Submitted URL: http://undergroundmetro.online/
Effective URL: https://undergroundmetro.online/
Submission: On December 05 via api from US — Scanned from DE

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3031::6815:4483, located in United States and belongs to CLOUDFLARENET, US. The main domain is undergroundmetro.online.
TLS certificate: Issued by GTS CA 1P5 on October 7th 2023. Valid for: 3 months.
This is the only time undergroundmetro.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
12 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
18 3
Apex Domain
Subdomains
Transfer
13 undergroundmetro.online
undergroundmetro.online
166 KB
4 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5770
23 KB
18 2
Domain Requested by
13 undergroundmetro.online 1 redirects undergroundmetro.online
4 challenges.cloudflare.com undergroundmetro.online
challenges.cloudflare.com
18 2

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
undergroundmetro.online
GTS CA 1P5
2023-10-07 -
2024-01-05
3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3
2023-08-18 -
2024-08-17
a year crt.sh

This page contains 3 frames:

Primary Page: https://undergroundmetro.online/
Frame ID: 8DFE4DE3B6569C8E14787928D4970EF0
Requests: 18 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ossio/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: FD3A2CB925DC97530B39CAE5329321C8
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/5r005/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 9618EA8311C04717DC69B948FF12CB5E
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Just a moment...

Page URL History Show full URLs

  1. http://undergroundmetro.online/ HTTP 301
    https://undergroundmetro.online/ Page URL
  2. https://undergroundmetro.online/ Page URL

Page Statistics

18
Requests

89 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

188 kB
Transfer

466 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://undergroundmetro.online/ HTTP 301
    https://undergroundmetro.online/ Page URL
  2. https://undergroundmetro.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://undergroundmetro.online/ HTTP 301
  • https://undergroundmetro.online/

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
undergroundmetro.online/
Redirect Chain
  • http://undergroundmetro.online/
  • https://undergroundmetro.online/
6 KB
5 KB
Document
General
Full URL
https://undergroundmetro.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29d73a2068ba818bb07303e3a7f8e2b136888e548662ff6a0a59dc54d8f217cc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
830b7ba5dcbb1e18-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 05 Dec 2023 10:07:35 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8Ac6AuN6LeB0nXhjZCZQ1topwmufUs8WabX9RH5u2F1r38n0Um720mQWDSbUIiPgeTZ5jbqq%2FBTgAC9jv91m3b7aqwoAUOBT2VsLFFg%2FCj2r2EPBhsBwZjuh3RjKLsmhLhYq%2FdhuKYH60W6jnwvRrScQruCnw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

CF-RAY
830b7ba5ab1a9189-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 05 Dec 2023 10:07:35 GMT
Expires
Tue, 05 Dec 2023 11:07:35 GMT
Location
https://undergroundmetro.online/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnKhyvS%2BFLOlaVGm%2BQfvyJjhW0sLgupiZpHrubPpieIAKjrpH8%2BE6rTjYEr8gmyto7QSFmyHYNbgv0lThfgYcQlC9l5vsVI2OEQhBSDYZ3%2FoTqiajoG1yuy%2F8oL5gktzND6DIOxcDBXzhv0xnUy3GOsCpVqlQw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
challenges.css
undergroundmetro.online/cdn-cgi/styles/
6 KB
3 KB
Stylesheet
General
Full URL
https://undergroundmetro.online/cdn-cgi/styles/challenges.css
Requested by
Host: undergroundmetro.online
URL: https://undergroundmetro.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://undergroundmetro.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:07:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Nov 2023 16:06:21 GMT
server
cloudflare
etag
W/"65660ffd-19c8"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
830b7ba60d131e18-FRA
expires
Tue, 05 Dec 2023 12:07:35 GMT
v1
undergroundmetro.online/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/
171 KB
58 KB
Script
General
Full URL
https://undergroundmetro.online/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=830b7ba5dcbb1e18
Requested by
Host: undergroundmetro.online
URL: https://undergroundmetro.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4544143755be194cbc9224e494359ea82a0e6ac25147d61c7b1bb477c8007242

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://undergroundmetro.online/?__cf_chl_rt_tk=U1kaaYhmUHcgCNSxVZtb24nTKsDBNX53aWq0c7NB4_w-1701770855-0-gaNycGzNDRA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:07:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZacYpGIuzLz7%2FiLcECvAVE20oCmYuV0yQLvIagMbgH0%2FnapspNRgRM%2F3IoUxfJKCj%2BgPSF5GWrueaYvmj%2BuDGwH0NtB%2B19KWHyIxqM%2BLRTJCxN0ylkDcaQFwLaj40DarI%2FyMWyuhJ9%2FdRrsNF7lCp3zOTvm8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
830b7ba61d391e18-FRA
alt-svc
h3=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/b/56d3063b/
33 KB
11 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/56d3063b/api.js?onload=CUdK8&render=explicit
Requested by
Host: undergroundmetro.online
URL: https://undergroundmetro.online/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=830b7ba5dcbb1e18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acbe221d9bb71e85d0a3b52a7a9d44ee4669ab664186b32d0c737a2be62681e7

Request headers

Referer
Origin
https://undergroundmetro.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:07:35 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
830b7ba66833bbd4-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
undergroundmetro.online/
7 KB
7 KB
Image
General
Full URL
https://undergroundmetro.online/favicon.ico
Requested by
Host: undergroundmetro.online
URL: https://undergroundmetro.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4b2d390e9ff4ce6a580eb7b2b72044b6a2d96ee31f5f9c63dfd53424f3c3cd1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://undergroundmetro.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:07:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFaelODaHZ0qKLduO9PiseJmLSZrR2sQ%2B5MkPw4k4iqJ80BPqC2R5UapZ2ZpdtkGc3GBAwKBpt5HWdIfpG7mqyct0sm8lA1ZkRo6NS1tV3tvUKeM5V%2BTp3uyTTINdjEtYlk3R8H2eQJMzDMgn3mhnm9C9Aiq1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
830b7ba6581b3636-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/
586 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
a022b396-cba2-4303-b526-eeaf1249d34a
https://undergroundmetro.online/
13 B
0
Other
General
Full URL
blob:https://undergroundmetro.online/a022b396-cba2-4303-b526-eeaf1249d34a
Requested by
Host: undergroundmetro.online
URL: https://undergroundmetro.online/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://undergroundmetro.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
de41ff2c5c2c726
undergroundmetro.online/cdn-cgi/challenge-platform/h/b/flow/ov1/2054093393:1701767203:VNQhEoAUkF7OS4fRTHzB-PWAwjhKExoLNZtSsFCzzXI/830b7ba5dcbb1e18/
12 KB
10 KB
XHR
General
Full URL
https://undergroundmetro.online/cdn-cgi/challenge-platform/h/b/flow/ov1/2054093393:1701767203:VNQhEoAUkF7OS4fRTHzB-PWAwjhKExoLNZtSsFCzzXI/830b7ba5dcbb1e18/de41ff2c5c2c726
Requested by
Host: undergroundmetro.online
URL: https://undergroundmetro.online/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=830b7ba5dcbb1e18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87a980183a48d3434cd3c88bf1ea520bd658c8b1363d51e39f45e133c71fe50d

Request headers

Referer
https://undergroundmetro.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
CF-Challenge
de41ff2c5c2c726
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 05 Dec 2023 10:07:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GnivkHcm4Gg4dQIEvPIpa9oqS4rvKMFbqiyjc86MBopy3DYSgClP1btRu0nERn2Q9cMOT2mK4uyupIe%2BrAUD9VKMa1a2wSC7BAqyJihxONEZnai5u%2BAqYh98KQ7nvAcDBQwkW99CmfN0GSRP%2FNtdWcsLJESpoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
830b7ba6f8de3636-FRA
alt-svc
h3=":443"; ma=86400
cf-chl-gen
rX1RDQilfhKEFHh3VLlLE6QvBZwizSFW1VxjuMjEdh6QXwvnxFoLTXWq2Wi15sTW$gpa6+MWbztJkqqOhT5tH2g==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ossio/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame FD3A
0
0
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ossio/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/56d3063b/api.js?onload=CUdK8&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
830b7ba74ba29049-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 10:07:35 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
de41ff2c5c2c726
undergroundmetro.online/cdn-cgi/challenge-platform/h/b/flow/ov1/2054093393:1701767203:VNQhEoAUkF7OS4fRTHzB-PWAwjhKExoLNZtSsFCzzXI/830b7ba5dcbb1e18/
2 KB
2 KB
XHR
General
Full URL
https://undergroundmetro.online/cdn-cgi/challenge-platform/h/b/flow/ov1/2054093393:1701767203:VNQhEoAUkF7OS4fRTHzB-PWAwjhKExoLNZtSsFCzzXI/830b7ba5dcbb1e18/de41ff2c5c2c726
Requested by
Host: undergroundmetro.online
URL: https://undergroundmetro.online/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=830b7ba5dcbb1e18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a9494c02f1e92e1f1a9bf6da9dc08e2d418e28dd101d4ebaeb432a8464740ff

Request headers

Referer
https://undergroundmetro.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
CF-Challenge
de41ff2c5c2c726
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-out
zYjZKEijuNlo+83wRmP3tnn7HWL7XC8BeW0ln9enCZxHwjqJIyuEy74CNE3ksa1kQS2myN43FsPibRfRh1rE7adJHiKNDhATPmCukMtChrk=$7UpVodyjw3evWqS8CoaX0w==
cf-chl-out-s
uuugd0lbT45seItwMsoauxYfbNEabka+93AgtPUuy5YnCsE7veefcyH5nscUT1vV5QPfWibmFXhqv/+1TQgAy1kU8twcbpuZFozYOzStnECOLNCkEO2fYnf4TVAEh28AOlv7wXm3OJw4WXg4PBxYTQ==$vIhv2jAsloF7HrjasHGUKA==
date
Tue, 05 Dec 2023 10:07:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sVUNTsMlqHhkG7SYU08mIThcYWvZVLOzoDe%2BzyyVS9gava1eIJNoSRREZ4rhPshtO0tQnSzRA5BQDw85CUpRw60BeE%2B%2BetG7aCU%2BhfLZyhHH4M%2BPb5kmm8RAHB3fLuObcVf5Tv32y5GaXqOdvkNmQWoXazdM%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
830b7ba95bc33636-FRA
alt-svc
h3=":443"; ma=86400
Primary Request /
undergroundmetro.online/
6 KB
5 KB
Document
General
Full URL
https://undergroundmetro.online/
Requested by
Host: undergroundmetro.online
URL: https://undergroundmetro.online/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=830b7ba5dcbb1e18
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
130995ee73e6edc8ef8393eaf79ee9a37fdbb41eee4e60e00e9b91da8a65d6cb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://undergroundmetro.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
830b7bb91e5f3636-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 05 Dec 2023 10:07:38 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w18guu9Tp9zKYk9A%2B6CZo7NWwntgDQFL3encQaYYjAMoJ5N4fx%2BFPagx%2BAS%2FlvKoLlhjH%2FtnUSfh0Z%2FeHEVZRxvaycU5gK5ArxfiJgABav9WRwG%2B57q4mM0kAqwkfsUemgfbpawH6syn%2FuxPHfPAq9jIAx9OWg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
challenges.css
undergroundmetro.online/cdn-cgi/styles/
6 KB
3 KB
Stylesheet
General
Full URL
https://undergroundmetro.online/cdn-cgi/styles/challenges.css
Requested by
Host: undergroundmetro.online
URL: https://undergroundmetro.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://undergroundmetro.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:07:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 28 Nov 2023 16:06:21 GMT
server
cloudflare
etag
W/"65660ffd-19c8"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
830b7bb93e783636-FRA
expires
Tue, 05 Dec 2023 12:07:38 GMT
v1
undergroundmetro.online/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/
161 KB
55 KB
Script
General
Full URL
https://undergroundmetro.online/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=830b7bb91e5f3636
Requested by
Host: undergroundmetro.online
URL: https://undergroundmetro.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
290455b62d76759e1b547c634c33ce0f87573a987ddf84f6c6dfb9c1694294ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://undergroundmetro.online/?__cf_chl_rt_tk=ceDq_mqvX_8sGejuEn6NnPS.CeDZoUJn2VhLn03uOA4-1701770858-0-gaNycGzNCiU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:07:38 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5vnPEG0nfMHNx%2FiS3tbR0CjA7dHsc6zp6oDhqsTqRKp25qe6YRIBG5LT6pHn%2Bb3wIDr2iW4qfF5LNq6CCiKvvy%2Be1hCC0xaaNpYtQ%2FbFeT%2B0lIBB9bHHVwwtdAtEI%2FYl%2FY7q2XOC01G8NRhtjeKSAiRNr9euA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
830b7bb94e8a3636-FRA
alt-svc
h3=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/b/56d3063b/
33 KB
11 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/56d3063b/api.js?onload=CUdK8&render=explicit
Requested by
Host: undergroundmetro.online
URL: https://undergroundmetro.online/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=830b7bb91e5f3636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acbe221d9bb71e85d0a3b52a7a9d44ee4669ab664186b32d0c737a2be62681e7

Request headers

Referer
Origin
https://undergroundmetro.online
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:07:38 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
830b7bb97ad3bbd4-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
undergroundmetro.online/
6 KB
6 KB
Image
General
Full URL
https://undergroundmetro.online/favicon.ico
Requested by
Host: undergroundmetro.online
URL: https://undergroundmetro.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36cc8ba107c607a5241f13b3b4241b4d51c03b7a43c99ca253afb36d42272f11
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://undergroundmetro.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 10:07:38 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTnheyuFgXD0q029zgNP0DWulO9Xs7dAllgPV6A6YPcWn%2F5uX43EJXJhqf6k3doUd%2FIi9PWmXhdLN9lFmkewANxqwTRBI4NNZS6vFm%2BnSNNRgbKextl6WCXLExRxW6OjxCjSUF0vlWQORbETBs41EvHTXIfLpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
830b7bb97ec83636-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/
586 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
5d6bd5e0-7967-4cdc-a02d-2684db098e13
https://undergroundmetro.online/
13 B
0
Other
General
Full URL
blob:https://undergroundmetro.online/5d6bd5e0-7967-4cdc-a02d-2684db098e13
Requested by
Host: undergroundmetro.online
URL: https://undergroundmetro.online/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://undergroundmetro.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
f1585aa54dcf50f
undergroundmetro.online/cdn-cgi/challenge-platform/h/b/flow/ov1/1479737933:1701767290:-2N0fDq13YWyMGVRTpWg2_VFJ54sPPUVsbwFIPVhrcA/830b7bb91e5f3636/
12 KB
10 KB
XHR
General
Full URL
https://undergroundmetro.online/cdn-cgi/challenge-platform/h/b/flow/ov1/1479737933:1701767290:-2N0fDq13YWyMGVRTpWg2_VFJ54sPPUVsbwFIPVhrcA/830b7bb91e5f3636/f1585aa54dcf50f
Requested by
Host: undergroundmetro.online
URL: https://undergroundmetro.online/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=830b7bb91e5f3636
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd00c0067a0a6361e595e07afba25f05ce4d51ec48c92b2ea394baa42c9792be

Request headers

Referer
https://undergroundmetro.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
CF-Challenge
f1585aa54dcf50f
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 05 Dec 2023 10:07:38 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3QThXuHQ05dRvcu2G2aOjVI1o%2BZrNA%2BLpIK%2BGgmmGH%2BJdMH5EHMrUMGVEiAGZ1kjYHDwF%2FYgMxF%2BQN9FpwNaYyj6hjlwUpf7cJMXEQuE9hjAof1SEFEb49WOGpNmoiRVcgfrBRSmLx7a8dBV8%2Fnbw5mESIVIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
830b7bba2f7b3636-FRA
alt-svc
h3=":443"; ma=86400
cf-chl-gen
VqEJ8Pp1Myplw8ySXgSd2y8PnOWYZGKovsut2mzEr9KFsDbE27o+a4/4sW1KXF9m$fTY7fhipb/1UDcoB4Azb5w==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/5r005/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 9618
0
0
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/5r005/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/56d3063b/api.js?onload=CUdK8&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
830b7bbdbfa59049-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 10:07:39 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
f1585aa54dcf50f
undergroundmetro.online/cdn-cgi/challenge-platform/h/b/flow/ov1/1479737933:1701767290:-2N0fDq13YWyMGVRTpWg2_VFJ54sPPUVsbwFIPVhrcA/830b7bb91e5f3636/
2 KB
2 KB
XHR
General
Full URL
https://undergroundmetro.online/cdn-cgi/challenge-platform/h/b/flow/ov1/1479737933:1701767290:-2N0fDq13YWyMGVRTpWg2_VFJ54sPPUVsbwFIPVhrcA/830b7bb91e5f3636/f1585aa54dcf50f
Requested by
Host: undergroundmetro.online
URL: https://undergroundmetro.online/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=830b7bb91e5f3636
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0578b98f85b959f5abfcd7f3ba00fa2b1acc34dc964324d7dff1dd6bd1cdaba

Request headers

Referer
https://undergroundmetro.online/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
CF-Challenge
f1585aa54dcf50f
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-out
TYGSYmQlJDpc4KyRpkZYyUDOY30Njv8dXOMB8jjRWH7raUJPdf2DhLicWcH8G/bw4vigi/Afo08sPKa7fzZ0zVvS6iQJpOjuf4UOCmJb0oQ=$3z3u++Lb8nN6iQv8ErjfCg==
cf-chl-out-s
c9nuKMmXdrpOd5OILBWJpS5L2ALgJfylJhefq/1EvzAs0meYtYP9KE2DO/APc3SlHOCdK8kzElF164CaNZbsP5ncqG2y2VV+KDqXOkABzRy8T/d778mCncL6hXqc/dx1xCIZkxNfDccSR+jyDLeTKmHYXO2KSK71lsYfMqEtJLS2Po+pQQInVckoF83GAlHLlJdIzEA9IpmGQWjoDZzVNvJEDzPSzAL9796d11FX1HaBuGsmdsPCdtwoGzxJ+s+a$4OEUhGGVeHwyDDCyoqtuWw==
date
Tue, 05 Dec 2023 10:07:39 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHg8c8NDVkYiNaZmta07J7rpes%2BvdlAxkXWEAeQA%2Fx9j0wxDwLYSYgdzoUW0i22ZnO3zyTArGxdJzynt1C27HBRXKQ6AhXs%2BvMybKW%2Fd5iFaOp5QIytZw3nK0K4hveQEk4E7nuY5%2BkkuqMDqQw%2BQ05SjkHBMvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
830b7bbf7dd33636-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| _cf_chl_opt function| wGYW8 function| hlzyA6 function| vXWd6 object| sDHjJi8 function| uAOSyxDlHS function| lCYJu2 function| CUdK8 boolean| ZULgT7 function| mvyCA0 object| nWgH4 object| turnstile boolean| yMFKo6 string| Rfbpq3

1 Cookies

Domain/Path Name / Value
undergroundmetro.online/ Name: cf_chl_rc_m
Value: 1

8 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://undergroundmetro.online/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://undergroundmetro.online/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://undergroundmetro.online/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://undergroundmetro.online/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN