urlscan.io logo urlscan.io
SecurityTrails logo

xu69d.canksru.ru Open in urlscan Pro
2606:4700:20::681a:66a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://links.engage.ticketmaster.com/ctt?m=9313380&r=ndiynzazodq4ndu3s0&b=0&j=mtcwmduyoda4oas2&k=link-0&kx=1&kt=1&kd=http%3a%2f%2f2nw...
Effective URL: https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==
Submission: On March 31 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 2606:4700:20::681a:66a, located in United States and belongs to CLOUDFLARENET, US. The main domain is xu69d.canksru.ru.
TLS certificate: Issued by GTS CA 1P5 on March 1st 2023. Valid for: 3 months.
This is the only time xu69d.canksru.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.60.182.80 16509 (AMAZON-02)
1 109.71.43.147 24768 (ALMOUROLTEC)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
15 3
Apex Domain
Subdomains		 Transfer
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5123
121 KB
7 canksru.ru
xu69d.canksru.ru
118 KB
1 pt.
2nwgg.kvu7l.bvlamego.pt.
562 B
1 ticketmaster.com
links.engage.ticketmaster.com — Cisco Umbrella Rank: 121589
194 B
15 4
Domain Requested by
8 challenges.cloudflare.com 1 redirects xu69d.canksru.ru
challenges.cloudflare.com
2nwgg.kvu7l.bvlamego.pt.
7 xu69d.canksru.ru 2nwgg.kvu7l.bvlamego.pt.
xu69d.canksru.ru
1 2nwgg.kvu7l.bvlamego.pt.
1 links.engage.ticketmaster.com 1 redirects
15 4

This site contains no links.

Subject Issuer Validity Valid
*.canksru.ru
GTS CA 1P5		 2023-03-01 -
2023-05-30		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==
Frame ID: 777852F740FDADC6545FF2E512516B1B
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/6rx8w/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 407E35F62B1252C664F8C4EDB82B3C85
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading...

Page URL History Show full URLs

  1. http://links.engage.ticketmaster.com/ctt?m=9313380&r=ndiynzazodq4ndu3s0&b=0&j=mtcwmduyoda4oas2&k=link-0&kx=1&kt=1... HTTP 302
    http://2nwgg.kvu7l.bvlamego.pt./?yyy:// Page URL
  2. https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq== Page URL

Page Statistics

15
Requests

87 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

239 kB
Transfer

543 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://links.engage.ticketmaster.com/ctt?m=9313380&r=ndiynzazodq4ndu3s0&b=0&j=mtcwmduyoda4oas2&k=link-0&kx=1&kt=1&kd=http%3a%2f%2f2nwgg.kvu7l.bvlamego.pt./?yyy%3a%2f%2f%23.yxjpdmvyyubtyxjjag9ulmnvbq== HTTP 302
    http://2nwgg.kvu7l.bvlamego.pt./?yyy:// Page URL
  2. https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://links.engage.ticketmaster.com/ctt?m=9313380&r=ndiynzazodq4ndu3s0&b=0&j=mtcwmduyoda4oas2&k=link-0&kx=1&kt=1&kd=http%3a%2f%2f2nwgg.kvu7l.bvlamego.pt./?yyy%3a%2f%2f%23.yxjpdmvyyubtyxjjag9ulmnvbq== HTTP 302
  • http://2nwgg.kvu7l.bvlamego.pt./?yyy://
Request Chain 3
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
2nwgg.kvu7l.bvlamego.pt./
Redirect Chain
  • http://links.engage.ticketmaster.com/ctt?m=9313380&r=ndiynzazodq4ndu3s0&b=0&j=mtcwmduyoda4oas2&k=link-0&kx=1&kt=1&kd=http%3a%2f%2f2nwgg.kvu7l.bvlamego.pt./?yyy%3a%2f%2f%23.yxjpdmvyyubtyxjjag9ulmnvbq==
  • http://2nwgg.kvu7l.bvlamego.pt./?yyy://
397 B
562 B 		Document
General
Check archive.org
Download Go to
Full URL
http://2nwgg.kvu7l.bvlamego.pt./?yyy://
Protocol
HTTP/1.1
Server
109.71.43.147 Lisbon, Portugal, ASN24768 (ALMOUROLTEC, PT),
Reverse DNS
dourocom.pt
Software
nginx / PHP/7.4.33
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 31 Mar 2023 20:33:39 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.33
X-Scale
YXBvY2FzQGdpdGh1Yg==

Redirect headers

Connection
close
Content-Length
0
Date
Fri, 31 Mar 2023 20:33:39 GMT
Location
http://2nwgg.kvu7l.bvlamego.pt./?yyy://#.yxjpdmvyyubtyxjjag9ulmnvbq==
Server
Apache
Primary Request M.yxjpdmvyyubtyxjjag9ulmnvbq==
xu69d.canksru.ru/ 		8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==
Requested by
Host: 2nwgg.kvu7l.bvlamego.pt.
URL: http://2nwgg.kvu7l.bvlamego.pt./?yyy://
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c531a94c32b2a695cbc867e97beb2ee5c4ac5b0bcde6c4b83075c57fc7efeac5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://2nwgg.kvu7l.bvlamego.pt./
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7b0b5e5dbf035a10-IAD
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 31 Mar 2023 20:33:39 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Soxtqc0z2M05m6H9KiJs8gTc4YklkJXyTx%2BcnltEHfWNnAJiVhs8CWD%2B3K93m6%2BHeibob9YTR2AyjDpCSVs2BpXVL5H%2FbaNgsyTQxEMOtHy42UyKp81tb191uN6yxuqM%2FYxkkIefwn%2Fxv27%2BSXs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
v1
xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ 		151 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7b0b5e5dbf035a10
Requested by
Host: xu69d.canksru.ru
URL: https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1e728447a392a96929c9e7cec3b9d29f9c7e4133400a823f312acabc48957f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==?__cf_chl_rt_tk=luB6bgtXmSUuEABb.EJPAeBGWpEH2COJUyu.ItvrUDY-1680294819-0-gaNycGzNC5A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:33:39 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfOt0fm34zU6OroKQqGi3M%2BeaRkdh7%2F1k4boItmi5GVGhASZWf%2Fld44cVgxglFHCbUtd%2BYwSs3rRH4m%2FQsfYtD3OsUdP8r0de61YNygLY3T5uYWY%2FKF%2Bt%2FmA3M%2F0fOgd08R7OR9VwkrJHAU14P4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7b0b5e5f789d5a10-IAD
transparent.gif
xu69d.canksru.ru/cdn-cgi/images/trace/managed/js/ 		42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xu69d.canksru.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7b0b5e5dbf035a10
Requested by
Host: xu69d.canksru.ru
URL: https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==?__cf_chl_rt_tk=luB6bgtXmSUuEABb.EJPAeBGWpEH2COJUyu.ItvrUDY-1680294819-0-gaNycGzNC5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==?__cf_chl_rt_tk=luB6bgtXmSUuEABb.EJPAeBGWpEH2COJUyu.ItvrUDY-1680294819-0-gaNycGzNC5A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:33:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 21 Mar 2023 12:30:57 GMT
server
cloudflare
etag
"6419a381-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7b0b5e5f78a05a10-IAD
content-length
42
expires
Fri, 31 Mar 2023 22:33:39 GMT
api.js
challenges.cloudflare.com/turnstile/v0/b/c09a1a74/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit
14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: xu69d.canksru.ru
URL: https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==
Protocol
H2
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38065ca232356314bc86aad8e1b1ad253d7b20a16bc6387d01ab225c29e86490

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:33:39 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7b0b5e6049df4bcb-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Fri, 31 Mar 2023 20:33:39 GMT
server
cloudflare
vary
accept-encoding
location
/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7b0b5e60299e4bcb-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
a3e4945ea2f2650
xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1115586121:1680293394:TV_RPcpmkByPMY3ExBFwnltn-VExi64N5YzSmImsdWQ/7b0b5e5dbf035a10/ 		97 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1115586121:1680293394:TV_RPcpmkByPMY3ExBFwnltn-VExi64N5YzSmImsdWQ/7b0b5e5dbf035a10/a3e4945ea2f2650
Requested by
Host: xu69d.canksru.ru
URL: https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7b0b5e5dbf035a10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9692629f93c3e29415c8ea458e62350f3498c56c1b2be2529cbe7e0d79af33f4

Request headers

Referer
https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
CF-Challenge
a3e4945ea2f2650
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 31 Mar 2023 20:33:39 GMT
content-encoding
br
cf_chl_gen
Jk1KefdLn/X0R5F+mtMlxw3MkAvlS8TLJEPRxjwkPSQaN8kGlx3bJfV3vHnEz8nUrP8a2U09v/NbB27PnlLkfAybHNFC/5OG5mq3jvzs2mlywD6bbP8ictmp7Vg1YHoiWZAsquv95gsHNsr+QYLfeFDvwTHPD/XhR34XsvUpjObRQY9vQ4MdUVSDmJukLUONRtHwRqmKdTdu2HRxFB02QMhmTxO0Ct1/tL0n//lTd8WXIqEySqt8Ora2LG2MKTL7YLM6LNopH1XfBo4ZWtXAfpxRLLNNex3PZWEBfm1h98iyhgnom8e5KPor39XWtZXT/z1UNe8FL50lD42fe2D/lgg2kunZ5Y6m/DB84YXSZQ33Bv28QntyialzpBbV0I3b$zErd7E6d2kkHWORzLmR0ng==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBG9dapHyCcIy9Gr%2BnSFPF%2B3MQdlONDOwtbTyK%2FgWZgtVjnpLwWYaFCzaM6k4dWUc8tklQye6EMRWT8mFmSEdfDxxNqPDsYgk1Y%2BK3bJYuXy%2B6We3OrTv2%2B4%2BB%2FzWz3Q2Ka1%2BAkIw%2BgMXzpzcKc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7b0b5e60b9b45a10-IAD
vtotG1Dxy37RKFG
xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/pat/7b0b5e5dbf035a10/1680294819962/01da156926a6366328bcb6586505383be33068761d628b8abbd9cc0f6adcc844/ 		1 B
796 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/pat/7b0b5e5dbf035a10/1680294819962/01da156926a6366328bcb6586505383be33068761d628b8abbd9cc0f6adcc844/vtotG1Dxy37RKFG
Requested by
Host: 2nwgg.kvu7l.bvlamego.pt.
URL: http://2nwgg.kvu7l.bvlamego.pt./?yyy://
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:33:40 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gAdoVaSamNmMovLZYZQU4O-MwaHYdYouKu9nMD2rcyEQAEHh1NjlkLmNhbmtzcnUucnU=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAosgoN3xmwny44x-b3uhcfXXPKHIjdLBDH6qWJkmK-lLNepJd9XkfZUhHXsrVh6dzzlG-78EYB_2by01p8nVTQ1aNZ_rL3t0CYrClRTJqD5u7jiZqQmXtLMdIwOgSVlmpZ3E1uQpAY1u0YJgfVayHdzwjAvVfouhmPwUEyFCjy6NTlUQvV2mZXUmXwwis17sQI6DlNu3UNK2tm5s-MaIjJKVibP1sHHMgJmKUJfYvLXb6URhUNpiRD8HP6LpCdEG6sk4ga7xzrhgd7WSq2Ty1NGCBzyiYx-pm2tWO-rSpSPj6Icm7PKNWIGdCoorskjZXZqEM9gHeOR1-RRaYu75E7wIDAQAB, max-age=20
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7b0b5e642ca45a10-IAD
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McZuAc9pxankrWBpWQh2h2n51jFmCTBdfR5Gr74tnw8UJ8XmbllKdbyM%2F7ue6k%2BhydKKDSyM6uvEdXjtQYX3oRCiZahJYdf3GoFw8RSyVA7QkWfJk0PyPrCpbaAxtTG7hl551V4f4YDT%2FDxxv0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
XkzGM1XUXrGBWAl
xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/img/7b0b5e5dbf035a10/1680294819964/ 		61 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/img/7b0b5e5dbf035a10/1680294819964/XkzGM1XUXrGBWAl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7de6f57f48c47d0b64c8d3b865b3640be50a1b1b631bab635655a59755992bcc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:33:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7b0b5e648cf05a10-IAD
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDYY7YBZTX1QtN9mvPRbQtVmWp2R%2FN5SeSaz5%2Baok5%2Fvd%2FuF%2Fy3Ff36Xv%2FDU7%2FJe4M4OF7nA%2FBIIqPCAOh1p4kXnq86FS8WBF%2BLbpXd2B9rFPhBEdJJixiIsRSWfrOMaHtzfGxOy13x0riRIg5w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
a3e4945ea2f2650
xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1115586121:1680293394:TV_RPcpmkByPMY3ExBFwnltn-VExi64N5YzSmImsdWQ/7b0b5e5dbf035a10/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1115586121:1680293394:TV_RPcpmkByPMY3ExBFwnltn-VExi64N5YzSmImsdWQ/7b0b5e5dbf035a10/a3e4945ea2f2650
Requested by
Host: xu69d.canksru.ru
URL: https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7b0b5e5dbf035a10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72ddab4f82e7f93c5e6a82a8e48307dd9c0d88f44831f310128f1cce8d3758d

Request headers

Referer
https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
CF-Challenge
a3e4945ea2f2650
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 31 Mar 2023 20:33:41 GMT
content-encoding
br
cf_chl_gen
GmpniAXKzPU2fli5fdkCugPfVJi3de2+vyH5eYO7XtDTLF2+dx2cesCxMe+dbrsp$gL6s++8dxzkDQIOQbM8rZw==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrqRP6Qt4cwSZMxvdYEuXg9d7dxQZc30ZQmGv%2FIjFgzvks1KVRK%2BFMmIlkVdHTEfL6Ww00vlvbGwLUuCdL3l0pA%2FuYsoJFCfeYgSCZ2q6CkFZND%2FFazLRIaLKqvP1NDnaE9M7VUQ4dSdgElVJXU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7b0b5e68f85e5a10-IAD
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/6rx8w/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 407E 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/6rx8w/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
973a7381b206fb74b2716da28341e33869cd89b92e7d74302b1f9bd640b0f61a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7b0b5e69adec33f1-YUL
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 31 Mar 2023 20:33:41 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 407E 		154 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7b0b5e69adec33f1
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/6rx8w/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df4e896696c1c1ba8e40b0efb816d283442ddb737afee98e8b63e9436721e93c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/6rx8w/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:33:41 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7b0b5e6a8f7933f1-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
5c2529326272157
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1408874880:1680293209:EBcRZtwPKO0hYmtgKXsQYDjEHu6Edbrv_eonWpKN7uU/7b0b5e69adec33f1/ Frame 407E 		82 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1408874880:1680293209:EBcRZtwPKO0hYmtgKXsQYDjEHu6Edbrv_eonWpKN7uU/7b0b5e69adec33f1/5c2529326272157
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7b0b5e69adec33f1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
553ebbb254f0a25a9ece5bed9310cbf21886688d1bdb70e5d02e16c64ae0be86

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/6rx8w/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
CF-Challenge
5c2529326272157
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 31 Mar 2023 20:33:41 GMT
content-encoding
br
cf_chl_gen
fDR1AXCeaydeP+19zV35BCZo46b3x/b6/V7XJc66Rt4KqaznD7RQuSDntk/etdg9yA/6LfOZYk/NdHo0JImOGx5nAETJOpf42wRwYm48jsz8oCMWci94LGvgPhTktAPBIqKVVwpKtir4V1Dc5SDltBirCmpb17RpeoFjL1M2YuhDzB773TQEFEBn5qX2VhqAHVw1EB3f3cX1uX13qrfzgKT6LXQxaD8ESc2zDhpCOHMw9xktlbx8khz5URfdgSxTi7kkSLk9yY2heYTj5tYiO9mDPznTm8pUuAAvdFshEJhhFkb9NZuWeAtW8WdEQQohY+t+uH8YlvgH7XDkK8iwOgj+iGqsndVcuN7wmj/DZX1dK0EDkPMOJ3AeEy48eWkZNyDc5aAywWQpslbEKIZ1Iw==$uhyQyCXbUHFBBCDuyk40Bw==
server
cloudflare
cf-ray
7b0b5e6bc9dd33f1-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
z586phqGFjNv7CU
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7b0b5e69adec33f1/1680294821748/f2032ab96b0c188372f9b78f1902974881eed69fc6611dbf1deb9087663aeafa/ Frame 407E 		1 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7b0b5e69adec33f1/1680294821748/f2032ab96b0c188372f9b78f1902974881eed69fc6611dbf1deb9087663aeafa/z586phqGFjNv7CU
Requested by
Host: 2nwgg.kvu7l.bvlamego.pt.
URL: http://2nwgg.kvu7l.bvlamego.pt./?yyy://
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/6rx8w/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:33:43 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g8gMquWsMGINy-bePGQKXSIHu1p_GYR2_HeuQh2Y66voAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAosgoN3xmwny44x-b3uhcfXXPKHIjdLBDH6qWJkmK-lLNepJd9XkfZUhHXsrVh6dzzlG-78EYB_2by01p8nVTQ1aNZ_rL3t0CYrClRTJqD5u7jiZqQmXtLMdIwOgSVlmpZ3E1uQpAY1u0YJgfVayHdzwjAvVfouhmPwUEyFCjy6NTlUQvV2mZXUmXwwis17sQI6DlNu3UNK2tm5s-MaIjJKVibP1sHHMgJmKUJfYvLXb6URhUNpiRD8HP6LpCdEG6sk4ga7xzrhgd7WSq2Ty1NGCBzyiYx-pm2tWO-rSpSPj6Icm7PKNWIGdCoorskjZXZqEM9gHeOR1-RRaYu75E7wIDAQAB, max-age=20
server
cloudflare
cf-ray
7b0b5e767fdd33f1-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
K4J08s7GtPF2NII
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7b0b5e69adec33f1/1680294821750/ Frame 407E 		61 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7b0b5e69adec33f1/1680294821750/K4J08s7GtPF2NII
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a1419e320d0b4c72a986ec4a3c8889c8ffbc9c037a9805cc9e19466ff72e944

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/6rx8w/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 20:33:43 GMT
server
cloudflare
cf-ray
7b0b5e76b82e33f1-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
5c2529326272157
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1408874880:1680293209:EBcRZtwPKO0hYmtgKXsQYDjEHu6Edbrv_eonWpKN7uU/7b0b5e69adec33f1/ Frame 407E 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1408874880:1680293209:EBcRZtwPKO0hYmtgKXsQYDjEHu6Edbrv_eonWpKN7uU/7b0b5e69adec33f1/5c2529326272157
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7b0b5e69adec33f1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6738160d334f62adb0dcfe5453ef218c9a4e7bf55d1e59428888d5af520219e1

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/6rx8w/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
CF-Challenge
5c2529326272157
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 31 Mar 2023 20:33:43 GMT
content-encoding
br
cf_chl_gen
UTkZgqvhhgwKhgIF6/gklcf8gwg2jPKOd6NKuUqH1WhYNmYxlxUyQNXUp4jEy0Sz$NOCVTOMPf7RU2TfEj6Pm0Q==
server
cloudflare
cf-ray
7b0b5e77899d33f1-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _cf_chl_opt function| sendRequest function| __cf_md5 function| SHA256 function| _cf_chl_turnstile_l function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded object| _

0 Cookies

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://xu69d.canksru.ru/M.yxjpdmvyyubtyxjjag9ulmnvbq==
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://xu69d.canksru.ru/cdn-cgi/challenge-platform/h/b/pat/7b0b5e5dbf035a10/1680294819962/01da156926a6366328bcb6586505383be33068761d628b8abbd9cc0f6adcc844/vtotG1Dxy37RKFG
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7b0b5e69adec33f1/1680294821748/f2032ab96b0c188372f9b78f1902974881eed69fc6611dbf1deb9087663aeafa/z586phqGFjNv7CU
Message:
Failed to load resource: the server responded with a status of 401 ()