Submitted URL: http://links.engage.ticketmaster.com/ctt?m=9313380&r=ndiynzazodq4ndu3s0&b=0&j=mtcwmduyoda4oas2&k=link-0&kx=1&kt=1&kd=http%3a%2f%2fv6r...
Effective URL: https://xu69d.canksru.ru/M.dgfuaxjvqhzzcc5jb20=
Submission: On March 31 via api from US — Scanned from CA

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 2606:4700:20::681a:66a, located in United States and belongs to CLOUDFLARENET, US. The main domain is xu69d.canksru.ru.
TLS certificate: Issued by GTS CA 1P5 on March 1st 2023. Valid for: 3 months.
This is the only time xu69d.canksru.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.60.182.80 16509 (AMAZON-02)
1 109.71.43.147 24768 (ALMOUROLTEC)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
15 3
Apex Domain
Subdomains
Transfer
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5123
122 KB
7 canksru.ru
xu69d.canksru.ru
115 KB
1 pt.
v6rtl.pzmcu.bvlamego.pt.
562 B
1 ticketmaster.com
links.engage.ticketmaster.com — Cisco Umbrella Rank: 121589
186 B
15 4
Domain Requested by
8 challenges.cloudflare.com 1 redirects xu69d.canksru.ru
challenges.cloudflare.com
v6rtl.pzmcu.bvlamego.pt.
7 xu69d.canksru.ru v6rtl.pzmcu.bvlamego.pt.
xu69d.canksru.ru
1 v6rtl.pzmcu.bvlamego.pt.
1 links.engage.ticketmaster.com 1 redirects
15 4

This site contains no links.

Subject Issuer Validity Valid
*.canksru.ru
GTS CA 1P5
2023-03-01 -
2023-05-30
3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3
2022-09-18 -
2023-09-17
a year crt.sh

This page contains 2 frames:

Primary Page: https://xu69d.canksru.ru/M.dgfuaxjvqhzzcc5jb20=
Frame ID: D8AFFCE499299E7C3C8A575730E33627
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/93jra/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 632676D54CF44FA37E220763F2FB0A8A
Requests: 6 HTTP requests in this frame

Screenshot

Page Title

Loading...

Page URL History Show full URLs

  1. http://links.engage.ticketmaster.com/ctt?m=9313380&r=ndiynzazodq4ndu3s0&b=0&j=mtcwmduyoda4oas2&k=link-0&kx=1&kt=1... HTTP 302
    http://v6rtl.pzmcu.bvlamego.pt./?yyy:// Page URL
  2. https://xu69d.canksru.ru/M.dgfuaxjvqhzzcc5jb20= Page URL

Page Statistics

15
Requests

87 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

238 kB
Transfer

525 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.engage.ticketmaster.com/ctt?m=9313380&r=ndiynzazodq4ndu3s0&b=0&j=mtcwmduyoda4oas2&k=link-0&kx=1&kt=1&kd=http%3a%2f%2fv6rtl.pzmcu.bvlamego.pt./?yyy%3a%2f%2f%23.dgfuaxjvqhzzcc5jb20= HTTP 302
    http://v6rtl.pzmcu.bvlamego.pt./?yyy:// Page URL
  2. https://xu69d.canksru.ru/M.dgfuaxjvqhzzcc5jb20= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://links.engage.ticketmaster.com/ctt?m=9313380&r=ndiynzazodq4ndu3s0&b=0&j=mtcwmduyoda4oas2&k=link-0&kx=1&kt=1&kd=http%3a%2f%2fv6rtl.pzmcu.bvlamego.pt./?yyy%3a%2f%2f%23.dgfuaxjvqhzzcc5jb20= HTTP 302
  • http://v6rtl.pzmcu.bvlamego.pt./?yyy://
Request Chain 3
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
v6rtl.pzmcu.bvlamego.pt./
Redirect Chain
  • http://links.engage.ticketmaster.com/ctt?m=9313380&r=ndiynzazodq4ndu3s0&b=0&j=mtcwmduyoda4oas2&k=link-0&kx=1&kt=1&kd=http%3a%2f%2fv6rtl.pzmcu.bvlamego.pt./?yyy%3a%2f%2f%23.dgfuaxjvqhzzcc5jb20=
  • http://v6rtl.pzmcu.bvlamego.pt./?yyy://
397 B
562 B
Document
General
Full URL
http://v6rtl.pzmcu.bvlamego.pt./?yyy://
Protocol
HTTP/1.1
Server
109.71.43.147 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT),
Reverse DNS
dourocom.pt
Software
nginx / PHP/7.4.33
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 31 Mar 2023 19:19:50 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.33
X-Scale
YXBvY2FzQGdpdGh1Yg==

Redirect headers

Connection
close
Content-Length
0
Date
Fri, 31 Mar 2023 19:19:50 GMT
Location
http://v6rtl.pzmcu.bvlamego.pt./?yyy://#.dgfuaxjvqhzzcc5jb20=
Server
Apache
Primary Request M.dgfuaxjvqhzzcc5jb20=
xu69d.canksru.ru/
7 KB
5 KB
Document
General
Full URL
https://xu69d.canksru.ru/M.dgfuaxjvqhzzcc5jb20=
Requested by
Host: v6rtl.pzmcu.bvlamego.pt.
URL: http://v6rtl.pzmcu.bvlamego.pt./?yyy://
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfda81c923b08dd9dd0bbf034b24375c8e7a1edfbed0fa9d4928f2403b474f29
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://v6rtl.pzmcu.bvlamego.pt./
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7b0af23d49f559e0-IAD
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 31 Mar 2023 19:19:50 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhBWCbnfFrg0%2FbroB7L73fqjhCCwHX60kQ2jWTajLDIWMO4NNvdQuWuPAa53Rp2DUdxAQlOgY7SMhYhtgLTN2YRUPJwaOCxUn24R2729Fuf%2BKilDg3r%2BJaW0%2BvjQQfwDEuUfWBEYe%2BJ%2Fw6eoSaI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
v1
xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/
149 KB
54 KB
Script
General
Full URL
https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7b0af23d49f559e0
Requested by
Host: xu69d.canksru.ru
URL: https://xu69d.canksru.ru/M.dgfuaxjvqhzzcc5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e575361c147ff02adb1ef6e86dbc944d67560445156603eb2096536dac19305

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://xu69d.canksru.ru/M.dgfuaxjvqhzzcc5jb20=?__cf_chl_rt_tk=yS1qyi4G44DYlJOtEBMmTNz8Q__QuOTFXTFQGwacSNc-1680290390-0-gaNycGzNC3s
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:19:50 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ful7rm8g8ceY0yLkojtRJuA5ZulJAitrZ4R9wSj7CZRSN55VpPbSQ%2BvI5dcG0VMi0XuKlQFOeO4g4OBrqchJnNHUfX9l1rQ3yRKChNLmEM1V0QEB%2Frgkr3IqeKPgNQwLzO0l5RKdECkkfpYLpgg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7b0af23dea5159e0-IAD
transparent.gif
xu69d.canksru.ru/cdn-cgi/images/trace/managed/js/
42 B
220 B
Image
General
Full URL
https://xu69d.canksru.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7b0af23d49f559e0
Requested by
Host: xu69d.canksru.ru
URL: https://xu69d.canksru.ru/M.dgfuaxjvqhzzcc5jb20=?__cf_chl_rt_tk=yS1qyi4G44DYlJOtEBMmTNz8Q__QuOTFXTFQGwacSNc-1680290390-0-gaNycGzNC3s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://xu69d.canksru.ru/M.dgfuaxjvqhzzcc5jb20=?__cf_chl_rt_tk=yS1qyi4G44DYlJOtEBMmTNz8Q__QuOTFXTFQGwacSNc-1680290390-0-gaNycGzNC3s
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:19:50 GMT
x-content-type-options
nosniff
last-modified
Tue, 21 Mar 2023 12:30:57 GMT
server
cloudflare
etag
"6419a381-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7b0af23dea5359e0-IAD
content-length
42
expires
Fri, 31 Mar 2023 21:19:50 GMT
api.js
challenges.cloudflare.com/turnstile/v0/b/c09a1a74/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit
14 KB
5 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: xu69d.canksru.ru
URL: https://xu69d.canksru.ru/M.dgfuaxjvqhzzcc5jb20=
Protocol
H2
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38065ca232356314bc86aad8e1b1ad253d7b20a16bc6387d01ab225c29e86490

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:19:50 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7b0af23ee8cfece2-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Fri, 31 Mar 2023 19:19:50 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control
max-age=300, public
cf-ray
7b0af23ea87fece2-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
77b9cad0ffd9b39
xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/536013292:1680289746:uSKWh0yJ3DI1j9-vH9pGdHy-u0YfqF-h7QhF0itMTXE/7b0af23d49f559e0/
87 KB
50 KB
XHR
General
Full URL
https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/536013292:1680289746:uSKWh0yJ3DI1j9-vH9pGdHy-u0YfqF-h7QhF0itMTXE/7b0af23d49f559e0/77b9cad0ffd9b39
Requested by
Host: xu69d.canksru.ru
URL: https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7b0af23d49f559e0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed9dd73e16034182e77d4a696e2a5efdbe91e1209a6b3fc513fcc42e098d84bd

Request headers

Referer
https://xu69d.canksru.ru/M.dgfuaxjvqhzzcc5jb20=
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
CF-Challenge
77b9cad0ffd9b39
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 31 Mar 2023 19:19:50 GMT
content-encoding
br
cf_chl_gen
piWQ2jtsQJ8jsGlMfhNH4Q4RIoPOSoXOINcYqQbPYoqxBm+IkU65bFjyGzaYV1QNcnnyeW7dLAwuBtWQhrIW9sh9tAl9HQGm25dD4kVHOPr62BXAIIjBs2wR3CDf4DOFE7yetxAXGmGNy6iMz47khrnLZDKorcG5+jNnJgYjy3XR+vEuGCbJhw5jsQfFzE3AHoNdMLLvlkwZv/PMH8RNtLok9O81+6IidqPhi1WO2T+mpJsZOtkRJifjseMdQ3BfRljA2KT8QkHISSsz6JupiXZ+Sz5o+OxAuQEi5mOj4tkx2nEbBLUxJzRjD0MsUw6oiY/gm3poSn8J4s0+OnKVmoHSLDPzmSyg929lIDukfZNDhfJns8wZjw5k2V9qzReG34j//S5CC3oPCFVxPj5Z14bijl501frdRcTP+AomuNmARioQVLRSY/R6LSogeqnd$/FwUZh5x8QrF9okKk7g7Tg==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3IKl0G4Vxq%2BXgIVkxySjE081guGLdZRUPZ0PAICKXXOXpfMU%2F4Lf3E5p1dJ7rfui2gPYTqYymkTAYl6w3S8NtVswXr5rLM4%2BDKN09Ciy%2Bdv8KgY85u9T%2BFa8VXLBXDFEVwhGDjVeXwDLuzq59bQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7b0af23f3b1b59e0-IAD
UaVciqxpdv3pjb1
xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/pat/7b0af23d49f559e0/1680290390930/31d967bf9123dea3e7a78fd73705b9088f48985bb0ce52a844cb2e1b79b4ea4e/
1 B
796 B
Fetch
General
Full URL
https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/pat/7b0af23d49f559e0/1680290390930/31d967bf9123dea3e7a78fd73705b9088f48985bb0ce52a844cb2e1b79b4ea4e/UaVciqxpdv3pjb1
Requested by
Host: v6rtl.pzmcu.bvlamego.pt.
URL: http://v6rtl.pzmcu.bvlamego.pt./?yyy://
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://xu69d.canksru.ru/M.dgfuaxjvqhzzcc5jb20=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:19:52 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gMdlnv5Ej3qPnp4_XNwW5CI9ImFuwzlKoRMsuG3m06k4AEHh1NjlkLmNhbmtzcnUucnU=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAosgoN3xmwny44x-b3uhcfXXPKHIjdLBDH6qWJkmK-lLNepJd9XkfZUhHXsrVh6dzzlG-78EYB_2by01p8nVTQ1aNZ_rL3t0CYrClRTJqD5u7jiZqQmXtLMdIwOgSVlmpZ3E1uQpAY1u0YJgfVayHdzwjAvVfouhmPwUEyFCjy6NTlUQvV2mZXUmXwwis17sQI6DlNu3UNK2tm5s-MaIjJKVibP1sHHMgJmKUJfYvLXb6URhUNpiRD8HP6LpCdEG6sk4ga7xzrhgd7WSq2Ty1NGCBzyiYx-pm2tWO-rSpSPj6Icm7PKNWIGdCoorskjZXZqEM9gHeOR1-RRaYu75E7wIDAQAB, max-age=20
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7b0af2473ff759e0-IAD
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3RtYGmJjL8V6ubOfVZHd0NmeGVQi0jNIu6GpC3gHHFpyRjHGGNIhL%2FWNRLYMjKyIq7jpui4ihlb4ceAHPdsOtfAKnT9H%2B9cXb72S3NiKhzhW%2BtkQRKeB7glRAlcKdDUnEMMWg7me5JntlapmwTk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
BPMOKLtf3wpJoL_
xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/img/7b0af23d49f559e0/1680290390933/
61 B
348 B
Image
General
Full URL
https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/img/7b0af23d49f559e0/1680290390933/BPMOKLtf3wpJoL_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ceb9feef041c1499676b7c08c8e195e608065089716e79330acc853b290346e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://xu69d.canksru.ru/M.dgfuaxjvqhzzcc5jb20=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:19:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7b0af24a6a3259e0-IAD
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMllpyQYiTb88%2F%2BhRODjaOAHZeXe7iz3JqnaJ%2FYMEUjy1sUmRS%2FoLJECldaJs4VW1%2BjMchK6Gbuyhe08bkd3Bf00jXma0U2td23IPxUqJAW3Kxk%2BfikMbPVVDcpNXkzh92WahGDLKDubQ5C%2Fhio%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
77b9cad0ffd9b39
xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/536013292:1680289746:uSKWh0yJ3DI1j9-vH9pGdHy-u0YfqF-h7QhF0itMTXE/7b0af23d49f559e0/
5 KB
4 KB
XHR
General
Full URL
https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/536013292:1680289746:uSKWh0yJ3DI1j9-vH9pGdHy-u0YfqF-h7QhF0itMTXE/7b0af23d49f559e0/77b9cad0ffd9b39
Requested by
Host: xu69d.canksru.ru
URL: https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7b0af23d49f559e0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e233deae0a2338191cbb51d79c43ebf0af77720cce027a64ab44a5638c164194

Request headers

Referer
https://xu69d.canksru.ru/M.dgfuaxjvqhzzcc5jb20=
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
CF-Challenge
77b9cad0ffd9b39
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 31 Mar 2023 19:19:52 GMT
content-encoding
br
cf_chl_gen
viBF0S/9ih05/9AaWlqW3ysZuJ+rDbB4/evpvuF3LN4qOznIpacZN1DZUTySYNRJ$cV31lU64B2dKhBkMJjofBQ==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbNRjotVX6OhQEcEx5NM9jWlQlcqts%2FYBIG353WE0HLRFJfMlz8wyr2b1QOMdQ0XgzC%2FM04NQUB0LFTHIDbSUgyIScJTTdnRBcRfqFiKY4OWSekvjzkwGeu%2F8qFIPPQxrKzpre1a5grRBm67lbg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7b0af24b7ae059e0-IAD
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/93jra/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 6326
21 KB
7 KB
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/93jra/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d2c22e11afbe4f4df83eb0459c3c0fec443ec36f826bf9876c99d72dcc761c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7b0af24c0fe733f1-YUL
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 31 Mar 2023 19:19:53 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 6326
151 KB
55 KB
Script
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7b0af24c0fe733f1
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/93jra/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11bb13d0cc619b855c12fa34c2cbc3f7fd656918614da6e0d2fc128c772da5db

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/93jra/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:19:53 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7b0af24debae33f1-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
d96a462a947d4ec
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1517381208:1680289586:CNSOnraPFe_-RfkSxPCeik52Cx8F8Q2FO6vlzcWdtuQ/7b0af24c0fe733f1/ Frame 6326
79 KB
46 KB
XHR
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1517381208:1680289586:CNSOnraPFe_-RfkSxPCeik52Cx8F8Q2FO6vlzcWdtuQ/7b0af24c0fe733f1/d96a462a947d4ec
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7b0af24c0fe733f1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c78da0bfa7ec727cfb4da1cb0b3f672bd43c7ad51f56c8b4f58c66e33759498

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/93jra/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
CF-Challenge
d96a462a947d4ec
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 31 Mar 2023 19:19:53 GMT
content-encoding
br
cf_chl_gen
6I/7cHpGDMDImPhd3UQc+0XJE03MI8wTk3L/oK0klpOAzwlAMMSvKZOW7IT9HGK9Y8Mm8nXOYf7zD4xiBfWhmYbje6p63oLPCfJhpR8Psro06jHMhROEpmi6hMrcOS/7DapRjD6fW0zppz3nLjqVHr4kXNP3P4Qm5vRI5w0ezwTVj68eB+NmNiXS3dm7Wco5mhVCf+sebIzsIdBXFNHY6bZd76Re7x7Uo7Q+BNv4cHIK3Avketgdh+SQ48qT9Q45Va4ORjq4EfGsxDy0mTCo2pblYggz5iNnTz5Hb2kabp4pE7Pes9fWUr3A3CsWoXSw7mnftUTrmt62/BMDOYK8k7URuCT4O8/3ndhXCZ+nyra0MsLrY42/trcSyEk8Kk3O5Z+5wzeABDfpYBlQMVtSMQ==$Y0/ZVq7YqP0M7xnlHDYTMQ==
server
cloudflare
cf-ray
7b0af24f0ddf33f1-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
N5GcQuXe46Mr3OU
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7b0af24c0fe733f1/1680290393461/5bf503c4a79db350f459b0bd7e17fabb585d456080801b21735104e5c5eda0f6/ Frame 6326
1 B
648 B
Fetch
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7b0af24c0fe733f1/1680290393461/5bf503c4a79db350f459b0bd7e17fabb585d456080801b21735104e5c5eda0f6/N5GcQuXe46Mr3OU
Requested by
Host: v6rtl.pzmcu.bvlamego.pt.
URL: http://v6rtl.pzmcu.bvlamego.pt./?yyy://
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/93jra/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:19:53 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gW_UDxKeds1D0WbC9fhf6u1hdRWCAgBshc1EE5cXtoPYAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAosgoN3xmwny44x-b3uhcfXXPKHIjdLBDH6qWJkmK-lLNepJd9XkfZUhHXsrVh6dzzlG-78EYB_2by01p8nVTQ1aNZ_rL3t0CYrClRTJqD5u7jiZqQmXtLMdIwOgSVlmpZ3E1uQpAY1u0YJgfVayHdzwjAvVfouhmPwUEyFCjy6NTlUQvV2mZXUmXwwis17sQI6DlNu3UNK2tm5s-MaIjJKVibP1sHHMgJmKUJfYvLXb6URhUNpiRD8HP6LpCdEG6sk4ga7xzrhgd7WSq2Ty1NGCBzyiYx-pm2tWO-rSpSPj6Icm7PKNWIGdCoorskjZXZqEM9gHeOR1-RRaYu75E7wIDAQAB, max-age=20
server
cloudflare
cf-ray
7b0af250c9c933f1-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
PUDmLtGGUft3E-w
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7b0af24c0fe733f1/1680290393468/ Frame 6326
61 B
166 B
Image
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7b0af24c0fe733f1/1680290393468/PUDmLtGGUft3E-w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84c6b1bf18d3b8869bb1a2e95b799fb81bddc999c18d1734fc850d0021f5acf5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/93jra/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 19:19:54 GMT
server
cloudflare
cf-ray
7b0af2580aa633f1-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
d96a462a947d4ec
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1517381208:1680289586:CNSOnraPFe_-RfkSxPCeik52Cx8F8Q2FO6vlzcWdtuQ/7b0af24c0fe733f1/ Frame 6326
11 KB
8 KB
XHR
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1517381208:1680289586:CNSOnraPFe_-RfkSxPCeik52Cx8F8Q2FO6vlzcWdtuQ/7b0af24c0fe733f1/d96a462a947d4ec
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7b0af24c0fe733f1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aa2921cc1b5d2453c1411596d4a67d8cebe20b34a62618036eb10e00a0458b6

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/93jra/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
CF-Challenge
d96a462a947d4ec
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 31 Mar 2023 19:19:55 GMT
content-encoding
br
cf_chl_gen
p9qH4OUbMJC7WjvKd40KI/9SM+HToYZ6HDPP+qccvsjkCOdVvf4qR9AFNCibeGJV$+Tj5zk1BBmjIEddLrAXrow==
server
cloudflare
cf-ray
7b0af2590ce633f1-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _cf_chl_opt function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| sendRequest function| _cf_chl_turnstile_l function| SHA256 function| __cf_md5 object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded object| _ undefined| _cf_gcr

0 Cookies

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://xu69d.canksru.ru/M.dgfuaxjvqhzzcc5jb20=
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/pat/7b0af23d49f559e0/1680290390930/31d967bf9123dea3e7a78fd73705b9088f48985bb0ce52a844cb2e1b79b4ea4e/UaVciqxpdv3pjb1
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7b0af24c0fe733f1/1680290393461/5bf503c4a79db350f459b0bd7e17fabb585d456080801b21735104e5c5eda0f6/N5GcQuXe46Mr3OU
Message:
Failed to load resource: the server responded with a status of 401 ()