xqg5ag.ngampr.ru Open in urlscan Pro
2606:4700:20::ac43:4835 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xqg5ag.ngampr.ru/
Submission: On March 14 via manual (March 14th 2023, 5:01:13 pm UTC) from GB — Scanned from GB

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 14 HTTP transactions. The main IP is 2606:4700:20::ac43:4835, located in United States and belongs to CLOUDFLARENET, US. The main domain is xqg5ag.ngampr.ru.
TLS certificate: Issued by E1 on February 27th 2023. Valid for: 3 months.

This is the only time xqg5ag.ngampr.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:20:... 2606:4700:20::ac43:4835	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2606:4700::68... 2606:4700::6812:6b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2

7 2606:4700:20::ac43:4835 (United States)

ASN13335 (CLOUDFLARENET, US)

xqg5ag.ngampr.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:6b9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 5237	113 KB
7	ngampr.ru xqg5ag.ngampr.ru	113 KB
14	2

	Domain	Requested by
8	challenges.cloudflare.com	1 redirects xqg5ag.ngampr.ru challenges.cloudflare.com
7	xqg5ag.ngampr.ru	xqg5ag.ngampr.ru
14	2

This site contains no links.

Subject Issuer	Validity	Valid
*.ngampr.ru E1	`2023-02-27` - `2023-05-28`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://xqg5ag.ngampr.ru/
Frame ID: 93A72D3B1C673173146FD1FBEE81355E
Requests: 8 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/ekh1x/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: CD33BB1FB7CA47F5C25C20E883C6FC8E
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loading...

Page Statistics

14
Requests

93 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

226 kB
Transfer

508 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
https://challenges.cloudflare.com/turnstile/v0/b/78289926/api.js?onload=_cf_chl_turnstile_l&render=explicit

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 403 Primary Request / Show response
xqg5ag.ngampr.ru/ 7 KB
5 KB 203ms
48ms Document
text/html 2606:4700:20::ac43:4835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xqg5ag.ngampr.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

982624d59d0ec8d191d03a0f03cdc98a9224bd2192314efefbde94bbc0eb8c2c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7a7e13ad99ae071e-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Tue, 14 Mar 2023 17:01:08 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kn5sRdfJpUXQJK55OCAiD2jJ2KEo2bxvawNgKoVVu0QLGfKpQcYsQu%2BQddrkbBGvo%2BhlxVbdcrqheyVOjNqFdr2Lysk1VN%2FFRQ1KlT7lQIvkvClxrAcku8NqVXXfvOXsHZzqI0330qzmA3XlCIg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 v1 Show response
xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ 146 KB
53 KB 61ms
61ms Script
application/javascript 2606:4700:20::ac43:4835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7a7e13ad99ae071e
Requested by: Host: xqg5ag.ngampr.ru
URL: https://xqg5ag.ngampr.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df1d3fedfef9d0e25ab3b842a4263c8d9456aaeef18fac2dbaaf0a8281d34bf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xqg5ag.ngampr.ru/?__cf_chl_rt_tk=l1phOV307NUHvXLiPjF5Yg_D9hGuXRkUW_ftWIblUgw-1678813268-0-gaNycGzNCdA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 17:01:08 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6JzGeY%2FkSQiRe%2FX9lI3SwzFusvgffFkbyldZf%2B94esisg4C4ifPVYU2vhfz%2FmQ4b912R5SG4q2hEeSSIJEmc8GlfDN6PtDA%2FScdehWs723lkA3AQL%2FJJFTiySYU43jQvAkriK%2F3N5icPYhLVEsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 7a7e13ae2a92071e-LHR

GET
H2 200 transparent.gif
xqg5ag.ngampr.ru/cdn-cgi/images/trace/managed/js/ 42 B
219 B 38ms
38ms Image
image/gif 2606:4700:20::ac43:4835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xqg5ag.ngampr.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7a7e13ad99ae071e

Requested by

Host: xqg5ag.ngampr.ru
URL: https://xqg5ag.ngampr.ru/?__cf_chl_rt_tk=l1phOV307NUHvXLiPjF5Yg_D9hGuXRkUW_ftWIblUgw-1678813268-0-gaNycGzNCdA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xqg5ag.ngampr.ru/?__cf_chl_rt_tk=l1phOV307NUHvXLiPjF5Yg_D9hGuXRkUW_ftWIblUgw-1678813268-0-gaNycGzNCdA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 17:01:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 22:56:11 GMT
server: cloudflare
etag: "6407c10b-2a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 7a7e13ae2a97071e-LHR
content-length: 42
expires: Tue, 14 Mar 2023 19:01:08 GMT

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/b/78289926/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
https://challenges.cloudflare.com/turnstile/v0/b/78289926/api.js?onload=_cf_chl_turnstile_l&render=explicit

14 KB
5 KB

76ms
75ms

Script
application/javascript

2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/78289926/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by: Host: xqg5ag.ngampr.ru
URL: https://xqg5ag.ngampr.ru/
Protocol: H2
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3987d36c0215af10ae03c644e5d8cb500b98e238e2be5cd06002287e198dab70

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 17:01:08 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7a7e13afcae648b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Tue, 14 Mar 2023 17:01:08 GMT
server: cloudflare
vary: accept-encoding
location: /turnstile/v0/b/78289926/api.js?onload=_cf_chl_turnstile_l&render=explicit
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7a7e13af6a4d48b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 0b7b1a91fb47b97 Show response
xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1086735064:1678811401:mOxtdNIb2GkF8n0XY3wPUMgQSiQ7NJBVnMBlMFCCE6Y/7a7e13ad99ae071e/ 96 KB
50 KB 86ms
86ms XHR
text/plain 2606:4700:20::ac43:4835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1086735064:1678811401:mOxtdNIb2GkF8n0XY3wPUMgQSiQ7NJBVnMBlMFCCE6Y/7a7e13ad99ae071e/0b7b1a91fb47b97
Requested by: Host: xqg5ag.ngampr.ru
URL: https://xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7a7e13ad99ae071e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb5ddb58731aa4a78f1abd96128ee775b6c656d743e449f3f66ad7a755664dd4

Request headers

Referer: https://xqg5ag.ngampr.ru/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: 0b7b1a91fb47b97
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 14 Mar 2023 17:01:08 GMT
content-encoding: br
cf_chl_gen: xcYSiar7PqzspLhYWkElGg13nLMKlIDhysSJHm/rgpPMExPhPS674xRzTaE3jYESKDvHtPtYa7MzdPtNsG1Chu7Uq5U1mWTu/AGMTLoQ15vXDJ2IWFsjI9Mz9CzXG+9Um//0+9XOLiEwYm+47hqwleJDqk5RThch4hC2/rF1x10iWzkrs4ksWCy6Ups8d3s0wKE7oUb8hUNHkXu9EYnm2705qTlKqzghZMl5us9FobMUXMi22UC290uPLVDVZ5worU93w4wVgFOA/g+ljUdMB+Vtdgk6/jYCh81xeYODzSf4fHcn9XuKpdIdupc2nWAM7nmz5rmQuLyULrR3+yaJwAKy6s0suRtLTWF64wZX32fcyC2jMEm8WYl95TQLpQmi$S8LTptEXNYAVihdB5mM6Aw==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2Bdg8TJDAhlU%2BXNU6Nrv4PKJSEukmWf3vchCLLLexU3KDvCieUpaebhsMkC%2F4OwpSUGEzQu17JxT%2BByvFURps2xTk6zlvb8FZz4ZpGZNKM88gyZ9xBiYD3neMp37ouvPzSebQJinJcJ4RcbHMD8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7a7e13af7c56071e-LHR

GET
H2 401 IGKVg6ygS2MjowU Show response
xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/pat/7a7e13ad99ae071e/1678813268411/d026e6443cf4224fb190f3022171a838c1f1c3b18317074d7fffd70e97d7eb5a/ 1 B
774 B 53ms
53ms Fetch
text/plain 2606:4700:20::ac43:4835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/pat/7a7e13ad99ae071e/1678813268411/d026e6443cf4224fb190f3022171a838c1f1c3b18317074d7fffd70e97d7eb5a/IGKVg6ygS2MjowU
Requested by: Host: xqg5ag.ngampr.ru
URL: https://xqg5ag.ngampr.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xqg5ag.ngampr.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 17:01:08 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g0CbmRDz0Ik-xkPMCIXGoOMHxw7GDFwdNf__XDpfX61oAEHhxZzVhZy5uZ2FtcHIucnU=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtM36gtcQXzi5XpeTNxbMn5Uxk4ZQTSzSssfqmc92M35EvqVnBzWtAkZzNkM5nhKHweggvBeq3tfmiEKGO4UbUCDHDjNRiY0V-c7beLBsuZ5mSKHzOErYodfcpo0TmFcWETFqJIQta8mePmEsl6IQ4f3-FhDMPOBNcA_07xaVvdaMmpP5i6_0KHb-A5yJOAXW0tTZrPP1d-t_tTN69nQN4c5j2-Zg7g9pb_H5WvGlmfQ16JRFsCYSsaCXiwdvT9gI8f7hWhIy5PH-fnlNjbUWgVtVLPn-ygwPaofdcwATmdR-BgCHIGuH1yXxgr7P0JZubZChBIB96vOn1_3Bt2yRvwIDAQAB, max-age=20
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a7e13b04d21071e-LHR
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ht0e7YlUcBZc3f08mVG8P4D9OFiskMxMvojYSuMqJawJG%2BF%2BshLsbdRdEnjOb8WA0BKVGJk4DlgtDsvbrnN7oQ%2FNY5ny%2BG9ATXdD%2FBFqYaaG9BlohuGElj6GovlePbD6p%2F8toRHt0Zo8edpHWVw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 CMNuWegSxPECgzA
xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/img/7a7e13ad99ae071e/1678813268414/ 61 B
367 B 42ms
41ms Image
image/png 2606:4700:20::ac43:4835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/img/7a7e13ad99ae071e/1678813268414/CMNuWegSxPECgzA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8265a5092a098ab7110dd7944b483a1237bfd707a3c86d9992f469a347bf5d9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xqg5ag.ngampr.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 17:01:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a7e13b7acd3071e-LHR
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BPWtMDv2Kt01JD%2FoFWxawcFzAmUDAV0uwhPkEvucdkejcaJxDC%2BdCvg57O7%2B86qa45cGaMej7mhevcrGKw18lu71haFx4ByUxzDle65OMF9k20Pq0ucsre%2FDz4HfNzc4DiJL0wZ2mTWb5uFrVw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png

POST
H2 200 0b7b1a91fb47b97 Show response
xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1086735064:1678811401:mOxtdNIb2GkF8n0XY3wPUMgQSiQ7NJBVnMBlMFCCE6Y/7a7e13ad99ae071e/ 5 KB
4 KB 97ms
97ms XHR
text/plain 2606:4700:20::ac43:4835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1086735064:1678811401:mOxtdNIb2GkF8n0XY3wPUMgQSiQ7NJBVnMBlMFCCE6Y/7a7e13ad99ae071e/0b7b1a91fb47b97
Requested by: Host: xqg5ag.ngampr.ru
URL: https://xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7a7e13ad99ae071e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42a2671d91a9e3f10658273e81196b7aa2793c5969044cfb567ccfb5f75b8b3d

Request headers

Referer: https://xqg5ag.ngampr.ru/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: 0b7b1a91fb47b97
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 14 Mar 2023 17:01:09 GMT
content-encoding: br
cf_chl_gen: 2OMh1cYrmgyN0hyTC+V/hbTRWnJ34h0oGvz+wLIneuJP6ig9rQLbVX4505Zt/cwZ$q2kphW+sZyPJ8eqqxWqf0A==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWDMxYX6jhxGFFLxIrHQXU18MO1Q3I%2BGfu05KY62FsdfWBQ9L5NO7a9OCMrniDtH41BuiIVKQqbqq76d8iHqiuSCfjqk%2BG1TYvKe%2BRKWwTWACLZZaZisEAXAybTSn0q%2BgnOXoGdBfVFhRj8Nz2o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7a7e13b8eded071e-LHR

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/ekh1x/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame CD33 21 KB
7 KB 90ms
51ms Document
text/html 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/ekh1x/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e347e21e5c8376029aa3dd8a4da7cb4d7b0ab718d7945f63fee2d3613c17b0fe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7a7e13b9cdc8887a-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Tue, 14 Mar 2023 17:01:10 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame CD33 143 KB
52 KB 51ms
51ms Script
application/javascript 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7a7e13b9cdc8887a
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/ekh1x/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 053c940ad029f149c7bc3c4040cccfc3d7f2cce7f764a02e5646af538040ddac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/ekh1x/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 17:01:10 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7a7e13baefca887a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

POST
H3 200 5fb4e516ec96ed7 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/17139333:1678811434:cBPb-YJMzVcedqBGO8YZg8yJbvBfi2EoSJuew8eILWY/7a7e13b9cdc8887a/ Frame CD33 64 KB
40 KB 75ms
74ms XHR
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/17139333:1678811434:cBPb-YJMzVcedqBGO8YZg8yJbvBfi2EoSJuew8eILWY/7a7e13b9cdc8887a/5fb4e516ec96ed7
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7a7e13b9cdc8887a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 468aa86ee2e2d54ee7324d15dc9c8bdbaa3a94d89582d0b21d33f9b782548b47

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/ekh1x/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: 5fb4e516ec96ed7
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 14 Mar 2023 17:01:10 GMT
content-encoding: br
cf_chl_gen: zkVp5ogTjKeJZdzW8HIbNVQxHQalmQX3RZCTp10ofAeq/k3VMe9LVh/ds1M+U3y/ZPl7oxR/30EepAhBL6sZ1hJ5bGBf+MM7/VWfHJmZWZ3wQF28VetlD6XyiaJrJrwUH4xv7J3HUdaxeM9W7ykQkR383Mu3JiXfjpG4dXcm43OBlNuyQudes2448djSKB/PCZs0wRfUce4ZN/S++FJt9Z/y5QqO3CDBaL5rmG81i6XiHVXUuwBCfAhokKx8BuihGPz8h7BRRwQAaoCgYuXbNF8itmB0R8Qt+m5KqZ0CI/skE5k9eputUrKfiNa53l/3TbeNqSdjEk3g8/A8b3oBRLL6t4KPmIGVrhCQeuLX+Ns9y8PHfhjuKKae1hiS1bYH$u8bMVa5PujAgFE7dx5gBCQ==
server: cloudflare
cf-ray: 7a7e13bc5a74887a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 2tBGKH1xQlVTeXc
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7a7e13b9cdc8887a/1678813270477/ Frame CD33 61 B
166 B 68ms
67ms Image
image/png 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7a7e13b9cdc8887a/1678813270477/2tBGKH1xQlVTeXc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4792e01fee3771b737e0ddb96eb59f33c2366fce0edd113f52cf2f970091e7d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/ekh1x/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 17:01:11 GMT
server: cloudflare
cf-ray: 7a7e13c3b8cb887a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/png

GET
H3 401 bVVUGzTf2MTaM_0 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7a7e13b9cdc8887a/1678813270478/52f48682ef6842340268c25c3a6fc40c3c60cb9670aedb5f57782d86068b79bb/ Frame CD33 1 B
645 B 52ms
52ms Fetch
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7a7e13b9cdc8887a/1678813270478/52f48682ef6842340268c25c3a6fc40c3c60cb9670aedb5f57782d86068b79bb/bVVUGzTf2MTaM_0
Requested by: Host: xqg5ag.ngampr.ru
URL: https://xqg5ag.ngampr.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/ekh1x/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 17:01:11 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gUvSGgu9oQjQCaMJcOm_EDDxgy5ZwrttfV3gthgaLebsAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtM36gtcQXzi5XpeTNxbMn5Uxk4ZQTSzSssfqmc92M35EvqVnBzWtAkZzNkM5nhKHweggvBeq3tfmiEKGO4UbUCDHDjNRiY0V-c7beLBsuZ5mSKHzOErYodfcpo0TmFcWETFqJIQta8mePmEsl6IQ4f3-FhDMPOBNcA_07xaVvdaMmpP5i6_0KHb-A5yJOAXW0tTZrPP1d-t_tTN69nQN4c5j2-Zg7g9pb_H5WvGlmfQ16JRFsCYSsaCXiwdvT9gI8f7hWhIy5PH-fnlNjbUWgVtVLPn-ygwPaofdcwATmdR-BgCHIGuH1yXxgr7P0JZubZChBIB96vOn1_3Bt2yRvwIDAQAB, max-age=20
server: cloudflare
cf-ray: 7a7e13c429ba887a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

POST
H3 200 5fb4e516ec96ed7 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/17139333:1678811434:cBPb-YJMzVcedqBGO8YZg8yJbvBfi2EoSJuew8eILWY/7a7e13b9cdc8887a/ Frame CD33 11 KB
8 KB 82ms
79ms XHR
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/17139333:1678811434:cBPb-YJMzVcedqBGO8YZg8yJbvBfi2EoSJuew8eILWY/7a7e13b9cdc8887a/5fb4e516ec96ed7
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7a7e13b9cdc8887a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ed2f0cbd412a3c5ea70f3182ce80b6c9acc8e3c7c5227b6861eb0063eb5074

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/ekh1x/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: 5fb4e516ec96ed7
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 14 Mar 2023 17:01:11 GMT
content-encoding: br
cf_chl_gen: KSYhXsmSFMCQ9NCLjvnrbPPN7amniLYHBm6xrPWaab/GDpknIaMNlf6Xi1LMWggd$anTomUqBRmFIg2YKpfLE2Q==
server: cloudflare
cf-ray: 7a7e13c51bc9887a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://xqg5ag.ngampr.ru/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/pat/7a7e13ad99ae071e/1678813268411/d026e6443cf4224fb190f3022171a838c1f1c3b18317074d7fffd70e97d7eb5a/IGKVg6ygS2MjowU Message: Failed to load resource: the server responded with a status of 401 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7a7e13b9cdc8887a/1678813270478/52f48682ef6842340268c25c3a6fc40c3c60cb9670aedb5f57782d86068b79bb/bVVUGzTf2MTaM_0 Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
xqg5ag.ngampr.ru
2606:4700:20::ac43:4835
2606:4700::6812:6b9
053c940ad029f149c7bc3c4040cccfc3d7f2cce7f764a02e5646af538040ddac
3987d36c0215af10ae03c644e5d8cb500b98e238e2be5cd06002287e198dab70
42a2671d91a9e3f10658273e81196b7aa2793c5969044cfb567ccfb5f75b8b3d
468aa86ee2e2d54ee7324d15dc9c8bdbaa3a94d89582d0b21d33f9b782548b47
47ed2f0cbd412a3c5ea70f3182ce80b6c9acc8e3c7c5227b6861eb0063eb5074
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7df1d3fedfef9d0e25ab3b842a4263c8d9456aaeef18fac2dbaaf0a8281d34bf
982624d59d0ec8d191d03a0f03cdc98a9224bd2192314efefbde94bbc0eb8c2c
b4792e01fee3771b737e0ddb96eb59f33c2366fce0edd113f52cf2f970091e7d
e347e21e5c8376029aa3dd8a4da7cb4d7b0ab718d7945f63fee2d3613c17b0fe
eb5ddb58731aa4a78f1abd96128ee775b6c656d743e449f3f66ad7a755664dd4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8265a5092a098ab7110dd7944b483a1237bfd707a3c86d9992f469a347bf5d9

xqg5ag.ngampr.ru Open in urlscan Pro 2606:4700:20::ac43:4835 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

14 Requests

93 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

226 kBTransfer

508 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

0 Cookies

5 Console Messages

Security Headers

Indicators

xqg5ag.ngampr.ru Open in urlscan Pro
2606:4700:20::ac43:4835 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

226 kB
Transfer

508 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions