674ec14b4
Requested by
Host: xu69d.canksru.ru
URL: https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7b0b5e6c085f5b16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
451641bce2e12657595ca3d452a5e15e2c9583b2b4b0c55840dfccaf3468a3a6

Request headers

Referer
https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
CF-Challenge
ea87d3674ec14b4
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 31 Mar 2023 20:33:43 GMT
content-encoding
br
cf_chl_gen
6IPTifHgAWo2DSBcu4kudZOJXZe1e+uqvgx0OqdJ0lCdx9ntcO2wpTLLL3hGfk53$K0NecFA+SC5OL3Hd6jmFjg==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSdQOpi1DqkEgXDCRcLy2fxyFglGZZlbnqtH2LVjohTD5W%2B54VCTLSpAZBtsy41jUQoEB%2FRlwXLbRTRcyj4oi8IVFRsCRXzY6Vurjl5xnjof8gnpoGQTWJOtSiJ2wNZZZxF%2B54t88Hb2NDltvt0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7b0b5e785aee5b16-IAD
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/a579r/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 2BB2 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/a579r/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddbfbdcaa268f54e91ae50462380c166975f0c41add79e9ce6440615369856eb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7b0b5e7919b6714a-YUL
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 31 Mar 2023 20:33:43 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 2BB2 		156 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7b0b5e7919b6714a
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/a579r/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60f5a6f389e1916f411f8133712bca426afb79056521f090309ecc30a9023d4f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/a579r/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:33:44 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7b0b5e7a6b97714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
8ba77032ce04958
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1676912194:1680293267:h2GUGMDoGWG0CExydRSnHvdz1jvzeLFXKkLx1N-d5Ww/7b0b5e7919b6714a/ Frame 2BB2 		100 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1676912194:1680293267:h2GUGMDoGWG0CExydRSnHvdz1jvzeLFXKkLx1N-d5Ww/7b0b5e7919b6714a/8ba77032ce04958
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7b0b5e7919b6714a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c27573d8a4861e825a3214ce15a9ac348fc8164c345d98a0ec36ee0c31afe6d8

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/a579r/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
CF-Challenge
8ba77032ce04958
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 31 Mar 2023 20:33:44 GMT
content-encoding
br
cf_chl_gen
+cpYeQW1ljVNk8jHc5VG+ezACcvrrBGUT9Ayn/Pm7NoLE4zPKsUm2hi2wJoi/iNw/gw6xh4RmrMI76WTzRunGe5glcWxq0cVui0ST6KSr/u2XeE7eavuJsqSILe4D/jXEuGHchw9zln3AfcOYMaUl6YxAVDciE7+TCRxykhwlP/lV/hYAuUqj9takbqgOm4rWZa53Jv+s90urhWfRxbmAeWe67GrtgNBsaDD67XlL/9ppwMi6nFHkxsfJQcCqp5qSaqgI6RybhHdRieAyEdQbXIhs6y5kC9JZj2nCbatptV28toZK5X+vI3vDI126hU0VaSQpioOw7mBVLbhF6xD0PH53LyydOiu/9sKfLj0TJw18mCRjDKFisLq2vhOu9SqerCdefqCHGi9aQGR5Zi/BZ51b2/4uQkjErV0P2igDKQ=$ur0kZYKFaFZn/AiIxqUibg==
server
cloudflare
cf-ray
7b0b5e7bad67714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
epzsmRfUxQH6YUD
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7b0b5e7919b6714a/1680294824280/7344cc6fc6cd6b643d55d7b710f7a3f95eb8b2af285905d04195a8f4240e080b/ Frame 2BB2 		1 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7b0b5e7919b6714a/1680294824280/7344cc6fc6cd6b643d55d7b710f7a3f95eb8b2af285905d04195a8f4240e080b/epzsmRfUxQH6YUD
Requested by
Host: atfxj.rp8la.bvlamego.pt.
URL: http://atfxj.rp8la.bvlamego.pt./?yyy://
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/a579r/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:33:44 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gc0TMb8bNa2Q9Vde3EPej-V64sq8oWQXQQZWo9CQOCAsAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAosgoN3xmwny44x-b3uhcfXXPKHIjdLBDH6qWJkmK-lLNepJd9XkfZUhHXsrVh6dzzlG-78EYB_2by01p8nVTQ1aNZ_rL3t0CYrClRTJqD5u7jiZqQmXtLMdIwOgSVlmpZ3E1uQpAY1u0YJgfVayHdzwjAvVfouhmPwUEyFCjy6NTlUQvV2mZXUmXwwis17sQI6DlNu3UNK2tm5s-MaIjJKVibP1sHHMgJmKUJfYvLXb6URhUNpiRD8HP6LpCdEG6sk4ga7xzrhgd7WSq2Ty1NGCBzyiYx-pm2tWO-rSpSPj6Icm7PKNWIGdCoorskjZXZqEM9gHeOR1-RRaYu75E7wIDAQAB, max-age=20
server
cloudflare
cf-ray
7b0b5e7f4a67714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
OpPTtSCoWvW9pZY
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7b0b5e7919b6714a/1680294824280/ Frame 2BB2 		61 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7b0b5e7919b6714a/1680294824280/OpPTtSCoWvW9pZY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
235c5e104c56509ffe8b7fe71547738d21d0e4339700b0f690f8f89f37cd69c2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/a579r/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:33:44 GMT
server
cloudflare
cf-ray
7b0b5e7f7ace714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
8ba77032ce04958
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1676912194:1680293267:h2GUGMDoGWG0CExydRSnHvdz1jvzeLFXKkLx1N-d5Ww/7b0b5e7919b6714a/ Frame 2BB2 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1676912194:1680293267:h2GUGMDoGWG0CExydRSnHvdz1jvzeLFXKkLx1N-d5Ww/7b0b5e7919b6714a/8ba77032ce04958
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7b0b5e7919b6714a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83f1cabdfc53f29e510a1e8e1f515e0eaab00e7de8e6a573d1d3af1578836e06

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/a579r/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
CF-Challenge
8ba77032ce04958
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 31 Mar 2023 20:33:45 GMT
content-encoding
br
cf_chl_gen
ae688PSuZglQJUK2tHmvjkB6ugFojSGnxmLGqUAElJFpCb8P/+rtJJXQj/V6yWsW$RZrpj1cjnUQmWVEnvOYhYw==
server
cloudflare
cf-ray
7b0b5e8389e8714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _cf_chl_opt function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| sendRequest function| SHA256 function| _cf_chl_turnstile_l function| __cf_md5 object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded object| _

0 Cookies

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/pat/7b0b5e6c085f5b16/1680294822229/600370977db5fba2c5837259fda431f4e671078bc9004bf59f9364cf82baf81a/1GevePKhxTg8oGY
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7b0b5e7919b6714a/1680294824280/7344cc6fc6cd6b643d55d7b710f7a3f95eb8b2af285905d04195a8f4240e080b/epzsmRfUxQH6YUD
Message:
Failed to load resource: the server responded with a status of 401 ()