Submitted URL: https://cl.gy/qeaEe
Effective URL: https://almatropatridole.com/NRMTL/MLDKTR/NBCLDM/OMRLDI
Submission: On September 18 via manual from DE — Scanned from DE

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 24 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is almatropatridole.com.
TLS certificate: Issued by WE1 on September 17th 2024. Valid for: 3 months.
This is the only time almatropatridole.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 35.212.63.232 15169 (GOOGLE)
2 2600:9000:223... 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 10 2a06:98c1:312... 13335 (CLOUDFLAR...)
24 5
Apex Domain
Subdomains
Transfer
10 almatropatridole.com
almatropatridole.com
17 KB
4 cl.gy
cl.gy
6 KB
2 balinadomilkitrice.com
balinadomilkitrice.com
22 KB
2 cloudfront.net
d1rozh26tys225.cloudfront.net
4 KB
24 4
Domain Requested by
10 almatropatridole.com 1 redirects cl.gy
almatropatridole.com
4 cl.gy 1 redirects cl.gy
2 balinadomilkitrice.com cl.gy
2 d1rozh26tys225.cloudfront.net cl.gy
24 4

This site contains no links.

Subject Issuer Validity Valid
*.cl.gy
R10
2024-09-07 -
2024-12-06
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
balinadomilkitrice.com
WE1
2024-09-18 -
2024-12-17
3 months crt.sh
almatropatridole.com
WE1
2024-09-17 -
2024-12-16
3 months crt.sh

This page contains 3 frames:

Primary Page: https://almatropatridole.com/NRMTL/MLDKTR/NBCLDM/OMRLDI
Frame ID: D0C9747F32D8599D1B68F3DA8CD400D8
Requests: 12 HTTP requests in this frame

Frame: https://almatropatridole.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js
Frame ID: 11B0AD411AB6E075274B88E3276CE9D7
Requests: 2 HTTP requests in this frame

Frame: https://almatropatridole.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: 4EEDEFE7455DA27F9C09B9B32893326A
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

403 Forbidden

Page URL History Show full URLs

  1. https://cl.gy/qeaEe Page URL
  2. https://cl.gy/.well-known/sgcaptcha/?r=%2FqeaEe&y=ipr:45.141.152.74:1726641043.207 Page URL
  3. https://cl.gy/.well-known/sgcaptcha/?r=%2FqeaEe&sol=MjA6MTcyNjY0MTA0MzowYzc2NWMzMzphYTgxNW... Page URL
  4. https://cl.gy/qeaEe HTTP 301
    https://balinadomilkitrice.com/bireng Page URL
  5. https://almatropatridole.com/NRMTL/MLDKTR/NBCLDM/OMRLDI Page URL
  6. https://almatropatridole.com/NRMTL/MLDKTR/NBCLDM/OMRLDI Page URL

Page Statistics

24
Requests

58 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

5
IPs

1
Countries

49 kB
Transfer

155 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cl.gy/qeaEe Page URL
  2. https://cl.gy/.well-known/sgcaptcha/?r=%2FqeaEe&y=ipr:45.141.152.74:1726641043.207 Page URL
  3. https://cl.gy/.well-known/sgcaptcha/?r=%2FqeaEe&sol=MjA6MTcyNjY0MTA0MzowYzc2NWMzMzphYTgxNWYzY2JiNGI1NDk4YTNhZjgyNGUyZmEzY2VlMTVlMGU0ZDY1MDE4YTcwNzQwN2I1MWFkY2Y4N2I1MjJmOgGHRs0%3D&s=809:325107 Page URL
  4. https://cl.gy/qeaEe HTTP 301
    https://balinadomilkitrice.com/bireng Page URL
  5. https://almatropatridole.com/NRMTL/MLDKTR/NBCLDM/OMRLDI Page URL
  6. https://almatropatridole.com/NRMTL/MLDKTR/NBCLDM/OMRLDI Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://cl.gy/qeaEe HTTP 301
  • https://balinadomilkitrice.com/bireng
Request Chain 17
  • https://almatropatridole.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://almatropatridole.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
qeaEe
cl.gy/
173 B
423 B
Document
General
Full URL
https://cl.gy/qeaEe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.63.232 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.63.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2c97f57ff473d8f1f4bb57df7f9dfefac5c758bda23d6c68bc1429a037a7faec

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-store,no-cache,max-age=0
content-length
173
content-type
text/html
date
Wed, 18 Sep 2024 06:30:43 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
server
nginx
sg-captcha
challenge
x-proxy-cache-info
DT:1
x-robots-tag
noindex
/
cl.gy/.well-known/sgcaptcha/
12 KB
5 KB
Document
General
Full URL
https://cl.gy/.well-known/sgcaptcha/?r=%2FqeaEe&y=ipr:45.141.152.74:1726641043.207
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.63.232 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.63.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
db3777fbe3032d882cd91f5568ea9875ded15d2f8665bc65a2c3a95e8fd0784a

Request headers

Referer
https://cl.gy/qeaEe
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-store,no-cache,max-age=0
content-encoding
br
content-type
text/html
date
Wed, 18 Sep 2024 06:30:43 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
server
nginx
sg-captcha
challenge
vary
Accept-Encoding
x-proxy-cache-info
DT:1
x-robots-tag
noindex
robot-suspicion.svg
d1rozh26tys225.cloudfront.net/
5 KB
3 KB
Image
General
Full URL
https://d1rozh26tys225.cloudfront.net/robot-suspicion.svg
Requested by
Host: cl.gy
URL: https://cl.gy/.well-known/sgcaptcha/?r=%2FqeaEe&y=ipr:45.141.152.74:1726641043.207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:400:5:acf3:db40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ddb4a8fe630cda4853312bf576429166ca074167ec93d38b24fc80d166f52a34

Request headers

Referer
https://cl.gy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 01:12:18 GMT
content-encoding
gzip
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
last-modified
Wed, 16 Aug 2023 13:41:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
19105
x-amz-server-side-encryption
AES256
etag
W/"bf95026d64faa61f93dcec8be1040417"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-id
UICH_dUUX25Hjg4MFxkQh6u7tk9LWTMK0KbvcyfdMQfRjS9ni2KnXA==
loader.svg
d1rozh26tys225.cloudfront.net/
846 B
1 KB
Image
General
Full URL
https://d1rozh26tys225.cloudfront.net/loader.svg
Requested by
Host: cl.gy
URL: https://cl.gy/.well-known/sgcaptcha/?r=%2FqeaEe&y=ipr:45.141.152.74:1726641043.207
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:400:5:acf3:db40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
daed5f030b7d78e92c71aa05601d7bc94a8c59f4037363666f02e5611fc5de42

Request headers

Referer
https://cl.gy/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 05:20:41 GMT
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
last-modified
Wed, 16 Aug 2023 13:41:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
10268
x-amz-server-side-encryption
AES256
etag
"8946b767a9a283b2a0f3a62fd915020c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
846
x-amz-cf-id
LxQLUk0j5el63dlaWp2iOADbXuG2EFm9uOvishJaBISjS1yKgTd2xg==
8a4000d9-3f90-4062-9aaf-3154a79ea2be
https://cl.gy/ Frame
0
0

8a4000d9-3f90-4062-9aaf-3154a79ea2be
https://cl.gy/ Frame
0
0

8a4000d9-3f90-4062-9aaf-3154a79ea2be
https://cl.gy/ Frame
0
0

8a4000d9-3f90-4062-9aaf-3154a79ea2be
https://cl.gy/ Frame
0
0

8a4000d9-3f90-4062-9aaf-3154a79ea2be
https://cl.gy/ Frame
0
0

8a4000d9-3f90-4062-9aaf-3154a79ea2be
https://cl.gy/ Frame
0
0

8a4000d9-3f90-4062-9aaf-3154a79ea2be
https://cl.gy/ Frame
0
0

8a4000d9-3f90-4062-9aaf-3154a79ea2be
https://cl.gy/ Frame
0
0

/
cl.gy/.well-known/sgcaptcha/
310 B
690 B
Document
General
Full URL
https://cl.gy/.well-known/sgcaptcha/?r=%2FqeaEe&sol=MjA6MTcyNjY0MTA0MzowYzc2NWMzMzphYTgxNWYzY2JiNGI1NDk4YTNhZjgyNGUyZmEzY2VlMTVlMGU0ZDY1MDE4YTcwNzQwN2I1MWFkY2Y4N2I1MjJmOgGHRs0%3D&s=809:325107
Requested by
Host: cl.gy
URL: https://cl.gy/.well-known/sgcaptcha/?r=%2FqeaEe&y=ipr:45.141.152.74:1726641043.207
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.212.63.232 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.63.212.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Referer
https://cl.gy/.well-known/sgcaptcha/?r=%2FqeaEe&y=ipr:45.141.152.74:1726641043.207
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-store,no-cache,max-age=0
content-length
310
content-type
text/html
date
Wed, 18 Sep 2024 06:30:44 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
server
nginx
sg-captcha
challenge
x-proxy-cache-info
DT:1
x-robots-tag
noindex
bireng
balinadomilkitrice.com/
Redirect Chain
  • https://cl.gy/qeaEe
  • https://balinadomilkitrice.com/bireng
211 B
618 B
Document
General
Full URL
https://balinadomilkitrice.com/bireng
Requested by
Host: cl.gy
URL: https://cl.gy/.well-known/sgcaptcha/?r=%2FqeaEe&sol=MjA6MTcyNjY0MTA0MzowYzc2NWMzMzphYTgxNWYzY2JiNGI1NDk4YTNhZjgyNGUyZmEzY2VlMTVlMGU0ZDY1MDE4YTcwNzQwN2I1MWFkY2Y4N2I1MjJmOgGHRs0%3D&s=809:325107
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:196d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2a2d59a9722e30f27e751a593da91172724237f02e08f258aa985b6abfcaa57

Request headers

Referer
https://cl.gy/.well-known/sgcaptcha/?r=%2FqeaEe&sol=MjA6MTcyNjY0MTA0MzowYzc2NWMzMzphYTgxNWYzY2JiNGI1NDk4YTNhZjgyNGUyZmEzY2VlMTVlMGU0ZDY1MDE4YTcwNzQwN2I1MWFkY2Y4N2I1MjJmOgGHRs0%3D&s=809:325107
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c4f4a0549febbf8-FRA
content-encoding
br
content-type
text/html
date
Wed, 18 Sep 2024 06:30:45 GMT
last-modified
Wed, 18 Sep 2024 04:32:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MYbeTiEn%2BYKedKdRpt%2BKUJ8rPrD%2B1d%2B3AJX4eM%2FfwAd0HnkLmRMEx6ex0PdPmrlF91kP58mKt2gCSjLx0BuvCR13SrWjCJIfeK8vt3Hh9oTzHDkfCZh14ajmjgyMFGSESMgJaesXaUA4k8jw%2BtA%2BdejmysAG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 18 Sep 2024 06:30:45 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
host-header
6b7412fb82ca5edfd0917e3957f05d89
location
https://balinadomilkitrice.com/bireng
pragma
no-cache
server
nginx
x-httpd-modphp
1
x-proxy-cache
MISS
x-proxy-cache-info
0301 NC:000000 UP:SKIP_CACHE_SET_COOKIE
OMRLDI
almatropatridole.com/NRMTL/MLDKTR/NBCLDM/
7 KB
8 KB
Document
General
Full URL
https://almatropatridole.com/NRMTL/MLDKTR/NBCLDM/OMRLDI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de14ec9dc22e98dd89f9629c536f4af379c69011689dc72b54fc606b3609fd55
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://balinadomilkitrice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8c4f4a06582239d6-FRA
content-type
text/html; charset=utf-8
date
Wed, 18 Sep 2024 06:30:45 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eSxGVRYFADdtEf7RkrP1r6VFDowlBYoyP4RAQ%2BwcTJhpfIfwoj6r0%2Flw3Np4NZg5qpSa3AJX37d2v9rlSg%2B1GMWoruIedky6inPOqXhAg3Kb8cseV4qGjQcEpypdotTvPuj6PSU0UNtjMgsTa5bU6uTNLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
favicon.ico
balinadomilkitrice.com/
111 KB
22 KB
Other
General
Full URL
https://balinadomilkitrice.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:196d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash

Request headers

Referer
https://balinadomilkitrice.com/bireng
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:30:45 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 18 Sep 2024 04:31:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66ea57ab-1bb33"
x-powered-by
PleskLin
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iz%2F8jGkf21%2BantVZSqnKSY%2FlrPfvwzegwHwgpg4GxveSwlxo01nKy%2BqMHg9Ti9opOWYKinSp6PToJmuBww%2F4M4Iv8%2FD%2BfK1MpeFUj7XIxi0BFQSktlcuutdOGDnCgLsjoWwlJzhAAhzS8TAmGDNI%2BZPI0v2W"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=864000
cf-ray
8c4f4a05fababbf8-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 28 Sep 2024 06:30:45 GMT
OMRLDI
almatropatridole.com/NRMTL/MLDKTR/NBCLDM/
0
941 B
XHR
General
Full URL
https://almatropatridole.com/NRMTL/MLDKTR/NBCLDM/OMRLDI
Requested by
Host: cl.gy
URL: https://cl.gy/qeaEe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

X-Requested-TimeStamp-Expire
95ow-EDBdzLKgR1yO3I2R4yHRYc
37332941
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
zvx72mf5QXmjNMHL52ify9MJ0jg
EeXD5IstV0SScZqXpc3UXm0d0
Referer
https://almatropatridole.com/NRMTL/MLDKTR/NBCLDM/OMRLDI
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Sep 2024 06:30:45 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UeKxmHBedqZjp8mO6XDrrIECPbJ%2BLGtcwDS3sGtlRhkov%2FmEmnqYFms7%2Bq6yQm8dI2%2BtOSO%2ByKUru%2FAcIJ96OiXKzdESxZyvYrt6awyLUrLM2q0AzJkVJ86YB7VfuBLlY9MlKy%2Fi1fx2DJ%2B0h5URALPC6g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8c4f4a08098939d6-FRA
x-xss-protection
1; mode=block, 1; mode=block
expires
0
main.js
almatropatridole.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/ Frame 11B0
Redirect Chain
  • https://almatropatridole.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://almatropatridole.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
8 KB
4 KB
Script
General
Full URL
https://almatropatridole.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
Protocol
H3
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15838ff66fff6fc8e7af2536d403b557bcc89bff857521be71dfdab8c938e28c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:30:45 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HeV9JBSt4Qx3ycd5d2fSwZHtGcJsLBV8vl2qnwNzOIFeWdZ6XlpXJm6pJhLh3e5DHwK3eMuJhFwnHFV%2BNAXcUqndDCfE9WRt1uxlLJdLa%2FeX8HroPZTdnbMgnee6P64dhizgpehTc3zU2J2Kc0VSMjEdyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8c4f4a08299839d6-FRA

Redirect headers

date
Wed, 18 Sep 2024 06:30:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QyzEDms9e37XVC%2BrbqdLEUR9bxzmX%2B7bCPNYY%2BTS0BUqJuFri4TLnNkfaSlo7GIvVLs3SJydpxNdNfzd%2Bui1N3txAa5ih2urh2I%2Bjt5fmhgiMRbxchMCb5ZYHk2pHHBv36Z1JOY%2BnBhAjzCj%2B7q9iHq11g%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/388c99dd0998/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8c4f4a08098a39d6-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
almatropatridole.com/
548 B
631 B
Other
General
Full URL
https://almatropatridole.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://almatropatridole.com/NRMTL/MLDKTR/NBCLDM/OMRLDI
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 18 Sep 2024 06:30:45 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3454
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XlfiFzvIkA2kj4SmwEAi33ly5DAysvP4HwmqK6mBDH%2Fu2HIgDEDlXjSjoddDolCnwqkh7M2tedYMWnHgjuNBXfbyU0CNhsNsqpoFX%2BuTZAuXV1GNNvqDH35J4WEAeA7sJOxI1oumnlFBo8UeUyLqgPW81A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray
8c4f4a08198d39d6-FRA
x-xss-protection
1; mode=block, 1; mode=block
8c4f4a06582239d6
almatropatridole.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 11B0
0
928 B
XHR
General
Full URL
https://almatropatridole.com/cdn-cgi/challenge-platform/h/b/jsd/r/8c4f4a06582239d6
Requested by
Host: almatropatridole.com
URL: https://almatropatridole.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 18 Sep 2024 06:30:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
8c4f4a090a8839d6-FRA
content-length
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qPAhu76khMRBmXNVLH4H2RtYiS76842fzSW5LSEH8LT1wGeWpt0SJ8DAoIaBZezlrbFfW9ikXDt%2BKbiQmvAt4KrBNdiGzuk7WUhLgqM6o%2BHUJnmvKz0AAH%2B4fb8l6bRWGjcJ2zCyWw%2FabxA5qOml11Jdjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
Primary Request OMRLDI
almatropatridole.com/NRMTL/MLDKTR/NBCLDM/
1 KB
941 B
Document
General
Full URL
https://almatropatridole.com/NRMTL/MLDKTR/NBCLDM/OMRLDI
Requested by
Host: cl.gy
URL: https://cl.gy/qeaEe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1878f21598621c45bbd6c94459dbfd86a5dda03f4cddeddcd3b14fae55e737b
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://almatropatridole.com/NRMTL/MLDKTR/NBCLDM/OMRLDI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8c4f4a091a8a39d6-FRA
content-encoding
br
content-type
text/html
date
Wed, 18 Sep 2024 06:30:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LfHMvI2bYI958D0tc2R4OyyqU6NyrKgXZrrplkIVQJJDI3vnt0ZW5ih7t63t%2BXVSG4wAwaeB8mrFp3d5UE%2Fe%2B4EngZQhpGAp6IryW9S6QBWe8xns6sYcHH%2FX5niVcthMIqX0BWwtObr%2BnmusdIaiDqwr1g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
main.js
almatropatridole.com/cdn-cgi/challenge-platform/scripts/jsd/ Frame 4EED
8 KB
0
Script
General
Full URL
https://almatropatridole.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Requested by
Host: cl.gy
URL: https://cl.gy/qeaEe
Protocol
H3
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15838ff66fff6fc8e7af2536d403b557bcc89bff857521be71dfdab8c938e28c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 18 Sep 2024 06:30:45 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HeV9JBSt4Qx3ycd5d2fSwZHtGcJsLBV8vl2qnwNzOIFeWdZ6XlpXJm6pJhLh3e5DHwK3eMuJhFwnHFV%2BNAXcUqndDCfE9WRt1uxlLJdLa%2FeX8HroPZTdnbMgnee6P64dhizgpehTc3zU2J2Kc0VSMjEdyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8c4f4a08299839d6-FRA
8c4f4a091a8a39d6
almatropatridole.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 4EED
0
926 B
XHR
General
Full URL
https://almatropatridole.com/cdn-cgi/challenge-platform/h/b/jsd/r/8c4f4a091a8a39d6
Requested by
Host: almatropatridole.com
URL: https://almatropatridole.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 18 Sep 2024 06:30:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
8c4f4a0aabe339d6-FRA
content-length
0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YOakkp%2BRy49HR55NvhVzAIroqs6KCEV5xMuYh308jAgMErw5mBYRWRoC%2F1eBe18%2Fe5YBW0L1tQuAcr%2FWqWMZ9Iv8eUzjoLJ1KBR0P8KMReMqcKNhfc5cFpz4Bd4gX%2BTZoNAIC0Dl8az1BEsZ9cCoGuSdTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
favicon.ico
almatropatridole.com/
548 B
0
Other
General
Full URL
https://almatropatridole.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://almatropatridole.com/NRMTL/MLDKTR/NBCLDM/OMRLDI
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
public
date
Wed, 18 Sep 2024 06:30:45 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3454
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XlfiFzvIkA2kj4SmwEAi33ly5DAysvP4HwmqK6mBDH%2Fu2HIgDEDlXjSjoddDolCnwqkh7M2tedYMWnHgjuNBXfbyU0CNhsNsqpoFX%2BuTZAuXV1GNNvqDH35J4WEAeA7sJOxI1oumnlFBo8UeUyLqgPW81A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray
8c4f4a08198d39d6-FRA
x-xss-protection
1; mode=block, 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cl.gy
URL
blob:https://cl.gy/8a4000d9-3f90-4062-9aaf-3154a79ea2be
Domain
cl.gy
URL
blob:https://cl.gy/8a4000d9-3f90-4062-9aaf-3154a79ea2be
Domain
cl.gy
URL
blob:https://cl.gy/8a4000d9-3f90-4062-9aaf-3154a79ea2be
Domain
cl.gy
URL
blob:https://cl.gy/8a4000d9-3f90-4062-9aaf-3154a79ea2be
Domain
cl.gy
URL
blob:https://cl.gy/8a4000d9-3f90-4062-9aaf-3154a79ea2be
Domain
cl.gy
URL
blob:https://cl.gy/8a4000d9-3f90-4062-9aaf-3154a79ea2be
Domain
cl.gy
URL
blob:https://cl.gy/8a4000d9-3f90-4062-9aaf-3154a79ea2be
Domain
cl.gy
URL
blob:https://cl.gy/8a4000d9-3f90-4062-9aaf-3154a79ea2be

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

14 Cookies

Domain/Path Name / Value
.cl.gy/ Name: _I_
Value: 0a162e2d5200fcd037abeef86b8f816fa5f718cdc60687d433ee2c57dd275d05-1726641044
cl.gy/ Name: PHPSESSID
Value: e03d768ed5422b8e63dd8a577bb8c5be
cl.gy/ Name: short_114867
Value: 1
almatropatridole.com/ Name: NJfcLBkugzAOyOemaMIk7PDhq2Q
Value: gcUnE1bb4OWhL8eyFid9keutYKU
almatropatridole.com/ Name: NxrH64c1d2tPp-FOXlmWmMrOA8A
Value: 1726641045
almatropatridole.com/ Name: H97sJNbXEuHO5MuxyEnVrpf5jSc
Value: 1726727445
almatropatridole.com/ Name: 12T-5Ur2hn2eLqqr0CJ2m5z0WJI
Value: BJTNkqZe4WODFHS9bXkce19D8ZI
almatropatridole.com/ Name: jtTHYGgoWdB44ZVKoo5HTf-CpYA
Value: VADlzaWFCzikcJsdEN2LYjUPBEU
almatropatridole.com/ Name: acBVLvCmyIE_CLqRdOWJMs7tPPo
Value: W-vmQRw2kwR9O4rAC0o3TEEqnPw
almatropatridole.com/ Name: HZa1Aw5lhPjziPElwm455-lbUTs
Value: 1726641045
almatropatridole.com/ Name: OaK5KwvSHDJo-FMu_ovkbJ_YwUI
Value: 1726727445
almatropatridole.com/ Name: NZdxlaCHgmSDP4Z4BJ2TQFSTs4A
Value: e4PIklXbsccUtG6JGE_Lgg5JeCY
almatropatridole.com/ Name: EjKDMxsDEBwN6oxFU_OSYquR6EU
Value: 95Cogayg09D5KrMr9qslXVETCko
.almatropatridole.com/ Name: cf_clearance
Value: 1xdzH3bxGMZMdRGY.9N6AxbcOXOSSFrB6i1erMR.Kts-1726641046-1.2.1.1-GG35.VYpb9aNnzGsbJlxDgprvjNGl54G6rhs0DL.mLHlzIPogj784ty6F0dGaWAciWGYixxQDacsxslk8f70f1VM83cqCIOnnlvYFXB9wSmwYxRD5_MgHPKEsEzeH1eGs9piU5hhkocaPQdFHM1OiBqO79EBlFkAngtBwimUims0PY3J570ysN8DCADWGkqqOiYOgH8WFckxHukYTMCv3lrhBWOCzUMjAimSnThIYsWJ4d7qEdSO4xC18Lu6701jwz7RbcPiksn8J.Hr.ZXPYpcO_Nxmcl05fBrC4MwjeuNokpow2spy.Sodq2x7p1AxNgKU0ddsOvOvlpSpbbJVa4Zhdy2E8c.eHMh6ndF_Iw62xGq8KRwRGQtU01gh8H16

5 Console Messages

Source Level URL
Text
network error URL: https://balinadomilkitrice.com/bireng
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://almatropatridole.com/NRMTL/MLDKTR/NBCLDM/OMRLDI
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://almatropatridole.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://almatropatridole.com/NRMTL/MLDKTR/NBCLDM/OMRLDI
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://almatropatridole.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()