ct8hs.canksru.ru Open in urlscan Pro
2606:4700:20::681a:66a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wtqvxy9ui0kw.agenciasagar.com.br/
Effective URL:
https://ct8hs.canksru.ru/Mundefined
Submission: On March 15 via manual (March 15th 2023, 5:17:37 pm UTC) from US — Scanned from CA

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 2606:4700:20::681a:66a, located in United States and belongs to CLOUDFLARENET, US. The main domain is ct8hs.canksru.ru.
TLS certificate: Issued by GTS CA 1P5 on March 1st 2023. Valid for: 3 months.

This is the only time ct8hs.canksru.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.152.168.17 104.152.168.17	63068 (CROCWEB) (CROCWEB)
7	2606:4700:20:... 2606:4700:20::681a:66a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2606:4700::68... 2606:4700::6812:7b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	3

1 104.152.168.17 (Canada)

ASN63068 (CROCWEB, CA)
PTR: server17.hostwhitelabel.com

wtqvxy9ui0kw.agenciasagar.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:66a (United States)

ASN13335 (CLOUDFLARENET, US)

ct8hs.canksru.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:7b9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 5237	126 KB
7	canksru.ru ct8hs.canksru.ru	127 KB
1	agenciasagar.com.br wtqvxy9ui0kw.agenciasagar.com.br	594 B
15	3

	Domain	Requested by
8	challenges.cloudflare.com	1 redirects ct8hs.canksru.ru challenges.cloudflare.com wtqvxy9ui0kw.agenciasagar.com.br
7	ct8hs.canksru.ru	wtqvxy9ui0kw.agenciasagar.com.br ct8hs.canksru.ru
1	wtqvxy9ui0kw.agenciasagar.com.br
15	3

This site contains no links.

Subject Issuer	Validity	Valid
*.canksru.ru GTS CA 1P5	`2023-03-01` - `2023-05-30`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://ct8hs.canksru.ru/Mundefined
Frame ID: 894CF6701A5BD92C91370B3E89BDE4F1
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/8r3c2/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 227D2864B88C305437447CEA5DD77FAE
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loading...

Page URL History Show full URLs

http://wtqvxy9ui0kw.agenciasagar.com.br/ Page URL
https://ct8hs.canksru.ru/Mundefined Page URL

Page Statistics

15
Requests

87 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

253 kB
Transfer

577 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wtqvxy9ui0kw.agenciasagar.com.br/ Page URL
https://ct8hs.canksru.ru/Mundefined Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
https://challenges.cloudflare.com/turnstile/v0/b/78289926/api.js?onload=_cf_chl_turnstile_l&render=explicit

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
wtqvxy9ui0kw.agenciasagar.com.br/ 582 B
594 B 345ms
101ms Document
text/html 104.152.168.17
CROCWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://wtqvxy9ui0kw.agenciasagar.com.br/
Protocol: HTTP/1.1
Server: 104.152.168.17 , Canada, ASN63068 (CROCWEB, CA),
Reverse DNS: server17.hostwhitelabel.com
Software: LiteSpeed / PHP/7.4.33
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-encoding: gzip
content-length: 329
content-type: text/html; charset=UTF-8
date: Wed, 15 Mar 2023 17:17:33 GMT
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 403 Primary Request Mundefined Show response
ct8hs.canksru.ru/ 7 KB
5 KB 126ms
50ms Document
text/html 2606:4700:20::681a:66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ct8hs.canksru.ru/Mundefined

Requested by

Host: wtqvxy9ui0kw.agenciasagar.com.br
URL: http://wtqvxy9ui0kw.agenciasagar.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93d7c17dfdfa310746aa0f50df56cbeef60bdbce6db9136f32f150454bad2f2a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://wtqvxy9ui0kw.agenciasagar.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7a86690f9e7e05bb-IAD
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Wed, 15 Mar 2023 17:17:31 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2B2ETpwFc1YjCLKBISUQeYPFEyGmehqFHYCkyqomABhATna4%2B7guZ%2BN7tyvlzBNG8xvLYLzulBUe2Kd8eAVSWnhEgw0H5SdmdihAozE1hLOvg%2BeGr1cp2IQI%2FKRKXWE3y4PJB8b0k7jE4tgRugo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 v1 Show response
ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ 146 KB
53 KB 45ms
44ms Script
application/javascript 2606:4700:20::681a:66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7a86690f9e7e05bb
Requested by: Host: ct8hs.canksru.ru
URL: https://ct8hs.canksru.ru/Mundefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d467553a410d5781d4797e38c8304960f241bb8072b8ce4c568c8cbdf38b3e73

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ct8hs.canksru.ru/Mundefined?__cf_chl_rt_tk=.v4n6Ev_mfbbaTh6aD5L.2_uDuDasE2bzVPGH7GJEko-1678900651-0-gaNycGzNChA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 17:17:31 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=duBBR2v%2FdSrG5ONbKmn6h4rentHbyAUITGA1XTMfhis8h0C82LJ6Cdqrl%2BwQElUtCXqUxYr%2FhiPXf4r8k%2FSNHCzIRviqDzywdxCU0WJzZmJ7D60UvfMujDYlo4bcVNwHM9ErXHn3dAVJgm04AD8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 7a8669105f3205bb-IAD

GET
H2 200 transparent.gif
ct8hs.canksru.ru/cdn-cgi/images/trace/managed/js/ 42 B
219 B 32ms
32ms Image
image/gif 2606:4700:20::681a:66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct8hs.canksru.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7a86690f9e7e05bb

Requested by

Host: ct8hs.canksru.ru
URL: https://ct8hs.canksru.ru/Mundefined?__cf_chl_rt_tk=.v4n6Ev_mfbbaTh6aD5L.2_uDuDasE2bzVPGH7GJEko-1678900651-0-gaNycGzNChA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ct8hs.canksru.ru/Mundefined?__cf_chl_rt_tk=.v4n6Ev_mfbbaTh6aD5L.2_uDuDasE2bzVPGH7GJEko-1678900651-0-gaNycGzNChA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 17:17:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 22:56:11 GMT
server: cloudflare
etag: "6407c10b-2a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 7a8669105f3405bb-IAD
content-length: 42
expires: Wed, 15 Mar 2023 19:17:31 GMT

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/b/78289926/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
https://challenges.cloudflare.com/turnstile/v0/b/78289926/api.js?onload=_cf_chl_turnstile_l&render=explicit

14 KB
5 KB

34ms
34ms

Script
application/javascript

2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/78289926/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by: Host: ct8hs.canksru.ru
URL: https://ct8hs.canksru.ru/Mundefined
Protocol: H2
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3987d36c0215af10ae03c644e5d8cb500b98e238e2be5cd06002287e198dab70

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 17:17:31 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7a8669113c5c4bb9-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Wed, 15 Mar 2023 17:17:31 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /turnstile/v0/b/78289926/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control: max-age=300, public
cf-ray: 7a8669111c2c4bb9-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 9fb1a9a1f74b522 Show response
ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/858221323:1678897952:8ltAXX5dC7BL5vdrbOTt87xE3e6XRpmc-8L53pSARnU/7a86690f9e7e05bb/ 123 KB
63 KB 105ms
104ms XHR
text/plain 2606:4700:20::681a:66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/858221323:1678897952:8ltAXX5dC7BL5vdrbOTt87xE3e6XRpmc-8L53pSARnU/7a86690f9e7e05bb/9fb1a9a1f74b522
Requested by: Host: ct8hs.canksru.ru
URL: https://ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7a86690f9e7e05bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ae5ee3bbe4397bff07bdf6eb6a296ef1d1e81510551ee399c2fcc4a06a628de

Request headers

Referer: https://ct8hs.canksru.ru/Mundefined
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: 9fb1a9a1f74b522
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Mar 2023 17:17:31 GMT
content-encoding: br
cf_chl_gen: 1uT9eohTpsZ8gr+KRr2LRPJoE1Zg2P6V7H+CfG3H0iuG2Aw+SD6RYd1UPQ5xgCP0zNmZk+3n1UmYWFvp2nminOLm9xCdKaKVRwa0ACBhBr36/GuFuOBrfMpEx5js2U8m3IyurDiedIFGQnhF+vX00BjgTf+EnQn1m6/ai8z+9fXnUT0Rbg8C02+I6czxMh3445IaAgQ0Bqau9eSxgjHlf4Ac3iIfyL4aLw1WoAoaH5WBVv5wyv7B4whiDh5RQcg0zX99RMFCPARo500Zc75wxvBKNvNrKmmJTN9qXj0p4/YZm3eg+AUSvfVhkaX4PEjMOnhKqTsnnuPbWzP0eYWRoS9EcbdAxGhYY0rlYkIC9aI8eJ4l6RcCIAp1hT9PM4C3oZ00JI2D8f59GsUmou6ZidLlWKeT3rDdSj3GoZy+6M36KoGGPxb35VXvLOovRIuK$+kPv1F5n4q7MP+WknZkjeg==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgBRutX7Uo4inz73yuZQzxf1Hm2%2F9ahonvFb6HyatOV8EKeDVfz%2BH%2Booj0YbDi1v6JBnd%2FKhh%2BIpnoXhmpIal%2FhyT0MPdvprdqyhmacVj6oorKWSRvmfE9liidpai4z6zLG7qkpkDqNrdkXRgTI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7a86691198ef05bb-IAD

GET
H2 401 49Y4SSRF0E9CeqW Show response
ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/b/pat/7a86690f9e7e05bb/1678900651790/45eae4d5208dd4f1c3b759fb4ff10ac83d37295b346759fd272316ec81ee0396/ 1 B
802 B 43ms
42ms Fetch
text/plain 2606:4700:20::681a:66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/b/pat/7a86690f9e7e05bb/1678900651790/45eae4d5208dd4f1c3b759fb4ff10ac83d37295b346759fd272316ec81ee0396/49Y4SSRF0E9CeqW
Requested by: Host: wtqvxy9ui0kw.agenciasagar.com.br
URL: http://wtqvxy9ui0kw.agenciasagar.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ct8hs.canksru.ru/Mundefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 17:17:32 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gRerk1SCN1PHDt1n7T_EKyD03KVs0Z1n9JyMW7IHuA5YAEGN0OGhzLmNhbmtzcnUucnU=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtK0fk8UgMasGK5V3T5wY7a3bUfa1Tk6cfuSReEDBgmTTk9fqUKZ-Ggt5F9FJ1uwqd0HYxixLl_RWXjBIvYJnQjOCdgocx_dtJX0HUsbnXCfqiYpIeSJFIKo1OEB2qE6Mo-yf5bNei97DT30-L3tp35JZNiva27hJ33lDc2DpBThSZJkQZOEUC0eIGteS9GpzKKOgBXDnY5uLmewDUWxRf75KVl_4xp4DYxyd6UHynCTcPH5J0UDGeGdnEK-l2On9Kao1M5xzKjKwaqHnc1XEcYw_43MSrFs8wlezfFYJE7k6y2acgGfGHmI9KKCy8EuyXzknUdo8saMec8jSdaf0rQIDAQAB, max-age=20
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a8669131ae405bb-IAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pAxgF3w%2BVL4IjR2kjluiS50juALc3Go1SPwYZLNYfG8xFzoXfsXDUPWs%2FyU6OMGb0pqFMr8CMpyLv7ov353PjtbCl6SHEX4DK%2Bn%2BuW%2BrKE%2FX3KDpFpxcpviQUUn%2FC7lN%2Bq3T6uQrK9cV%2FJ0T3nM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 wOdlL2Ozj07_TyW
ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/b/img/7a86690f9e7e05bb/1678900651796/ 61 B
350 B 46ms
45ms Image
image/png 2606:4700:20::681a:66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/b/img/7a86690f9e7e05bb/1678900651796/wOdlL2Ozj07_TyW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4a0913ea74f774af812a1f4a4ab09436bb77f457b82cd0c35d55484e2bc26bb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://ct8hs.canksru.ru/Mundefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 17:17:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a8669136b6705bb-IAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fI%2BJWlLkeb1y%2FEuS5gKAN9CaakrU55j07cyR5dpwMQOx%2B88Y%2BTGr4tgHcgmf0RzJkQx%2F875DDSKAd6wZqX7%2FqvsyYrpVnXJ6FgSxev%2BMgpkWf7HP8ejYmUbgXVJQup3B082ZnDYqtL0TwiqQiEM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png

POST
H2 200 9fb1a9a1f74b522 Show response
ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/858221323:1678897952:8ltAXX5dC7BL5vdrbOTt87xE3e6XRpmc-8L53pSARnU/7a86690f9e7e05bb/ 5 KB
4 KB 145ms
90ms XHR
text/plain 2606:4700:20::681a:66a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/858221323:1678897952:8ltAXX5dC7BL5vdrbOTt87xE3e6XRpmc-8L53pSARnU/7a86690f9e7e05bb/9fb1a9a1f74b522
Requested by: Host: ct8hs.canksru.ru
URL: https://ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7a86690f9e7e05bb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:66a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffe02ee279f3acbb47a6bd179fc207b4c19ef951f6771c5de40d2cbbf7e08acf

Request headers

Referer: https://ct8hs.canksru.ru/Mundefined
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: 9fb1a9a1f74b522
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Mar 2023 17:17:33 GMT
content-encoding: br
cf_chl_gen: hyA7FNQhdpT2RoE4hjNF9Q8xuiG9AcFEE7YHGQ+eSCmX1HAIGvMLOk/8/NCF3ngR$zxLYeWDZ20wWeWoSX18pvA==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4iBN2SGm6zBtuay6hnJvQ0dq3vXMbLGo2DAfCGm88QAZveDxF9Pf2M%2B6JUiVrZwBOQbIH5ST7YDrVOAT2KlWY%2BqutNWuf8AY3FV4qcFcRtwfjK5LcD%2FNE6r3Zpi70vEMRQw6GIMALUdE%2FNoOn28%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7a86691e795005bb-IAD

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/8r3c2/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 227D 21 KB
7 KB 92ms
66ms Document
text/html 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/8r3c2/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a58430e0fa15e88039a4b4f77c63700edf333ac20b412333e4233591ceaf439

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7a86691f5e5cca67-YUL
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 17:17:33 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 227D 152 KB
55 KB 27ms
26ms Script
application/javascript 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7a86691f5e5cca67
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/8r3c2/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e37055522191511f3ea290215c1af703825edfaa52b0d6381ba89ff51fae24d0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/8r3c2/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 17:17:34 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7a866921586eca67-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

POST
H3 200 b04631335f929fb Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/338435758:1678899867:0C91hXXw98UCg6L_3hiAK9JxOKdt2EoCTcUPMV1kZQM/7a86691f5e5cca67/ Frame 227D 97 KB
49 KB 122ms
121ms XHR
text/plain 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/338435758:1678899867:0C91hXXw98UCg6L_3hiAK9JxOKdt2EoCTcUPMV1kZQM/7a86691f5e5cca67/b04631335f929fb
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7a86691f5e5cca67
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8081dbf1d707fffcfd5087656ce5b33026e1304eb8d34ef9b2838f8819a6c485

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/8r3c2/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: b04631335f929fb
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Mar 2023 17:17:34 GMT
content-encoding: br
cf_chl_gen: 73nCtTuWhxuapmsZqhxwk3bQKTs5RqrfYMFPL8KAu8IPFmFM0Cw8AZVgdD9jXL8yMpGUrKZVpXSYjqGan5d89cX741wJKS0pssCwQcTdQ00oLDLTaFnglZ6KungpaTWItL1MnczVuOBUoVnVrKirUJtkEMeRM0N1h5n21VeBbC/DDKo72S+uKLgNptdakaF9wL+/nXGXS4QXmiVIpEJ7I44la6x3Xp8shsMguBASv4F7iGGbuhPqQN8qewZH2XT9wsoyDbqesdFKdG1ieqv7mqmWdaRFcAbqQiq0fWB8r/9jt4I0kCVjo0wEDm/5Lkt0JMarMgOU+lOiINkLsRU8PVdKVFfY5/GiH+ge5RAkUAA/s57iq5xCy3xN0L+TGnuR$9CUk9fmRe0fI4QRkGFv70Q==
server: cloudflare
cf-ray: 7a866922ca10ca67-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 401 lsV90O_BVodEg5T Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7a86691f5e5cca67/1678900654543/fda9c12dfa4d150c40c6a7996ba66906039321fec0e05805bd2dce54ad73eb56/ Frame 227D 1 B
647 B 23ms
23ms Fetch
text/plain 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7a86691f5e5cca67/1678900654543/fda9c12dfa4d150c40c6a7996ba66906039321fec0e05805bd2dce54ad73eb56/lsV90O_BVodEg5T
Requested by: Host: wtqvxy9ui0kw.agenciasagar.com.br
URL: http://wtqvxy9ui0kw.agenciasagar.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/8r3c2/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 17:17:34 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g_anBLfpNFQxAxqeZa6ZpBgOTIf7A4FgFvS3OVK1z61YAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtK0fk8UgMasGK5V3T5wY7a3bUfa1Tk6cfuSReEDBgmTTk9fqUKZ-Ggt5F9FJ1uwqd0HYxixLl_RWXjBIvYJnQjOCdgocx_dtJX0HUsbnXCfqiYpIeSJFIKo1OEB2qE6Mo-yf5bNei97DT30-L3tp35JZNiva27hJ33lDc2DpBThSZJkQZOEUC0eIGteS9GpzKKOgBXDnY5uLmewDUWxRf75KVl_4xp4DYxyd6UHynCTcPH5J0UDGeGdnEK-l2On9Kao1M5xzKjKwaqHnc1XEcYw_43MSrFs8wlezfFYJE7k6y2acgGfGHmI9KKCy8EuyXzknUdo8saMec8jSdaf0rQIDAQAB, max-age=20
server: cloudflare
cf-ray: 7a8669259d23ca67-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 KBVZTpYmAtVOCbG
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7a86691f5e5cca67/1678900654552/ Frame 227D 61 B
166 B 28ms
28ms Image
image/png 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7a86691f5e5cca67/1678900654552/KBVZTpYmAtVOCbG
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90692273abfa5a76d8bb5c9552847d9f8c15c81b208abc42ff104109c18fe13b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/8r3c2/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 17:17:35 GMT
server: cloudflare
cf-ray: 7a86692939d5ca67-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/png

POST
H3 200 b04631335f929fb Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/338435758:1678899867:0C91hXXw98UCg6L_3hiAK9JxOKdt2EoCTcUPMV1kZQM/7a86691f5e5cca67/ Frame 227D 11 KB
8 KB 88ms
86ms XHR
text/plain 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/338435758:1678899867:0C91hXXw98UCg6L_3hiAK9JxOKdt2EoCTcUPMV1kZQM/7a86691f5e5cca67/b04631335f929fb
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7a86691f5e5cca67
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7403de7b32ec8ad413db07398c91e2da31f46cb94e459e147393a316c34e5739

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/8r3c2/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: b04631335f929fb
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Mar 2023 17:17:36 GMT
content-encoding: br
cf_chl_gen: 2nPNW0P7eBpNROizuPpsiLFtKiXMhrGh9dXeg8F5Cqu5hhTFHjQTGQIPZcm53BPv$kHQ+4R+XNKG8Fp//xrHq1A==
server: cloudflare
cf-ray: 7a86692b8c4eca67-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://ct8hs.canksru.ru/Mundefined Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/b/pat/7a86690f9e7e05bb/1678900651790/45eae4d5208dd4f1c3b759fb4ff10ac83d37295b346759fd272316ec81ee0396/49Y4SSRF0E9CeqW Message: Failed to load resource: the server responded with a status of 401 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7a86691f5e5cca67/1678900654543/fda9c12dfa4d150c40c6a7996ba66906039321fec0e05805bd2dce54ad73eb56/lsV90O_BVodEg5T Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
ct8hs.canksru.ru
wtqvxy9ui0kw.agenciasagar.com.br
104.152.168.17
2606:4700:20::681a:66a
2606:4700::6812:7b9
1ae5ee3bbe4397bff07bdf6eb6a296ef1d1e81510551ee399c2fcc4a06a628de
3987d36c0215af10ae03c644e5d8cb500b98e238e2be5cd06002287e198dab70
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7403de7b32ec8ad413db07398c91e2da31f46cb94e459e147393a316c34e5739
8081dbf1d707fffcfd5087656ce5b33026e1304eb8d34ef9b2838f8819a6c485
90692273abfa5a76d8bb5c9552847d9f8c15c81b208abc42ff104109c18fe13b
93d7c17dfdfa310746aa0f50df56cbeef60bdbce6db9136f32f150454bad2f2a
9a58430e0fa15e88039a4b4f77c63700edf333ac20b412333e4233591ceaf439
d467553a410d5781d4797e38c8304960f241bb8072b8ce4c568c8cbdf38b3e73
d4a0913ea74f774af812a1f4a4ab09436bb77f457b82cd0c35d55484e2bc26bb
e37055522191511f3ea290215c1af703825edfaa52b0d6381ba89ff51fae24d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ffe02ee279f3acbb47a6bd179fc207b4c19ef951f6771c5de40d2cbbf7e08acf

ct8hs.canksru.ru Open in urlscan Pro 2606:4700:20::681a:66a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

15 Requests

87 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

253 kBTransfer

577 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

0 Cookies

5 Console Messages

Indicators

ct8hs.canksru.ru Open in urlscan Pro
2606:4700:20::681a:66a Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

87 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

253 kB
Transfer

577 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions