urlscan.io logo urlscan.io
SecurityTrails logo

nadodeneg.ru Open in urlscan Pro
2606:4700::6812:f19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lnkrdrct.com/go/s7v5hih49q?subid1=1hohdtnubicse1jxrudc4fdoycamoamh&subid2=14985&subid3=s7v5hih49q&subid4=1&su...
Effective URL: https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20...
Submission: On October 30 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 2606:4700::6812:f19, located in United States and belongs to CLOUDFLARENET, US. The main domain is nadodeneg.ru.
TLS certificate: Issued by WE1 on September 16th 2024. Valid for: 3 months.
This is the only time nadodeneg.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
11 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.18.94.41 13335 (CLOUDFLAR...)
2 104.18.95.41 13335 (CLOUDFLAR...)
19 4
Apex Domain
Subdomains		 Transfer
11 nadodeneg.ru
nadodeneg.ru
134 KB
4 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3443
16 KB
1 lnkrdrct.com
lnkrdrct.com
825 B
19 3
Domain Requested by
11 nadodeneg.ru nadodeneg.ru
4 challenges.cloudflare.com nadodeneg.ru
challenges.cloudflare.com
1 lnkrdrct.com 1 redirects
19 3

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
nadodeneg.ru
WE1		 2024-09-16 -
2024-12-15		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl
Frame ID: 48938CDD82E95C3C457394B8066D5EE0
Requests: 13 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/x62xt/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: D5ED8ABE8129A432E2740D31E20CC07B
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8xcrz/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: 9AD6B89F21279C0A10A1A636BC9E9B60
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. http://lnkrdrct.com/go/s7v5hih49q?subid1=1hohdtnubicse1jxrudc4fdoycamoamh&subid2=14985&subid3=s7... HTTP 307
    https://lnkrdrct.com/go/s7v5hih49q?subid1=1hohdtnubicse1jxrudc4fdoycamoamh&subid2=14985&subid3=s7... HTTP 302
    https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click... Page URL
  2. https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click... Page URL

Page Statistics

19
Requests

79 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

150 kB
Transfer

372 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lnkrdrct.com/go/s7v5hih49q?subid1=1hohdtnubicse1jxrudc4fdoycamoamh&subid2=14985&subid3=s7v5hih49q&subid4=1&subid5=http HTTP 307
    https://lnkrdrct.com/go/s7v5hih49q?subid1=1hohdtnubicse1jxrudc4fdoycamoamh&subid2=14985&subid3=s7v5hih49q&subid4=1&subid5=http HTTP 302
    https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl Page URL
  2. https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://lnkrdrct.com/go/s7v5hih49q?subid1=1hohdtnubicse1jxrudc4fdoycamoamh&subid2=14985&subid3=s7v5hih49q&subid4=1&subid5=http HTTP 307
  • https://lnkrdrct.com/go/s7v5hih49q?subid1=1hohdtnubicse1jxrudc4fdoycamoamh&subid2=14985&subid3=s7v5hih49q&subid4=1&subid5=http HTTP 302
  • https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
nadodeneg.ru/
Redirect Chain
  • http://lnkrdrct.com/go/s7v5hih49q?subid1=1hohdtnubicse1jxrudc4fdoycamoamh&subid2=14985&subid3=s7v5hih49q&subid4=1&subid5=http
  • https://lnkrdrct.com/go/s7v5hih49q?subid1=1hohdtnubicse1jxrudc4fdoycamoamh&subid2=14985&subid3=s7v5hih49q&subid4=1&subid5=http
  • https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl
11 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ab1d1bc186ca94f5e80b0e7cbe0a802a2b5bdf8ef5cf3c5a8a1c75b9acafd3e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
7cwGA/ugwgUCPgGx08rYAXhdBhnH9NSIl/XV6N737futD08bVlKKWqj996IM3lkoQushYFHdNEVctKdL9Y0MMRZZQbdP4S1oDzlAN7zL6u8jlLa5W/e/LNSlTDIqtX8O7qBKbkz+7uIh4IzDcoAH0Q==$XNN7dnXEr6ndrpL1WYeRRg==
cf-mitigated
challenge
cf-ray
8da8dacc998525e3-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Wed, 30 Oct 2024 05:02:42 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8da8dac83fe83361-MIA
content-length
0
date
Wed, 30 Oct 2024 05:02:42 GMT
location
https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dUWZT%2Bpb0tPJA6O5kkf6g6tDlVW%2B9yNAtvqAk1WGmB4%2BzOkLCMhvkKFpdX4SubYa%2BQe1eL9QkYLdf2iVWnqNCpFB4kN6wL%2BqNE4bbWwtQS%2BbF6sS8kMtujKHgLYBwetylrDO82W6oRjHHA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=30553&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3994&recv_bytes=2391&delivery_rate=127377&cwnd=253&unsent_bytes=0&cid=a777a68091d8528b&ts=487&x=0"
v1
nadodeneg.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		100 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nadodeneg.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8da8dacc998525e3
Requested by
Host: nadodeneg.ru
URL: https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28431a342b511dd912a785449a55b0657b71e1a6c1330b6ae52f10ec6dee2f57

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl&__cf_chl_rt_tk=BYV.uYNcNag4DRIZ4hVTaVSRnR7p4GqGoPzSxbBlIws-1730264562-1.0.1.1-PpVy4Az9ISyWv5gg_BEGW0smx9YKUdvktYKLHriJj_0

Response headers

cf-ray
8da8dacd29f425e3-MIA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
date
Wed, 30 Oct 2024 05:02:42 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
408b9179-db73-4d53-a0fa-a139ac300359
https://nadodeneg.ru/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/api.js?onload=fSZI2&render=explicit
Requested by
Host: nadodeneg.ru
URL: https://nadodeneg.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8da8dacc998525e3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b75ac6f98994352699841dffa6e562725ebbd0005c539946ad3625ec550eb0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://nadodeneg.ru
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8da8dacdff1567b4-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 05:02:42 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 18 Oct 2024 17:38:58 GMT
server
cloudflare
vary
Accept-Encoding
favicon.ico
nadodeneg.ru/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nadodeneg.ru/favicon.ico
Requested by
Host: nadodeneg.ru
URL: https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2222941aa6504e7410edbc34dfa7862e6c9d66f3a4168ba463b0a70858b746f5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl

Response headers

content-encoding
gzip
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Wed, 30 Oct 2024 05:02:42 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
qCgYyQ20HM/rTGFsYHAAnVeoVsLQf06DXMW0kcWae9mxp3sF7jqh+1EcYzETM2aMIFrEmgD/N9D4WozZ87J6bCRJcyjNyeqnMRzXx5vu0CU1ZwqCeGRHIjH3URr8pGWI8mZrqu3jWIq8RCqQNBRqJA==$kCfPi4cg/8HrhgfqPtO3Vw==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8da8dacd9a5b25e3-MIA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
SixREOTy1gzbNialPvYkag9iHug1L64MBwqlX64aPbs-1730264562-1.2.1.1-peeXzqCAhT6TIqN1D5WD5NK.5oAYDXaQPA00CvaC.eIcbHq78v7lwoYAZVdctsEQ
nadodeneg.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/514360720:1730262915:V-1rUTDQEsSmTDeUggAzy2ALyCBDmx1Dlc84yOQf8RI/8da8dacc998525e3/ 		13 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nadodeneg.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/514360720:1730262915:V-1rUTDQEsSmTDeUggAzy2ALyCBDmx1Dlc84yOQf8RI/8da8dacc998525e3/SixREOTy1gzbNialPvYkag9iHug1L64MBwqlX64aPbs-1730264562-1.2.1.1-peeXzqCAhT6TIqN1D5WD5NK.5oAYDXaQPA00CvaC.eIcbHq78v7lwoYAZVdctsEQ
Requested by
Host: nadodeneg.ru
URL: https://nadodeneg.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8da8dacc998525e3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f0017488667258383f0527e9dbeabeeae37563e35feec1e5926b70a8f626d2

Request headers

Referer
https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
SixREOTy1gzbNialPvYkag9iHug1L64MBwqlX64aPbs-1730264562-1.2.1.1-peeXzqCAhT6TIqN1D5WD5NK.5oAYDXaQPA00CvaC.eIcbHq78v7lwoYAZVdctsEQ

Response headers

cf-ray
8da8dace5afe25e3-MIA
content-encoding
gzip
date
Wed, 30 Oct 2024 05:02:42 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
HxTyMa2p6jOIwE4m0kbOiBNDK3CGleRB/ERK7sBCiETt/UsLGt/HvbBLljtNBAru0zDTcZYNglI=$uB/uTOVpPJGKD9/V
server
cloudflare
favicon.ico
nadodeneg.ru/ 		8 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nadodeneg.ru/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98c307ffc3b7908c630056a46c10c762bac921493195c49b34e02ee5bd2c58dd
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl

Response headers

content-encoding
gzip
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Wed, 30 Oct 2024 05:02:42 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
KwV8WXHnZU0o5YXmTyk512wF1vCz1sFJV0rTprb4xIdUcTFYOCaagWUBPLR7K275u8bLoEQlHzjI8W1qyTKbcYKgZiXxXqtnlO7clSckk02SnqZOBdoVHOdgGeXgIzq3MBr9EBIKMhjotusS403y6w==$jsffZ8CbdQ+0ir/4YSeDRw==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8da8dace6b1e25e3-MIA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
a6edfe0e-7dc5-432a-98c9-b608fa7cf637
https://nadodeneg.ru/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/x62xt/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame D5ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/x62xt/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/api.js?onload=fSZI2&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8da8dacf0dcf0302-MIA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 30 Oct 2024 05:02:43 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
SixREOTy1gzbNialPvYkag9iHug1L64MBwqlX64aPbs-1730264562-1.2.1.1-peeXzqCAhT6TIqN1D5WD5NK.5oAYDXaQPA00CvaC.eIcbHq78v7lwoYAZVdctsEQ
nadodeneg.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/514360720:1730262915:V-1rUTDQEsSmTDeUggAzy2ALyCBDmx1Dlc84yOQf8RI/8da8dacc998525e3/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nadodeneg.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/514360720:1730262915:V-1rUTDQEsSmTDeUggAzy2ALyCBDmx1Dlc84yOQf8RI/8da8dacc998525e3/SixREOTy1gzbNialPvYkag9iHug1L64MBwqlX64aPbs-1730264562-1.2.1.1-peeXzqCAhT6TIqN1D5WD5NK.5oAYDXaQPA00CvaC.eIcbHq78v7lwoYAZVdctsEQ
Requested by
Host: nadodeneg.ru
URL: https://nadodeneg.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8da8dacc998525e3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3640c2141708a1bb47e27e51f7361b9f54f245e1e3202a01753e67f6b5ea9e1f

Request headers

Referer
https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
SixREOTy1gzbNialPvYkag9iHug1L64MBwqlX64aPbs-1730264562-1.2.1.1-peeXzqCAhT6TIqN1D5WD5NK.5oAYDXaQPA00CvaC.eIcbHq78v7lwoYAZVdctsEQ

Response headers

cf-chl-out
ep4wJ8rzSWANbJPDkl4jK6SAYAFX0Pk5l4QN20Ee0eXA4XrLfxFNkOJRr2ugxSSzQgZ/huJuRcT5a37JwJ1MhfQufHv1Q3fhpcFn0F324nvIE2YMc1prCTs=$E+t3I954ybuJtykr
cf-ray
8da8dad4785f25e3-MIA
content-encoding
gzip
cf-chl-out-s
rgytHdIT/t5gv2L9ybxwZhMBd2rYicxSewWYEEoHtmeUE6+fx5Y51UhF9Q3Dz4pmwWo/h8+oierB/5qCwwzdHDcz/sTg0mPi/ExlGOh1Ok9Z4YPqvoI+THPqBqp4scMnIyx1/o29z2yxekdCMzODZ2nqZXJE7rnA8q+iKgx6C9kLFZG1dJndNL7qVLH95bMi+oLKcL6smWQ6FyaQ5SGy65OwlTIRMc1hG6XmZ8NSYSyv/7GETa53nxwj4x9aRXD7ZNJStxHIT+DTKQworaKe2oqIcUdZLSCMtxrBchjqh+AAJ1rBh51l8/iqaT7mHhw8JJPlFQ3nrCmedSxReGAx6zOLJzAopf+/d2jwO30vhk+nsdFqcmlcsWIRudbEkZEbqbuQVwSe6DqQhuIxg4o7XRfqgoXNZxttSUF2tTECEYo6n9aqPeG0oYVTCto1x3G7QDZMxRIbBBpb+5d2UXdNKjilh9V2jhvSJpW716RXhZ3aHQKC00GbBFsO656cCPqYdicOJ7L/hTTGvNM49fOYokH6pYp3pGwGaYHx3lAKv53+CPSeAtfNZ4Uw2gDwTCoyptXG1U1cbOO8JUE34Dfh/qGC6XnSlq294AM63HQj4R27z+4F9dWIHO2pPDaWH3ZGm25EZyTVnRZm9eGob9qT3YZWDYJBDh3fdzB4w6Giu+u9V26WXswsv6OcfuVkqtQm03DoYyGFyPA7+3Okv1npFctRmJsgNDWrY1ymWYyTP+By/N5mYkKGp2PByOD18g==$q2czIOrnowVH2mo8
date
Wed, 30 Oct 2024 05:02:43 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
Primary Request /
nadodeneg.ru/ 		8 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl
Requested by
Host: nadodeneg.ru
URL: https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75cf3ce7ad1f3d6287940ccd705f3ad656690dfa48114df212e0a7da9231f5aa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
TqPUy7kNt6xhV5N9GUnBdv4D3BcrnrEX1R7KS2dw0ScX+VDHVlQAi3zF91xz9zCszkCq+YrtQ6XcWXKRKjpnO0ciewn/+kMhwwJtE0KKD9ujayNjL2SArDSmSEP242ozOzPo81Wgyo7d2GBnPB3pMw==$sUjXTeNjHws6IewMtQCnrw==
cf-mitigated
challenge
cf-ray
8da8dae16c2025e3-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Wed, 30 Oct 2024 05:02:45 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN
v1
nadodeneg.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		107 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nadodeneg.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8da8dae16c2025e3
Requested by
Host: nadodeneg.ru
URL: https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a92eaae6155efd2d3518d880d8930f29b88992a59084d9bcd7c4b27e20b771c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl&__cf_chl_rt_tk=6bMio3YuxlbqXytKC_sf5r7Iq.hE93sMLexWV5Xxv64-1730264565-1.0.1.1-s93EOuBIKWNYzoSwsNqcQ49UEeLgvQUyPQhFX0yLUx0

Response headers

cf-ray
8da8dae1cc6525e3-MIA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
date
Wed, 30 Oct 2024 05:02:46 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
f8d066be-561a-4968-b5ac-339cd1e6551e
https://nadodeneg.ru/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/ 		46 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/api.js?onload=fSZI2&render=explicit
Requested by
Host: nadodeneg.ru
URL: https://nadodeneg.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8da8dae16c2025e3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b75ac6f98994352699841dffa6e562725ebbd0005c539946ad3625ec550eb0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://nadodeneg.ru
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8da8dacdff1567b4-MIA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 05:02:42 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Fri, 18 Oct 2024 17:38:58 GMT
server
cloudflare
vary
Accept-Encoding
favicon.ico
nadodeneg.ru/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nadodeneg.ru/favicon.ico
Requested by
Host: nadodeneg.ru
URL: https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a3d162a102c905caea2ba4bd1e78666a7b5333ee192b427418f0b8a4f25b747
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl

Response headers

content-encoding
gzip
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Wed, 30 Oct 2024 05:02:46 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
PvZsXapOHWbwiQ6xXlPmGlXbFvNJBgwghgIkPyAvDNGCT1aK+zqYZzJzxnQWwwzPXPE+FtqLTBbAXNV7chgPXwlJCgrmIF6gVMjT3v31U+zxbcN3fpjcCoyEgVPEZjsUjHuV9AzBQKrDe8HEjwf2xQ==$SFEYgGkpUC18Cwbuqcpyuw==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8da8dae23cae25e3-MIA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
favicon.ico
nadodeneg.ru/ 		8 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nadodeneg.ru/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ef9dc64e0778ec1d3b807ba8fe5afd1ebff4bf0624456a56c3fdd8ff7e8d907
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl

Response headers

content-encoding
gzip
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Wed, 30 Oct 2024 05:02:46 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
GEu0EpN/LDOs0jAKC5facF2EBV3O5vbD9O0L8K+GNWA5b0+t5GszenL3j9dJ3ZG1VoIc3lUbim4+33h+BXEczxFcLMcMZvayNmLmaJTKukOOYzLLe0ocUSaW2eVkJO4GLw+haxwm4nn/v5PwLdgguA==$kgh2wDztJUCeZxnN1EPrag==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8da8dae28cfb25e3-MIA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
6kQ6A4qgXnWk6q6NGhEp7pei_oqCCdqL5LsuJV59sAg-1730264565-1.2.1.1-R6c3CDju.IqYF60DQAE0RRndP1rGYgmp6JMwwMGZTik88hVPUqP_nND6qN89LVUb
nadodeneg.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/171196015:1730262911:SLZBgKlWMU_ZbKwQ6DN89X0TiMcDsVm1yK_dRhCTVhM/8da8dae16c2025e3/ 		13 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nadodeneg.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/171196015:1730262911:SLZBgKlWMU_ZbKwQ6DN89X0TiMcDsVm1yK_dRhCTVhM/8da8dae16c2025e3/6kQ6A4qgXnWk6q6NGhEp7pei_oqCCdqL5LsuJV59sAg-1730264565-1.2.1.1-R6c3CDju.IqYF60DQAE0RRndP1rGYgmp6JMwwMGZTik88hVPUqP_nND6qN89LVUb
Requested by
Host: nadodeneg.ru
URL: https://nadodeneg.ru/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8da8dae16c2025e3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3762f1b13a7ebc31bbbe243f3de7baa1d1df6271932884ac6e666ae1b767722

Request headers

Referer
https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
6kQ6A4qgXnWk6q6NGhEp7pei_oqCCdqL5LsuJV59sAg-1730264565-1.2.1.1-R6c3CDju.IqYF60DQAE0RRndP1rGYgmp6JMwwMGZTik88hVPUqP_nND6qN89LVUb

Response headers

cf-ray
8da8dae2ed7025e3-MIA
content-encoding
gzip
date
Wed, 30 Oct 2024 05:02:46 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
pLFp1+k1CONT5CxJUHUPBckKEadZW+iPqcX7ibmqJpYm+dZw/J/dO3aCln3Mp8XLGKxlwumJR0s=$BjHL8UFsi4gKUmt4
server
cloudflare
594ebe44-6b88-454a-a502-e7fae4797063
https://nadodeneg.ru/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8xcrz/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame 9AD6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/8xcrz/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/f2bbd6738e15/api.js?onload=fSZI2&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8da8dae348860302-MIA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 30 Oct 2024 05:02:46 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
nadodeneg.ru
URL
blob:https://nadodeneg.ru/408b9179-db73-4d53-a0fa-a139ac300359
Domain
nadodeneg.ru
URL
blob:https://nadodeneg.ru/a6edfe0e-7dc5-432a-98c9-b608fa7cf637
Domain
nadodeneg.ru
URL
blob:https://nadodeneg.ru/f8d066be-561a-4968-b5ac-339cd1e6551e
Domain
nadodeneg.ru
URL
blob:https://nadodeneg.ru/594ebe44-6b88-454a-a502-e7fae4797063

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| fAov6 function| fRRiH5 function| YFsKP5 object| JKhtH0 object| Yjkgc0 function| fSZI2 function| JAEY1 function| Rqbl3 function| NeAg8 function| gqWdW0 object| fTbv6 number| frgGg8 object| angular object| ffXus1 object| turnstile boolean| cLVC4 function| _ string| fxwF6 boolean| LaVT2

4 Cookies

Domain/Path Name / Value
lnkrdrct.com/ Name: customer_key
Value: 4d49e9d3-781e-4e6e-931e-d62b130b1a19
lnkrdrct.com/ Name: c2m_uniq_s7v5hih49q
Value: s7v5hih49q
lnkrdrct.com/ Name: cid
Value: 96cliu7n3vqzzk20z4thr84muaa3vt5j
nadodeneg.ru/ Name: cf_chl_rc_ni
Value: 1

6 Console Messages

Source Level URL
Text
network error URL: https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://nadodeneg.ru/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://nadodeneg.ru/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://nadodeneg.ru/?utm_source=c2m&utm_medium=affiliate&utm_campaign=c2m_cps&utm_term=174&click_id=96cliu7n3vqzzk20z4thr84muaa3vt5j&ndl
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://nadodeneg.ru/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://nadodeneg.ru/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN