eepdb8cbpa646b73295e50f.bgaddl.ru Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://apiservices.krxd.net/click_tracker/track?kx_event_uid=LR25EaJr&clk=https%3A%2F%2Fcaxita.co.in%2Fnew%2Fauth%2Fsf_rand_...
Effective URL:
https://eepdb8cbpa646b73295e50f.bgaddl.ru/Msteve.warren@rockwool.com
Submission: On May 26 via manual (May 26th 2023, 10:31:31 pm UTC) from DK — Scanned from DK

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 14 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is eepdb8cbpa646b73295e50f.bgaddl.ru.
TLS certificate: Issued by E1 on May 10th 2023. Valid for: 3 months.

This is the only time eepdb8cbpa646b73295e50f.bgaddl.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1	192.185.110.135 192.185.110.135	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6812:7b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	4

1 151.101.130.133 (United States) 1 redirects

ASN54113 (FASTLY, US)

apiservices.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.185.110.135 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 192-185-110-135.unifiedlayer.com

caxita.co.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

eepdb8cbpa646b73295e50f.bgaddl.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:7b9 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 6358	225 KB
4	bgaddl.ru eepdb8cbpa646b73295e50f.bgaddl.ru	65 KB
1	caxita.co.in caxita.co.in	125 B
1	krxd.net 1 redirects apiservices.krxd.net — Cisco Umbrella Rank: 35429	270 B
14	4

	Domain	Requested by
7	challenges.cloudflare.com	eepdb8cbpa646b73295e50f.bgaddl.ru challenges.cloudflare.com
4	eepdb8cbpa646b73295e50f.bgaddl.ru	eepdb8cbpa646b73295e50f.bgaddl.ru
1	caxita.co.in
1	apiservices.krxd.net	1 redirects
14	4

This site contains no links.

Subject Issuer	Validity	Valid
*.caxita.co.in R3	`2023-05-20` - `2023-08-18`	3 months	crt.sh
bgaddl.ru E1	`2023-05-10` - `2023-08-08`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://eepdb8cbpa646b73295e50f.bgaddl.ru/Msteve.warren@rockwool.com
Frame ID: D97B185AF1B0C59F30E4A41F79A0DA7B
Requests: 6 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/p8luy/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: D38087670C821281083253A4E0627A79
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loading...

Page Statistics

14
Requests

86 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

290 kB
Transfer

562 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://apiservices.krxd.net/click_tracker/track?kx_event_uid=LR25EaJr&clk=https%3A%2F%2Fcaxita.co.in%2Fnew%2Fauth%2Fsf_rand_string_lowercase6%2F%2F%2F%2Fc3RldmUud2FycmVuQHJvY2t3b29sLmNvbQ== HTTP 302
https://caxita.co.in/new/auth/sf_rand_string_lowercase6////c3RldmUud2FycmVuQHJvY2t3b29sLmNvbQ==

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

c3RldmUud2FycmVuQHJvY2t3b29sLmNvbQ== Show response
caxita.co.in/new/auth/sf_rand_string_lowercase6////
Redirect Chain

https://apiservices.krxd.net/click_tracker/track?kx_event_uid=LR25EaJr&clk=https%3A%2F%2Fcaxita.co.in%2Fnew%2Fauth%2Fsf_rand_string_lowercase6%2F%2F%2F%2Fc3RldmUud2FycmVuQHJvY2t3b29sLmNvbQ==
https://caxita.co.in/new/auth/sf_rand_string_lowercase6////c3RldmUud2FycmVuQHJvY2t3b29sLmNvbQ==

0
125 B

1229ms
665ms

Document
text/html

192.185.110.135
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://caxita.co.in/new/auth/sf_rand_string_lowercase6////c3RldmUud2FycmVuQHJvY2t3b29sLmNvbQ==
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.110.135 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 192-185-110-135.unifiedlayer.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: da-DK,da;q=0.9

Response headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 26 May 2023 22:31:26 GMT
refresh: 0;url=https://eepdb8cbpa646b73295e50f.bgaddl.ru/Msteve.warren@rockwool.com
server: Apache

Redirect headers

accept-ranges: bytes
age: 0
content-length: 0
date: Fri, 26 May 2023 22:31:25 GMT
location: https://caxita.co.in/new/auth/sf_rand_string_lowercase6////c3RldmUud2FycmVuQHJvY2t3b29sLmNvbQ==
via: 1.1 varnish (Varnish/5.2), 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: click-tracker-a001-ash-prod.krxd.net, cache-cph2320036-CPH
x-timer: S1685140285.141449,VS0,VE363

GET
H2 403 Primary Request Msteve.warren@rockwool.com Show response
eepdb8cbpa646b73295e50f.bgaddl.ru/ 8 KB
5 KB 214ms
37ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eepdb8cbpa646b73295e50f.bgaddl.ru/Msteve.warren@rockwool.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bd907ad81ef66437dd02b4f057a2dbfb6dff53791cc6712a2d35e05c9465f0d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://caxita.co.in/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: da-DK,da;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 7cd977e98f90bb43-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Fri, 26 May 2023 22:31:26 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JM5ibfnp414oaoEDGrObEkTNWmQCQn1ozVFX4PgeeaAnIojSWrtsi2ESglPxNPKFl%2FoyFkMto2cAvikt10%2Fy%2BvB98pQgZuyEMpL6835H1LA%2FFRSwHsqHWV2s%2BMn%2BW5Jm9jCqMLe%2BO%2BOa4Cu8QQhR0z%2BarhqIXV7unaKwZLK7sY0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 v1 Show response
eepdb8cbpa646b73295e50f.bgaddl.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ 147 KB
53 KB 39ms
38ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eepdb8cbpa646b73295e50f.bgaddl.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cd977e98f90bb43
Requested by: Host: eepdb8cbpa646b73295e50f.bgaddl.ru
URL: https://eepdb8cbpa646b73295e50f.bgaddl.ru/Msteve.warren@rockwool.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 287db8324b8487a6b9e521a6b956845ffc9bc93936085ef7216fabc7b89277c0

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://eepdb8cbpa646b73295e50f.bgaddl.ru/Msteve.warren@rockwool.com?__cf_chl_rt_tk=ls0o1tvIZ5Fg48r90KwLwfImdF2YdqFRjByqreBjIzY-1685140286-0-gaNycGzNDBA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:31:27 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h20W0oxe2yCncjJLFcpMrXXmAwFnXwl9DbZrymcGbkDE8NHzX1harZeR3%2FHFdk5m1JGGLD2NHUkPuGVgeFREepiQOuW5kTFA7QXMUbUHVdvzILe%2BueJ3ycbk4sDTH2TAM5Q2Vy4mSIRy%2B5s9gNyTsMRVQzmIRL44ksL%2BdOk6VqE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 7cd977ea1807bb43-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 transparent.gif
eepdb8cbpa646b73295e50f.bgaddl.ru/cdn-cgi/images/trace/managed/js/ 42 B
244 B 31ms
30ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eepdb8cbpa646b73295e50f.bgaddl.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cd977e98f90bb43

Requested by

Host: eepdb8cbpa646b73295e50f.bgaddl.ru
URL: https://eepdb8cbpa646b73295e50f.bgaddl.ru/Msteve.warren@rockwool.com?__cf_chl_rt_tk=ls0o1tvIZ5Fg48r90KwLwfImdF2YdqFRjByqreBjIzY-1685140286-0-gaNycGzNDBA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://eepdb8cbpa646b73295e50f.bgaddl.ru/Msteve.warren@rockwool.com?__cf_chl_rt_tk=ls0o1tvIZ5Fg48r90KwLwfImdF2YdqFRjByqreBjIzY-1685140286-0-gaNycGzNDBA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:31:27 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 May 2023 08:39:03 GMT
server: cloudflare
etag: "646f1ea7-2a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 7cd977ea2808bb43-FRA
content-length: 42
expires: Sat, 27 May 2023 00:31:27 GMT

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/938e2b5c/ 15 KB
5 KB 128ms
51ms Script
application/javascript 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by: Host: eepdb8cbpa646b73295e50f.bgaddl.ru
URL: https://eepdb8cbpa646b73295e50f.bgaddl.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cd977e98f90bb43
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e1e45b1d429b2d703676139932fe97b7ffc7986e6d0221653a7404e4c3032f0

Request headers

Referer
Origin: https://eepdb8cbpa646b73295e50f.bgaddl.ru
accept-language: da-DK,da;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:31:27 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7cd977eb1c3b5cb0-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 60837d7d955701c Show response
eepdb8cbpa646b73295e50f.bgaddl.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1263775366:1685138833:uY416iIsBTX2IHkzoGdwu_isEUKWrxHIb0dGTAgg7so/7cd977e98f90bb43/ 7 KB
6 KB 45ms
44ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eepdb8cbpa646b73295e50f.bgaddl.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1263775366:1685138833:uY416iIsBTX2IHkzoGdwu_isEUKWrxHIb0dGTAgg7so/7cd977e98f90bb43/60837d7d955701c
Requested by: Host: eepdb8cbpa646b73295e50f.bgaddl.ru
URL: https://eepdb8cbpa646b73295e50f.bgaddl.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cd977e98f90bb43
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 616e5ee0aedcc2ba3fd04072cdc5dff5c9f5317907fda6ba20de32468c2dbf67

Request headers

Referer: https://eepdb8cbpa646b73295e50f.bgaddl.ru/Msteve.warren@rockwool.com
accept-language: da-DK,da;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
CF-Challenge: 60837d7d955701c
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 26 May 2023 22:31:27 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFDtMtmYIZXeUsLKzohuwlvnR3pxZyfncV1fAg7cNgTLsn0QaTpS18nk0KK%2F07Vdf51drHi%2B7CSDRkWGUt4DBL7Z1ss%2BBO0ADGG69lFSBgaM18KGRsmQYv4WECepF%2B%2BJ6Ha5JVnWVLN0VZ1YjVxw0O8FlwPCfTkjlNCWWDF46N0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7cd977eb5e559962-FRA
alt-svc: h3=":443"; ma=86400
cf-chl-gen: Qe5oZfpZf7Gtu9QKqj6t6AO/GJ+Irmc60lFPijpklU506Zn09D1FWfW3ZFCgU+Y+$xOv66MEJxhKDmmEzkO6XTA==

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/p8luy/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame D380 24 KB
7 KB 71ms
38ms Document
text/html 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/p8luy/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1654a18af18b7ce779cbdd02b12f281ca4ccd885408e28663b1fab933427c0d8

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: da-DK,da;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7cd977ec4815049f-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 26 May 2023 22:31:27 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame D380 152 KB
55 KB 38ms
38ms Script
application/javascript 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd977ec4815049f
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/p8luy/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fb51045a1e5e482293888c9d3eee904b18176fb771e4347bd9ac97831609813

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/p8luy/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:31:27 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7cd977ecc875049f-FRA
alt-svc: h3=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

POST
H3 200 98fb4c8b0018456 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1049162049:1685138849:2CEDpgkbyq-jQxxCkvIIoSreOr6AG9Qz5gghJK7MoNs/7cd977ec4815049f/ Frame D380 195 KB
146 KB 116ms
116ms XHR
text/plain 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1049162049:1685138849:2CEDpgkbyq-jQxxCkvIIoSreOr6AG9Qz5gghJK7MoNs/7cd977ec4815049f/98fb4c8b0018456
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd977ec4815049f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14d503dc4ce26a8a652f57375ca5b4bfad2dfb13a2567321dd0ae2419342d9a4

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/p8luy/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
accept-language: da-DK,da;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
CF-Challenge: 98fb4c8b0018456
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: y2EJwp5wr0XJ6u0d8yX8VQ5iF8zly471j70HWTSLCF0krCyIxtMONIs1r0+5Y94r3wJMoxyIN2DdD+EW+33yJ5AhzlPemjxq7amEnxUd2ebs/gY/fSqGgAqS/V9zmEhKjW/MEoXkLrMlZcIqS2uFQ92/vLNxLBrWpJjuD3uhlY71/n1mSKad9aHD8VghJsRfBOd59EEAVAfyX4Oo9xmHIGGZ9VFQtch1A/WM1yTnW9UUe5XrMPkTxMeLBP3vZFuVw73jc8JjLPDzcIRM5/KgSboHhV9gItnvQFDhoxAFE2OlGf/Gs4kwWO+bg6TqG+kqZ+j2UB6u1Gjqv7w1k+Js3UAxT/fMiYqjP5Lr7SGIlWcp2FAju4xrT4Tr8sV+RvDFcINZ0AjB2oBtmLmGgS5WI1/2O7N7Wz2NNrn1D5RBSsM=$PrBE2W/HXpv37jNfbgQUVQ==
date: Fri, 26 May 2023 22:31:27 GMT
content-encoding: br
server: cloudflare
cf-ray: 7cd977ee39b3049f-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
BLOB 200
OK b37ad42a-4f69-4253-b114-eb8573d758c8
https://challenges.cloudflare.com/ Frame D380 656 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/b37ad42a-4f69-4253-b114-eb8573d758c8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/p8luy/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 656
Content-Type: text/javascript

GET
H3 401 oGpI0zQ4A_p-QhB Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7cd977ec4815049f/1685140287725/9f8a036cb5e0decbd7e7b7c7941b04267fc8c69b1dba7584ede721a12df19660/ Frame D380 1 B
627 B 36ms
35ms Fetch
text/plain 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7cd977ec4815049f/1685140287725/9f8a036cb5e0decbd7e7b7c7941b04267fc8c69b1dba7584ede721a12df19660/oGpI0zQ4A_p-QhB
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd977ec4815049f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/p8luy/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:31:28 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gn4oDbLXg3svX57fHlBsEJn_IxpsdunWE7echoS3xlmAAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArTdvs2-VOeG1gRYSu6le9W8rphJ9hC05duH2SoyJxZcID7eB4pDegSJtNqv3OQbpK4Q95bHTqsH89BCAXLJI-Vt7ySrpRthX6rEPu-Vj7WesutfG-4HKj1HyDTGqAY6a7ewvPAO1MgMa2r1_gzOPEXZzJhEKT6UdIT2kff2r_Ykjw0jlNmXk5cDvIskrZ85GVfUW-rn9g1PLXw9OFhNDD6DD2EiFfNdypws_NYvMuOAHcmAxJlEJcf3CR8kfcZax5XW2G8thhT80V0huiKzfxYVtQL5b4HVbTcNvo9O7UCIklef8agJz95n7nyDUn68MLaxbYGJ0kAASzeN5eEb55QIDAQAB, max-age=20
server: cloudflare
cf-ray: 7cd977f00b30049f-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 fbr1Ne_hI06EiFE
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7cd977ec4815049f/1685140287725/ Frame D380 61 B
147 B 37ms
36ms Image
image/png 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7cd977ec4815049f/1685140287725/fbr1Ne_hI06EiFE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d70112e8279e9fe3a2781f6cde61bbd705603ed1c2a31cc278770c12f883065d

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/p8luy/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 22:31:28 GMT
server: cloudflare
cf-ray: 7cd977f55800049f-FRA
alt-svc: h3=":443"; ma=86400
content-type: image/png

GET
BLOB 200
OK 917365ee-0b99-447d-9363-59d0b9de2e30
https://challenges.cloudflare.com/ Frame D380 539 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/917365ee-0b99-447d-9363-59d0b9de2e30
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08c91791d18c8b35509f8951ba53b3868ebc91a142f78fb1294aadad03f537c8

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/p8luy/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 539
Content-Type: text/javascript

POST
H3 200 98fb4c8b0018456 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1049162049:1685138849:2CEDpgkbyq-jQxxCkvIIoSreOr6AG9Qz5gghJK7MoNs/7cd977ec4815049f/ Frame D380 13 KB
10 KB 55ms
51ms XHR
text/plain 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1049162049:1685138849:2CEDpgkbyq-jQxxCkvIIoSreOr6AG9Qz5gghJK7MoNs/7cd977ec4815049f/98fb4c8b0018456
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cd977ec4815049f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acbd842e3290458d61ee91a1e5b006f283e9d34a13b4fa8e8666df2f0c96a327

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/p8luy/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
accept-language: da-DK,da;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
CF-Challenge: 98fb4c8b0018456
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: neS+NJ5A+o6s3PbyfcAnvAMCR6JI4eTw7bKrB5sS9Ei6IkUVqn4b0CpOqJn7CtXp$6sMw7wYeynTuaF0asjOqfQ==
date: Fri, 26 May 2023 22:31:29 GMT
content-encoding: br
server: cloudflare
cf-ray: 7cd977f97c0f049f-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://eepdb8cbpa646b73295e50f.bgaddl.ru/Msteve.warren@rockwool.com Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7cd977ec4815049f/1685140287725/9f8a036cb5e0decbd7e7b7c7941b04267fc8c69b1dba7584ede721a12df19660/oGpI0zQ4A_p-QhB Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apiservices.krxd.net
caxita.co.in
challenges.cloudflare.com
eepdb8cbpa646b73295e50f.bgaddl.ru
151.101.130.133
192.185.110.135
2606:4700::6812:7b9
2a06:98c1:3120::3
08c91791d18c8b35509f8951ba53b3868ebc91a142f78fb1294aadad03f537c8
14d503dc4ce26a8a652f57375ca5b4bfad2dfb13a2567321dd0ae2419342d9a4
1654a18af18b7ce779cbdd02b12f281ca4ccd885408e28663b1fab933427c0d8
287db8324b8487a6b9e521a6b956845ffc9bc93936085ef7216fabc7b89277c0
2e1e45b1d429b2d703676139932fe97b7ffc7986e6d0221653a7404e4c3032f0
4bd907ad81ef66437dd02b4f057a2dbfb6dff53791cc6712a2d35e05c9465f0d
5fb51045a1e5e482293888c9d3eee904b18176fb771e4347bd9ac97831609813
616e5ee0aedcc2ba3fd04072cdc5dff5c9f5317907fda6ba20de32468c2dbf67
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
acbd842e3290458d61ee91a1e5b006f283e9d34a13b4fa8e8666df2f0c96a327
d70112e8279e9fe3a2781f6cde61bbd705603ed1c2a31cc278770c12f883065d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

eepdb8cbpa646b73295e50f.bgaddl.ru Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

14 Requests

86 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

290 kBTransfer

562 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

eepdb8cbpa646b73295e50f.bgaddl.ru Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

86 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

290 kB
Transfer

562 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions