online-291.fraudguard.es Open in urlscan Pro
2606:4700:3033::6815:5e15  Public Scan

Submitted URL: https://vk.cc/cCv8as
Effective URL: https://online-291.fraudguard.es/web9
Submission: On October 15 via manual from US — Scanned from US

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3033::6815:5e15, located in United States and belongs to CLOUDFLARENET, US. The main domain is online-291.fraudguard.es.
TLS certificate: Issued by WE1 on September 17th 2024. Valid for: 3 months.
This is the only time online-291.fraudguard.es was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 87.240.132.78 47541 (VKONTAKTE...)
1 1 93.186.225.194 47541 (VKONTAKTE...)
2 2 87.240.132.72 47541 (VKONTAKTE...)
1 87.240.129.133 47541 (VKONTAKTE...)
1 2a00:1148:db0... 47764 (VK-AS)
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1148:100... 47764 (VK-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
14 6
Apex Domain
Subdomains
Transfer
6 fraudguard.es
online-291.fraudguard.es
101 KB
3 vk.com
vk.com — Cisco Umbrella Rank: 7443
away.vk.com — Cisco Umbrella Rank: 144600
3 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3443
16 KB
2 mail.ru
ad.mail.ru — Cisco Umbrella Rank: 13783
privacy-cs.mail.ru — Cisco Umbrella Rank: 18837
40 KB
1 vkontakte.ru
vkontakte.ru — Cisco Umbrella Rank: 230310
640 B
1 vk.cc
vk.cc — Cisco Umbrella Rank: 669449
654 B
14 6
Domain Requested by
6 online-291.fraudguard.es away.vk.com
online-291.fraudguard.es
2 challenges.cloudflare.com online-291.fraudguard.es
challenges.cloudflare.com
2 vk.com 2 redirects
1 privacy-cs.mail.ru ad.mail.ru
1 ad.mail.ru away.vk.com
1 away.vk.com
1 vkontakte.ru 1 redirects
1 vk.cc 1 redirects
14 8

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
*.vk.com
GlobalSign ECC OV SSL CA 2018
2024-10-04 -
2025-03-02
5 months crt.sh
*.mail.ru
GlobalSign ECC OV SSL CA 2018
2023-10-06 -
2024-11-06
a year crt.sh
fraudguard.es
WE1
2024-09-17 -
2024-12-16
3 months crt.sh
challenges.cloudflare.com
WE1
2024-09-05 -
2024-12-04
3 months crt.sh

This page contains 2 frames:

Primary Page: https://online-291.fraudguard.es/web9
Frame ID: CBAE77BF4168007A67D0A8A45C328125
Requests: 10 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/kjkcx/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: A92E5300BCA9B166F96482A1DC3245D6
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://vk.cc/cCv8as HTTP 302
    https://vkontakte.ru/away.php?cc_key=cCv8as&to=https%3A%2F%2Fonline-291.fraudguard.es%2Fweb9 HTTP 301
    https://vk.com/login?act=vkcomredirect&to=YXdheS5waHA/Y2Nfa2V5PWNDdjhhcyZ0bz1odHRwcyUzQSUyR... HTTP 301
    https://vk.com/away.php?cc_key=cCv8as&to=https%3A%2F%2Fonline-291.fraudguard.es%2Fweb9 HTTP 302
    https://away.vk.com/away.php?rh=487bf7c4-9095-4b11-8bf0-a6ab99b0eba4 Page URL
  2. https://online-291.fraudguard.es/web9 Page URL

Page Statistics

14
Requests

79 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

6
IPs

2
Countries

157 kB
Transfer

403 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vk.cc/cCv8as HTTP 302
    https://vkontakte.ru/away.php?cc_key=cCv8as&to=https%3A%2F%2Fonline-291.fraudguard.es%2Fweb9 HTTP 301
    https://vk.com/login?act=vkcomredirect&to=YXdheS5waHA/Y2Nfa2V5PWNDdjhhcyZ0bz1odHRwcyUzQSUyRiUyRm9ubGluZS0yOTEuZnJhdWRndWFyZC5lcyUyRndlYjk- HTTP 301
    https://vk.com/away.php?cc_key=cCv8as&to=https%3A%2F%2Fonline-291.fraudguard.es%2Fweb9 HTTP 302
    https://away.vk.com/away.php?rh=487bf7c4-9095-4b11-8bf0-a6ab99b0eba4 Page URL
  2. https://online-291.fraudguard.es/web9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://vk.cc/cCv8as HTTP 302
  • https://vkontakte.ru/away.php?cc_key=cCv8as&to=https%3A%2F%2Fonline-291.fraudguard.es%2Fweb9 HTTP 301
  • https://vk.com/login?act=vkcomredirect&to=YXdheS5waHA/Y2Nfa2V5PWNDdjhhcyZ0bz1odHRwcyUzQSUyRiUyRm9ubGluZS0yOTEuZnJhdWRndWFyZC5lcyUyRndlYjk- HTTP 301
  • https://vk.com/away.php?cc_key=cCv8as&to=https%3A%2F%2Fonline-291.fraudguard.es%2Fweb9 HTTP 302
  • https://away.vk.com/away.php?rh=487bf7c4-9095-4b11-8bf0-a6ab99b0eba4

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
away.php
away.vk.com/
Redirect Chain
  • https://vk.cc/cCv8as
  • https://vkontakte.ru/away.php?cc_key=cCv8as&to=https%3A%2F%2Fonline-291.fraudguard.es%2Fweb9
  • https://vk.com/login?act=vkcomredirect&to=YXdheS5waHA/Y2Nfa2V5PWNDdjhhcyZ0bz1odHRwcyUzQSUyRiUyRm9ubGluZS0yOTEuZnJhdWRndWFyZC5lcyUyRndlYjk-
  • https://vk.com/away.php?cc_key=cCv8as&to=https%3A%2F%2Fonline-291.fraudguard.es%2Fweb9
  • https://away.vk.com/away.php?rh=487bf7c4-9095-4b11-8bf0-a6ab99b0eba4
771 B
1 KB
Document
General
Full URL
https://away.vk.com/away.php?rh=487bf7c4-9095-4b11-8bf0-a6ab99b0eba4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.240.129.133 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv133-129-240-87.vk.com
Software
kittenx / KPHP/7.4.118859
Resource Hash
d4cc53f85f36019cf1aac66891dd1f93e65eaf9293743308d23c1d1f2e97f279
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-expose-headers
X-Frontend
cache-control
no-store
content-encoding
gzip
content-length
434
content-type
text/html; charset=windows-1251
date
Tue, 15 Oct 2024 19:07:26 GMT
server
kittenx
server-timing
tid;desc="3-9zdZkw9U8lfcr8iu2y_jCJkkpw6w",front;dur=0.296
x-frame-options
DENY
x-frontend
front656900
x-powered-by
KPHP/7.4.118859
x-trace-id
3-9zdZkw9U8lfcr8iu2y_jCJkkpw6w

Redirect headers

access-control-expose-headers
X-Frontend
cache-control
no-store
content-encoding
gzip
content-length
20
content-type
text/html; charset=windows-1251
date
Tue, 15 Oct 2024 19:07:26 GMT
location
https://away.vk.com/away.php?rh=487bf7c4-9095-4b11-8bf0-a6ab99b0eba4
origin-agent-cluster
?0
server
kittenx
server-timing
tid;desc="Z4C1093JQAlLJnlri7ngTFrTW14Bww",front;dur=0.093
strict-transport-security
max-age=15768000
x-frame-options
DENY
x-frontend
front925000
x-powered-by
KPHP/7.4.118859
x-trace-id
Z4C1093JQAlLJnlri7ngTFrTW14Bww
sync-loader.js
ad.mail.ru/static/
151 KB
40 KB
Script
General
Full URL
https://ad.mail.ru/static/sync-loader.js
Requested by
Host: away.vk.com
URL: https://away.vk.com/away.php?rh=487bf7c4-9095-4b11-8bf0-a6ab99b0eba4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://away.vk.com
Referer
https://away.vk.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=600
Timing-Allow-Origin
*
Content-Encoding
gzip
Connection
keep-alive
Expires
Tue, 15 Oct 2024 19:17:27 GMT
Access-Control-Allow-Origin
*
Date
Tue, 15 Oct 2024 19:07:27 GMT
Content-Type
application/javascript;charset=UTF-8
Server
nginx
Primary Request web9
online-291.fraudguard.es/
12 KB
10 KB
Document
General
Full URL
https://online-291.fraudguard.es/web9
Requested by
Host: away.vk.com
URL: https://away.vk.com/away.php?rh=487bf7c4-9095-4b11-8bf0-a6ab99b0eba4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7800a1e385f5aee1cca3e4399a25ef772c5a65c3e65e71cd58f34f2466d76f1b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://away.vk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
Dc2xGAGFNs6UDR9OwQvWsGX/cein1sQr+jGj0qGPACh8lwX06hpBjqqvbsw1x2lnLEWewtVNPnN4EF6VdTHYOxbAvgh5l6rYdzd4OTT4rV9XdrxARLU1Mm0zB1+PjzKAVi0GiMJW/IsjU1KN9Kg1hw==$v955kxGEegjo93I0Ry4Lyg==
cf-mitigated
challenge
cf-ray
8d32179cff797c87-EWR
content-encoding
zstd
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 15 Oct 2024 19:07:28 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FtdEsYyiSQgJyqCUspo%2FKgY75h2NDQOLr36d7Z9KjLOfzVP2mX0jAr96S%2B2l8jS4SAFJYqHEmJf8qAH8GED2F2NIc21na1bhAhUQgRd%2Fd5Rxz9bQZoYitt9vo%2FX63T%2FtqnJvg5WxtgNsDXgA3gN10BiX7T8DFd4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN
/
privacy-cs.mail.ru/fp/ Frame
0
0
Preflight
General
Full URL
https://privacy-cs.mail.ru/fp/?id=G-NyqHEU62dz4LflK6XDU
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a00:1148:1000:101:8:3:0:17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://away.vk.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Method
POST
Access-Control-Allow-Origin
https://away.vk.com
Access-Control-Max-Age
1728000
Cache-Control
max-age=7200
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
Date
Tue, 15 Oct 2024 19:07:28 GMT
Expires
Tue, 15 Oct 2024 21:07:28 GMT
Server
nginx
/
privacy-cs.mail.ru/fp/
0
0

speculation
online-291.fraudguard.es/cdn-cgi/
0
0
Other
General
Full URL
https://online-291.fraudguard.es/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://online-291.fraudguard.es
Referer
https://online-291.fraudguard.es/web9

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E4nRyis02YlDhsjNB7zddkdsPE7XPItVEzxvb%2F0IEMNx%2F7IOVgAjWRqDOSVNv3MhELm8puu671xJsYHCaYRVUiBl4ht59RPjbdrZQ2NA%2Fi%2BJJcBjzO8XjlKV6Ic8gw2mpWllmVSbEmRUSqIsssSl%2FGVkpc64%2BW0%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-content-options
nosniff
date
Tue, 15 Oct 2024 19:07:28 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
hC6CxnB/iytVs6tFY6Yc4B+w/dmEbwFBPmwQkets5POAI5R6GVuzHmlw9HTYG5bGmI3Q1njE3v9c8JLDgvVpYGv0/9gRW/995HBz/4N9DcBBuLPDoc7Kfu2hZ5duU0ERd1xeOX6aV96M2KVZtwqtXQ==$TCKqtovC8SgllDs9gdFhdw==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
speculation-rules
"/cdn-cgi/speculation"
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d32179d4fe07c87-EWR
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
v1
online-291.fraudguard.es/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/
158 KB
60 KB
Script
General
Full URL
https://online-291.fraudguard.es/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d32179cff797c87
Requested by
Host: online-291.fraudguard.es
URL: https://online-291.fraudguard.es/web9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
245ced653d38b406186df84a87551b2979905c79f158d40887fbcda2c72957fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://online-291.fraudguard.es/web9?__cf_chl_rt_tk=ZKSNTMwKi0dtf.DIR15xo2LfFPtACtnHPly6Ep_5H_U-1729019248-1.0.1.1-Plimc0Tk.m1HVy_fQMP2dgT1FxEiHG3ISPxmW8vmuFU

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZxJvKzj8OIKKPZUP81aRLZFRIe19aBTB%2BKQmRawWtLCbEpzQ1l82N%2BVexe1Zj0nBO58TG3umLjJCD%2B%2Bfg%2F0l7cc46FrXA7Yv8eqqtSKZed%2FXDcMIcIx%2B1ZjATzKx%2Byba62Z4QUbW6SF1I8LWfKYe8t7qru6pPhA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d32179d68147c87-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 19:07:28 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
9c92a767-436d-447b-bd83-1421634ce857
https://online-291.fraudguard.es/ Frame
0
0

api.js
challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/
46 KB
16 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/api.js?onload=DXjyL6&render=explicit
Requested by
Host: online-291.fraudguard.es
URL: https://online-291.fraudguard.es/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d32179cff797c87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea786910282df7ae154a0011375cd1254adbd8ef0e75eb62177ada67daf9611

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://online-291.fraudguard.es
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8d32179dd840440e-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 19:07:28 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Oct 2024 14:19:56 GMT
server
cloudflare
vary
Accept-Encoding
favicon.ico
online-291.fraudguard.es/
9 KB
9 KB
Image
General
Full URL
https://online-291.fraudguard.es/favicon.ico
Requested by
Host: online-291.fraudguard.es
URL: https://online-291.fraudguard.es/web9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73661318fa99fb5f40a6f72c811d7890a61e94bd8249863054d4db6ade6f92b4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://online-291.fraudguard.es/web9

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uf4Q%2B1jdttAg8ezm29rGRIt43wj2xdnBQN11fjo7fgXfQc90iXnrkNxV0cx0wlfVH11MJeqwSdFmrZWzVNdLKlFJSYFon1jwrZElcpaRrVQNo0OtbjLonHiUWh%2BhvBrN4zcqrnmCsrFWZMN83jMZj5euqc591Ew%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-content-options
nosniff
date
Tue, 15 Oct 2024 19:07:28 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
As4V1foIULt6PwIDz/3c/9cVtwFUcp6z/8sozIFMJHSFCyz+tDl8U1QieHWwc4beVBzVT+CX5/S+A2mmPuInsF6Tk9g/9m5o5tubFqD90NfZ6V9t0hqsjVensLGRejVwdAmWI+X/ie8fxT8fGVrpkQ==$t+/m+1MrU+9zu6Dr4fl77g==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
speculation-rules
"/cdn-cgi/speculation"
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d32179dd8cd7c87-EWR
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
favicon.ico
online-291.fraudguard.es/
9 KB
8 KB
Other
General
Full URL
https://online-291.fraudguard.es/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ded3ec3ba0cdb893e102c1692387175813bf7865b07ae6be68d43b67266195d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://online-291.fraudguard.es/web9

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1SNypsBkYq1QsXmq2tmeo8J68KFptkEzrWvKqrNhbCvDHiIxSV%2FSup1sJWLqMccmhafLDGi4f1aSCpAQWS4X9KeJP2Q285B5yFGOgNOkbSbx%2BtWkkyzlfwklRnsPTx%2FO%2BB%2F7mTThgbHGSUWgJVYnUXLFTruC9YU%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
x-content-options
nosniff
date
Tue, 15 Oct 2024 19:07:28 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
hYUUBhqzksW5UC7enYovTc0KYnDoqn6lVRe3ktFi8R79lN4cjzQQxNBmqL8ro5GSvPzth/pwOdKvsOCPM3gmiNClOoif/OS3Hwe/31u7Sv3BXDnKYKEp9UjSj4tIPAo2eFl1Ud4agi+NEVvKWGzk+Q==$QH5rzrRw96f/OWCSNpFn+A==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
speculation-rules
"/cdn-cgi/speculation"
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d32179e39557c87-EWR
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
8fdc2480a1d5297
online-291.fraudguard.es/cdn-cgi/challenge-platform/h/b/flow/ov1/1573478209:1729016744:HUja2WQaBs8zVZMtLqTbu0ONTXnj1LRf2aHs0KSCSwE/8d32179cff797c87/
17 KB
13 KB
XHR
General
Full URL
https://online-291.fraudguard.es/cdn-cgi/challenge-platform/h/b/flow/ov1/1573478209:1729016744:HUja2WQaBs8zVZMtLqTbu0ONTXnj1LRf2aHs0KSCSwE/8d32179cff797c87/8fdc2480a1d5297
Requested by
Host: online-291.fraudguard.es
URL: https://online-291.fraudguard.es/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d32179cff797c87
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:5e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c75a166b9f69542a1dc5779205f6ab27a4cade8f954badd6fb9038362b5b8cdb

Request headers

Referer
https://online-291.fraudguard.es/web9
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
8fdc2480a1d5297

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MX4t0Z%2BqBvxn3oTU%2FnNLaZ4xqouQ4NxLAZmVU2cricCMvo4YHid3kFUfKzb%2B1UbUu7YQmD55ridMgAx4P8ulxb5ZE50Fg4Fz5WMBKWuH7eNWvXcxeyZ%2FO6q0jSq9NkrxBsiXN4HWei8%2FOt0490flhiZlS6yvXdU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d32179e79a67c87-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 15 Oct 2024 19:07:28 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
BgpddjhgcJunyCw9FpQ/5M9382nl5D9+O6pbHvyjL3WspQzh5P3TXrVEnbqcaoLrLr+4JwzLtw==$rYyj8EcCUNHEkauy
server
cloudflare
0ad5ad29-de66-4101-8a12-4eb234041877
https://online-291.fraudguard.es/ Frame
0
0

/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/kjkcx/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame A92E
0
0
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/kjkcx/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/api.js?onload=DXjyL6&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8d32179f08ae42a9-EWR
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 15 Oct 2024 19:07:28 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
server-timing
cfExtPri

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
privacy-cs.mail.ru
URL
https://privacy-cs.mail.ru/fp/?id=G-NyqHEU62dz4LflK6XDU
Domain
online-291.fraudguard.es
URL
blob:https://online-291.fraudguard.es/9c92a767-436d-447b-bd83-1421634ce857
Domain
online-291.fraudguard.es
URL
blob:https://online-291.fraudguard.es/0ad5ad29-de66-4101-8a12-4eb234041877

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| ZcHV6 function| VBYM6 function| brdWQ0 function| HFmwV6 function| iHCC5 object| dSJo7 object| lajwG7 function| DXjyL6 boolean| Pjghl3 function| jXVRZ7 object| PZKL0 number| BuTN0 object| angular object| FnNf4 object| turnstile boolean| qVQK0 string| FUWvI4 boolean| YGymh1

6 Cookies

Domain/Path Name / Value
.vkontakte.ru/ Name: remixstlid
Value: 9095205753007877935_uhxwq2RvmrMVPDw9YOof15Ojd0ZuyjStb5XHDoLgohL
.vk.com/ Name: remixlang
Value: 3
.vk.com/ Name: remixstlid
Value: 9057065893663948222_xGqKwCS6gIn1vyRZRHrhTQf0z9K2mXgaOS5lm4joKOw
.vk.com/ Name: remixvkcom
Value: 1
.vk.com/ Name: remixua
Value: -1%7C-1%7C214%7C3847967154
away.vk.com/ Name: domain_sid
Value: G-NyqHEU62dz4LflK6XDU%3A1729019248084

7 Console Messages

Source Level URL
Text
javascript info URL: https://ad.mail.ru/static/sync-loader.js(Line 4)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://ad.mail.ru/static/sync-loader.js(Line 4)
Message:
Failed to create WebGPU Context Provider
network error URL: https://online-291.fraudguard.es/web9
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://online-291.fraudguard.es/cdn-cgi/speculation
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://online-291.fraudguard.es/web9?__cf_chl_rt_tk=ZKSNTMwKi0dtf.DIR15xo2LfFPtACtnHPly6Ep_5H_U-1729019248-1.0.1.1-Plimc0Tk.m1HVy_fQMP2dgT1FxEiHG3ISPxmW8vmuFU
Message:
Load failed or canceled (net::ERR_ABORTED; HTTP status 403) for rule set requested from "https://online-291.fraudguard.es/cdn-cgi/speculation" found in Speculation-Rules header.
network error URL: https://online-291.fraudguard.es/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://online-291.fraudguard.es/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY