urlscan.io logo urlscan.io
SecurityTrails logo

zgfragxhdhloc2fwa2q.e9q.ru Open in urlscan Pro
141.95.99.203  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://apiservices.krxd.net/click_tracker/track?kxconfid=whjxbtb0h&_knopii=1&kxcampaignid=P.C.C-Class.W206.L.MI&kxplacementi...
Effective URL: https://zgfragxhdhloc2fwa2q.e9q.ru/NmRvbmVwcw/
Submission: On June 29 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 15 HTTP transactions. The main IP is 141.95.99.203, located in France and belongs to OVH, FR. The main domain is zgfragxhdhloc2fwa2q.e9q.ru.
TLS certificate: Issued by R3 on June 25th 2023. Valid for: 3 months.
This is the only time zgfragxhdhloc2fwa2q.e9q.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 151.101.194.133 54113 (FASTLY)
1 50.87.153.118 46606 (UNIFIEDLA...)
1 141.95.99.203 16276 (OVH)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
15 6
1    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
apiservices.krxd.net
1    50.87.153.118 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 50-87-153-118.unifiedlayer.com
psychicreaderkara.com
1    141.95.99.203 (France)

ASN16276 (OVH, FR)
PTR: s614.fra6.mysecurecloudhost.com
zgfragxhdhloc2fwa2q.e9q.ru
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
8    2606:4700::6811:2b8 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5263
229 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368
25 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 749
30 KB
1 e9q.ru
zgfragxhdhloc2fwa2q.e9q.ru
2 KB
1 psychicreaderkara.com
psychicreaderkara.com
124 B
1 krxd.net
apiservices.krxd.net — Cisco Umbrella Rank: 36209
255 B
15 6
Domain Requested by
8 challenges.cloudflare.com 1 redirects zgfragxhdhloc2fwa2q.e9q.ru
challenges.cloudflare.com
1 cdn.jsdelivr.net psychicreaderkara.com
1 code.jquery.com psychicreaderkara.com
1 zgfragxhdhloc2fwa2q.e9q.ru
1 psychicreaderkara.com
1 apiservices.krxd.net 1 redirects
15 6

This site contains no links.

Subject Issuer Validity Valid
*.psychicreaderkara.com
R3		 2023-06-21 -
2023-09-19		 3 months crt.sh
www.c2hhcmvkzgf0yxm.e9q.ru
R3		 2023-06-25 -
2023-09-23		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://zgfragxhdhloc2fwa2q.e9q.ru/NmRvbmVwcw/
Frame ID: 23BCA1CA3D0FB681943B93F506CE9DCD
Requests: 6 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m8b4b/0x4AAAAAAAGhVwc1OmnbOFA_/auto/normal
Frame ID: EAAB569B83CAD038FA03FC30ED50D62E
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

15
Requests

67 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

287 kB
Transfer

672 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://apiservices.krxd.net/click_tracker/track?kxconfid=whjxbtb0h&_knopii=1&kxcampaignid=P.C.C-Class.W206.L.MI&kxplacementid=module2findmycar&kxbrand=MB&clk=https://psychicreaderkara.com%2Fnew%2Fauth%2F8588%2F%2F%2F%2FaW5mb0BhcmRhbnRhLm5s HTTP 302
  • https://psychicreaderkara.com/new/auth/8588////aW5mb0BhcmRhbnRhLm5s?_knopii=1
Request Chain 3
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/19b997cb/api.js

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
aW5mb0BhcmRhbnRhLm5s
psychicreaderkara.com/new/auth/8588////
Redirect Chain
  • https://apiservices.krxd.net/click_tracker/track?kxconfid=whjxbtb0h&_knopii=1&kxcampaignid=P.C.C-Class.W206.L.MI&kxplacementid=module2findmycar&kxbrand=MB&clk=https://psychicreaderkara.com%2Fnew%2F...
  • https://psychicreaderkara.com/new/auth/8588////aW5mb0BhcmRhbnRhLm5s?_knopii=1
0
124 B 		Document
General
Check archive.org
Download Go to
Full URL
https://psychicreaderkara.com/new/auth/8588////aW5mb0BhcmRhbnRhLm5s?_knopii=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.153.118 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-153-118.unifiedlayer.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 29 Jun 2023 18:54:05 GMT
refresh
0;url=https://zgfragxhdhloc2fwa2q.e9q.ru/NmRvbmVwcw/#info@ardanta.nl
server
Apache

Redirect headers

accept-ranges
bytes
age
0
content-length
0
date
Thu, 29 Jun 2023 18:54:03 GMT
location
https://psychicreaderkara.com/new/auth/8588////aW5mb0BhcmRhbnRhLm5s?_knopii=1
via
1.1 varnish (Varnish/5.2), 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
click-tracker-a015-ash-prod.krxd.net, cache-ams21031-AMS
x-timer
S1688064844.748809,VS0,VE99
Primary Request /
zgfragxhdhloc2fwa2q.e9q.ru/NmRvbmVwcw/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zgfragxhdhloc2fwa2q.e9q.ru/NmRvbmVwcw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.99.203 , France, ASN16276 (OVH, FR),
Reverse DNS
s614.fra6.mysecurecloudhost.com
Software
LiteSpeed / PHP/8.2.5
Resource Hash
576271a8f46faccbb51a9b216a44d06165de5f186522345b5832c9f411f20e57

Request headers

Referer
https://psychicreaderkara.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
1495
content-type
text/html; charset=UTF-8
date
Thu, 29 Jun 2023 18:54:06 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding,User-Agent
x-powered-by
PHP/8.2.5
truncated
/ 		130 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4192409c6002790ca2fb9d1c51f0f7b24d3b334cf60c994be94f202a000108f7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
text/javascript
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: psychicreaderkara.com
URL: https://psychicreaderkara.com/new/auth/8588////aW5mb0BhcmRhbnRhLm5s?_knopii=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://zgfragxhdhloc2fwa2q.e9q.ru/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 29 Jun 2023 18:54:06 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1688064846.dop225.am5.t,1688064846.cds005.am5.hn,1688064846.cds004.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
api.js
challenges.cloudflare.com/turnstile/v0/g/19b997cb/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/g/19b997cb/api.js
19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/19b997cb/api.js
Requested by
Host: zgfragxhdhloc2fwa2q.e9q.ru
URL: https://zgfragxhdhloc2fwa2q.e9q.ru/NmRvbmVwcw/
Protocol
H2
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7a5045877238b1271059b2175e224d73844f717d25ee6bb0bd4751d21490075

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://zgfragxhdhloc2fwa2q.e9q.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 18:54:06 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7df06049b9b80e58-AMS
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 29 Jun 2023 18:54:06 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/g/19b997cb/api.js
cache-control
max-age=300, public
cf-ray
7df0604989590e58-AMS
alt-svc
h3=":443"; ma=86400
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
Requested by
Host: psychicreaderkara.com
URL: https://psychicreaderkara.com/new/auth/8588////aW5mb0BhcmRhbnRhLm5s?_knopii=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://zgfragxhdhloc2fwa2q.e9q.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 29 Jun 2023 18:54:06 GMT
x-content-type-options
nosniff
content-encoding
br
age
1588088
x-jsd-version
5.0.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25360
x-served-by
cache-fra-eddf8230097-FRA, cache-bom4748-BOM
x-jsd-version-type
version
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m8b4b/0x4AAAAAAAGhVwc1OmnbOFA_/auto/ Frame EAAB 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m8b4b/0x4AAAAAAAGhVwc1OmnbOFA_/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
686060687a2acf7a47be07bde78982be36ab266eda2773adaeaa621ac7a023a1
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://zgfragxhdhloc2fwa2q.e9q.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7df0604cabd7b930-AMS
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 18:54:06 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame EAAB 		182 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7df0604cabd7b930
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m8b4b/0x4AAAAAAAGhVwc1OmnbOFA_/auto/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4de48c447f2046cfb85f3cccc40d7f58fdc641a55886309607aaf9f6ca7cd140

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m8b4b/0x4AAAAAAAGhVwc1OmnbOFA_/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 18:54:06 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7df0604d1c78b930-AMS
alt-svc
h3=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
de1ff200-895a-44fa-8614-9dfba4118d5a
https://challenges.cloudflare.com/ Frame EAAB 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/de1ff200-895a-44fa-8614-9dfba4118d5a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m8b4b/0x4AAAAAAAGhVwc1OmnbOFA_/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
6e788335a57cf36
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/91952086:1688062132:_9CCmAi0Tf3nOMX2qk7LjS3IqcKMt3ZJEvvvm6Tr44Y/7df0604cabd7b930/ Frame EAAB 		191 KB
140 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/91952086:1688062132:_9CCmAi0Tf3nOMX2qk7LjS3IqcKMt3ZJEvvvm6Tr44Y/7df0604cabd7b930/6e788335a57cf36
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7df0604cabd7b930
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf1c199eccca9ad40d1ae48d8b308f2afb1856f1ca60c8a38ff73c44886afff9

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m8b4b/0x4AAAAAAAGhVwc1OmnbOFA_/auto/normal
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge
6e788335a57cf36
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
pgP1Ah6DUWkcsTgwIRV6pnu4YKCJRTzLM7Ec+khZVITyQ8EzGNniWSuwMpuA1o0ojhhQjdHzmNhltJ+iVTr1+3HJZr+Z4XRPyg6xD4Wp0HR1SAAZOnrOTtv/AcKt7PcHaTcTID1b3SCnEAac6roQPElW1y68QaGBwWmkZU/7LuR4fv+VFl+W4dGPVpqNZw75Rp0+PR5V+DjbK84flwZKNVUqdOToXlvvax1SBL5enieu88xYIyxGd9C8PX4ZnzlSj/Ll5P3YTCm57e1oD47lKYudT4sMhDN7uDGKYykQXu3F2GJBjTFBtjoAQQDTRfXj8H3emwcWAut2J9S2qGcnsIGTN/ZeT5ANRgXBl2hinETyDeoR9qCLhaQ+CXBHHPaNXMkuSPbKKidOhPVHwmBSkuJ3CE5Gs9s23KgjamCGB7MJfx7Hd7Qg3jFTj8RFw5r8$fV5sJNzAn4HVuMj8f8n+Wg==
date
Thu, 29 Jun 2023 18:54:07 GMT
content-encoding
br
server
cloudflare
cf-ray
7df0604e8e3db930-AMS
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
b460e81d-4d82-4a76-8760-65285611989d
https://challenges.cloudflare.com/ Frame EAAB 		656 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/b460e81d-4d82-4a76-8760-65285611989d
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m8b4b/0x4AAAAAAAGhVwc1OmnbOFA_/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
656
Content-Type
text/javascript
iW5QWOp42x8_1UP
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7df0604cabd7b930/1688064847133/de8d3492d9e2479b75fcf9785de6a33fd9a12d94c972727b72ea2b83b451748e/ Frame EAAB 		1 B
627 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7df0604cabd7b930/1688064847133/de8d3492d9e2479b75fcf9785de6a33fd9a12d94c972727b72ea2b83b451748e/iW5QWOp42x8_1UP
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7df0604cabd7b930
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m8b4b/0x4AAAAAAAGhVwc1OmnbOFA_/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 18:54:07 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g3o00ktniR5t1_Pl4XeajP9mhLZTJcnJ7cuorg7RRdI4AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA0bRUcGKklfQeNNxvLFfJ4GD9tdPPxSZwJ3XYP4G2zG8DKRLBpv9Kj6N67az3XmlVlx2R0rqjt4_1YNpJnMYvq8Tp2DUxYs4U3kFA6Rbb5cTRT5nIFp10SdDKx5oEUlr5_2lhwjOJ7UX343zafxxxRigli14tfc_MdARtiZxdmy5Dm9rRf5nwlBmsWaAX3v0Uhsdw1FWqbl23kbspqAsOrzkVf57FQWXyec-WMgVpWqs6qqDPPZHzvx68neq0a7QsWfGKjfhMa9dgQCoTvz166RVORThwNko0-5Z2XOaYQhFc0ojy9K4Ht4LY-qcayfQ4DfX7RfkQ4SUsGK-uOfhA7wIDAQAB, max-age=20
server
cloudflare
cf-ray
7df06051ca84b930-AMS
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
pUUhB66tK6oznww
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7df0604cabd7b930/1688064847135/ Frame EAAB 		61 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7df0604cabd7b930/1688064847135/pUUhB66tK6oznww
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
244d99ed82869fb884bfc6b80c6319f2c7941991366cdad2a734d317153c9fae

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m8b4b/0x4AAAAAAAGhVwc1OmnbOFA_/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 18:54:07 GMT
server
cloudflare
cf-ray
7df06053ecf4b930-AMS
alt-svc
h3=":443"; ma=86400
content-type
image/png
fc955d3f-b09b-46fb-9af8-a06e7475a24c
https://challenges.cloudflare.com/ Frame EAAB 		220 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/fc955d3f-b09b-46fb-9af8-a06e7475a24c
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6b64601f895bed389aa525bed33990514b3ea089b51569aaf245f9479caeac8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m8b4b/0x4AAAAAAAGhVwc1OmnbOFA_/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
220
Content-Type
application/javascript
f44a5a20-3afd-4c4b-8cfe-fe47faf7c44b
https://challenges.cloudflare.com/ Frame EAAB 		99 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/f44a5a20-3afd-4c4b-8cfe-fe47faf7c44b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m8b4b/0x4AAAAAAAGhVwc1OmnbOFA_/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
99
Content-Type
text/javascript
6e788335a57cf36
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/91952086:1688062132:_9CCmAi0Tf3nOMX2qk7LjS3IqcKMt3ZJEvvvm6Tr44Y/7df0604cabd7b930/ Frame EAAB 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/91952086:1688062132:_9CCmAi0Tf3nOMX2qk7LjS3IqcKMt3ZJEvvvm6Tr44Y/7df0604cabd7b930/6e788335a57cf36
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7df0604cabd7b930
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c826228e9f2649381435729a36d90505474aeada5dd6f78062f101ed2858e7c5

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m8b4b/0x4AAAAAAAGhVwc1OmnbOFA_/auto/normal
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge
6e788335a57cf36
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
ywzX6VpUHb2R0slajbXQLCmwkEzK0RPEmpD/x5NcQs7Ac5fJPjWkY8g8uBDS5aNP$7k/ibQlQqK5Z6CUcIs3Tpw==
date
Thu, 29 Jun 2023 18:54:09 GMT
content-encoding
br
server
cloudflare
cf-ray
7df0605add07b930-AMS
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend string| nox function| $ function| jQuery object| turnstile function| x

1 Cookies

Domain/Path Name / Value
zgfragxhdhloc2fwa2q.e9q.ru/ Name: PHPSESSID
Value: md2m6vp0ekti45cucv9643a11m

4 Console Messages

Source Level URL
Text
javascript warning URL: data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoImh0bWwiKS5nZXRBdHRyaWJ1dGUoInZhbHVlIikpKSkpO25veD0iR3Nzc3J5Y1RXak9saWRIMFBsODMiOw==
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoImh0bWwiKS5nZXRBdHRyaWJ1dGUoInZhbHVlIikpKSkpO25veD0iR3Nzc3J5Y1RXak9saWRIMFBsODMiOw==
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7df0604cabd7b930/1688064847133/de8d3492d9e2479b75fcf9785de6a33fd9a12d94c972727b72ea2b83b451748e/iW5QWOp42x8_1UP
Message:
Failed to load resource: the server responded with a status of 401 ()