u0dboa84tl63e3dd5ec845e.causee.ru Open in urlscan Pro
2606:4700:3036::ac43:afcd Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cdigital.com.pk/lp/?va=
Effective URL:
https://u0dboa84tl63e3dd5ec845e.causee.ru/M
Submission: On April 05 via manual (April 5th 2023, 7:19:11 pm UTC) from IN — Scanned from DE

Summary HTTP 11 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3036::ac43:afcd, located in United States and belongs to CLOUDFLARENET, US. The main domain is u0dboa84tl63e3dd5ec845e.causee.ru.
TLS certificate: Issued by R3 on March 25th 2023. Valid for: 3 months.

This is the only time u0dboa84tl63e3dd5ec845e.causee.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	203.124.44.2 203.124.44.2	7590 (COMSATS C...) (COMSATS Commission on Science and Technology for)
9	2606:4700:303... 2606:4700:3036::ac43:afcd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6812:7b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	4

1 203.124.44.2 (Peshawar, Pakistan)

ASN7590 (COMSATS Commission on Science and Technology for, PK)
PTR: host201701.comsatshosting.com

cdigital.com.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3036::ac43:afcd (United States)

ASN13335 (CLOUDFLARENET, US)

u0dboa84tl63e3dd5ec845e.causee.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:7b9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	causee.ru u0dboa84tl63e3dd5ec845e.causee.ru	201 KB
2	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 5123	5 KB
1	cdigital.com.pk cdigital.com.pk	705 B
11	3

	Domain	Requested by
9	u0dboa84tl63e3dd5ec845e.causee.ru	cdigital.com.pk u0dboa84tl63e3dd5ec845e.causee.ru
2	challenges.cloudflare.com	1 redirects u0dboa84tl63e3dd5ec845e.causee.ru
1	cdigital.com.pk
11	3

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
www.cdigital.com.pk R3	`2023-03-16` - `2023-06-14`	3 months	crt.sh
*.causee.ru R3	`2023-03-25` - `2023-06-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://u0dboa84tl63e3dd5ec845e.causee.ru/M
Frame ID: AD8D662542B5483CC2490007F968B71F
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

https://cdigital.com.pk/lp/?va= Page URL
https://u0dboa84tl63e3dd5ec845e.causee.ru/M Page URL

Page Statistics

11
Requests

91 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

206 kB
Transfer

355 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=l
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cdigital.com.pk/lp/?va= Page URL
https://u0dboa84tl63e3dd5ec845e.causee.ru/M Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
https://challenges.cloudflare.com/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit

11 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
cdigital.com.pk/lp/ 463 B
705 B 1106ms
168ms Document
text/html 203.124.44.2
COMSATS Commissio...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdigital.com.pk/lp/?va=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 203.124.44.2 Peshawar, Pakistan, ASN7590 (COMSATS Commission on Science and Technology for, PK),
Reverse DNS: host201701.comsatshosting.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 463
Content-Type: text/html
Date: Wed, 05 Apr 2023 19:19:05 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Wed, 05 Apr 2023 08:49:16 GMT
Server: Apache

GET
H2 403 Primary Request M Show response
u0dboa84tl63e3dd5ec845e.causee.ru/ 7 KB
5 KB 104ms
27ms Document
text/html 2606:4700:3036::ac43:afcd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://u0dboa84tl63e3dd5ec845e.causee.ru/M

Requested by

Host: cdigital.com.pk
URL: https://cdigital.com.pk/lp/?va=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:afcd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb352976c30ebbd936e7349353adf762d48467b74daf8060cd2bb2cfa88cff5e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cdigital.com.pk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-bypass: 1
cf-ray: 7b342403baa82bd3-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Wed, 05 Apr 2023 19:19:05 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzpM2FpOST1JsDCyXH%2BR7EKX1rxzsWr9kKGBYTX0Q73vDaAVi27YRhhSmNLguMc%2B7HrpXPNdkDsIBZ4J1dBWRIvnG3F0mlywTn2LyBvjnxVwlHrMLuAj0WIFxlEqUWxiO48Gu%2BcY5k9CLa212%2FGTBEm9dniZQE3PxvF38YJuwNo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 challenges.css
u0dboa84tl63e3dd5ec845e.causee.ru/cdn-cgi/styles/ 6 KB
3 KB 28ms
27ms Stylesheet
text/css 2606:4700:3036::ac43:afcd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://u0dboa84tl63e3dd5ec845e.causee.ru/cdn-cgi/styles/challenges.css

Requested by

Host: u0dboa84tl63e3dd5ec845e.causee.ru
URL: https://u0dboa84tl63e3dd5ec845e.causee.ru/M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:afcd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://u0dboa84tl63e3dd5ec845e.causee.ru/M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 12:30:57 GMT
server: cloudflare
etag: W/"6419a381-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7b342403fb662bd3-FRA
expires: Wed, 05 Apr 2023 21:19:05 GMT

GET
H2 200 v1 Show response
u0dboa84tl63e3dd5ec845e.causee.ru/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/ 144 KB
52 KB 36ms
34ms Script
application/javascript 2606:4700:3036::ac43:afcd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://u0dboa84tl63e3dd5ec845e.causee.ru/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=7b342403baa82bd3
Requested by: Host: u0dboa84tl63e3dd5ec845e.causee.ru
URL: https://u0dboa84tl63e3dd5ec845e.causee.ru/M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:afcd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 839420bd30ec65a5e33be3c6246a9f7c92002f7f31f0d4fdaeed1e3e9f529818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://u0dboa84tl63e3dd5ec845e.causee.ru/M?__cf_chl_rt_tk=1DAKvpurHbt1vzSNURt6zTteyAWY0nxwiylZUcFDUAI-1680722345-0-gaNycGzNCxA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:19:05 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSlZochUf9DTzzEkGE4PNotOSVKTiZjDjyJRcJq3IvNnF3KhSKhNzxB%2BYjD9opPsElBqCsxNEFzbvACEXijjUWPWbEyFoNddmqRH8rhABxeW6wBv6WbSiZRzoXDs3NzOEQXizY7QSqyBfVH2%2FKSu%2FmjN0L%2BziMVG4%2FXrxnD9Uq4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 7b3424043bd92bd3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 transparent.gif
u0dboa84tl63e3dd5ec845e.causee.ru/cdn-cgi/images/trace/captcha/js/ 42 B
129 B 23ms
22ms Image
image/gif 2606:4700:3036::ac43:afcd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://u0dboa84tl63e3dd5ec845e.causee.ru/cdn-cgi/images/trace/captcha/js/transparent.gif?ray=7b342403baa82bd3

Requested by

Host: u0dboa84tl63e3dd5ec845e.causee.ru
URL: https://u0dboa84tl63e3dd5ec845e.causee.ru/M?__cf_chl_rt_tk=1DAKvpurHbt1vzSNURt6zTteyAWY0nxwiylZUcFDUAI-1680722345-0-gaNycGzNCxA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:afcd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://u0dboa84tl63e3dd5ec845e.causee.ru/M?__cf_chl_rt_tk=1DAKvpurHbt1vzSNURt6zTteyAWY0nxwiylZUcFDUAI-1680722345-0-gaNycGzNCxA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:19:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Mar 2023 12:30:57 GMT
server: cloudflare
etag: "6419a381-2a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 7b3424043bdb2bd3-FRA
content-length: 42
expires: Wed, 05 Apr 2023 21:19:05 GMT

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/b/c09a1a74/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
https://challenges.cloudflare.com/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit

14 KB
5 KB

45ms
44ms

Script
application/javascript

2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by: Host: u0dboa84tl63e3dd5ec845e.causee.ru
URL: https://u0dboa84tl63e3dd5ec845e.causee.ru/M
Protocol: H2
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38065ca232356314bc86aad8e1b1ad253d7b20a16bc6387d01ab225c29e86490

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:19:05 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7b34240518be3821-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Wed, 05 Apr 2023 19:19:05 GMT
server: cloudflare
vary: accept-encoding
location: /turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7b342404e8723821-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 403 favicon.ico
u0dboa84tl63e3dd5ec845e.causee.ru/ 7 KB
7 KB 29ms
28ms Image
text/html 2606:4700:3036::ac43:afcd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://u0dboa84tl63e3dd5ec845e.causee.ru/favicon.ico

Requested by

Host: u0dboa84tl63e3dd5ec845e.causee.ru
URL: https://u0dboa84tl63e3dd5ec845e.causee.ru/M

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:afcd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03ddbb73ffd6cb8566aaa1ec573874a4ee3b3d7844bb8d3740e73bc85be2e5a7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://u0dboa84tl63e3dd5ec845e.causee.ru/M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:19:05 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkUb%2BqFGpAtnr22dbEFnpXHn03E9IXe%2FFwY7DDLPvKsfGdUCrdB0Mz1PCs07Qv5sRTHZC%2FcfsjzobTLZuRkTgWYxn2W30zIAtGBkKEPSq3UnsdIVgHIMgatQ8Mf6AtGKsWYBoFcsj7dUQ3gb5uJxDKuGZCjHa2fkt%2BzAtLg2%2F9s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 7b3424049e0b03ec-FRA
cf-chl-bypass: 1
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 5e50ee642ed8105 Show response
u0dboa84tl63e3dd5ec845e.causee.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1255688916:1680719596:Bffv7EGftO8Bl6nIR73jWeghKEXUtSoYf6G-9VCfFO8/7b342403baa82bd3/ 170 KB
127 KB 176ms
175ms XHR
text/plain 2606:4700:3036::ac43:afcd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://u0dboa84tl63e3dd5ec845e.causee.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1255688916:1680719596:Bffv7EGftO8Bl6nIR73jWeghKEXUtSoYf6G-9VCfFO8/7b342403baa82bd3/5e50ee642ed8105
Requested by: Host: u0dboa84tl63e3dd5ec845e.causee.ru
URL: https://u0dboa84tl63e3dd5ec845e.causee.ru/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=7b342403baa82bd3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:afcd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0c56485b866b0127f36aa704d72a7189ee61be43c7fc7b5458848dedf1a295e

Request headers

Referer: https://u0dboa84tl63e3dd5ec845e.causee.ru/M
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
CF-Challenge: 5e50ee642ed8105
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 05 Apr 2023 19:19:05 GMT
content-encoding: br
cf_chl_gen: vi0u6+f2gRHuawpQ6pxaU+8yek+lp3d3EbWaVo0g0pwh08qd7r1jrHz1BvNOpeFtwwVTTNajraqgMM8RT8CmeaK9OQ/xhVFXyvGSw5VyG4RAwRByGkC2Y2WtOg+EVRBQgVprEhFPhS+0tY8ZtzI36iwn9FjYjUauuyFtjChieaNm9EKPXNvcHHsDLYhcxkAtHOOE8pl4vfAE5yaTtrvg8p/eVULaTJvQ9sVJjKKfafLTFHgJqWH1uRDgigTjNZAdcPazjEVY6qzZVHZ6kvAfX6HpdjsvaJ/eFnfSUNDaUOZIbt+XatuXYt567Ic1M8FAmeZEHghrxmb0wSIEWiql0piSn/vifaZecbOhCNl3/hi4MeCExoFPpx6npQjXKz7r5UKtAwawOOFI8EnkK9CyQCen0jROQ8aCZbmC6HmKr085lCUNtusmFzZDOSe2qO2N$/9voGGMuUQLs7coJSvQASA==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJbEziFkUBALVPYMAQfLsAUxpuO60%2BcrFVl8k06Ijis9ycLzZS6oAGRcpOYOlDCPJ%2By3SOfU8V2KiSnGI8LrHXJl%2FvombkOqD3%2B4N6yAlpAgA5Omd4P%2BWBsimHI5cRM7jltKBfbThRhnAQmN0DLa7jURnfBnG%2FMMOfeXPVe0MD4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7b3424054f4203ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 401 I2BrQxc-0EbVBeb Show response
u0dboa84tl63e3dd5ec845e.causee.ru/cdn-cgi/challenge-platform/h/b/pat/7b342403baa82bd3/1680722345819/ac23fd930f5d5f02b7574b7e6664ae717d44c47900c8272824b69840e851e00e/ 1 B
967 B 29ms
28ms Fetch
text/plain 2606:4700:3036::ac43:afcd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://u0dboa84tl63e3dd5ec845e.causee.ru/cdn-cgi/challenge-platform/h/b/pat/7b342403baa82bd3/1680722345819/ac23fd930f5d5f02b7574b7e6664ae717d44c47900c8272824b69840e851e00e/I2BrQxc-0EbVBeb
Requested by: Host: u0dboa84tl63e3dd5ec845e.causee.ru
URL: https://u0dboa84tl63e3dd5ec845e.causee.ru/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=7b342403baa82bd3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:afcd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://u0dboa84tl63e3dd5ec845e.causee.ru/M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:19:07 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20grCP9kw9dXwK3V0t-ZmSucX1ExHkAyCcoJLaYQOhR4A4AIXUwZGJvYTg0dGw2M2UzZGQ1ZWM4NDVlLmNhdXNlZS5ydQ==, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAyKs0fkdzX-NVyob2xCfNi8DTewBG2MQLWM7UmHBXsz4StmTS_HnC-FKi6_YV531KDz1WxzdSVtZ8eUpg7ISzl7yRfp3Ti8jRVaNUd4fiHuL_QtLnAUr-PPUitTM2homTwHYiSlJxy4x_WSjx64rkWGEAmb58mJaXTueTn8HjecQ4mIafIlquNWL-jUK7o_d5pwdETFwHzOWlgWNLMnjrLth2djLJlGsgBIzudFgf-JdhDdDIuIPju3Q02WCoE1d4VrMzJtRNpnigbQsg6Xy18bcwY7Z8msp11pGkMy1qKBtV3VeD9G_wVRyaSHTen6J9-HBeCIeSe1HOJqhal2TReQIDAQAB, max-age=20
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSkRvB%2BXe3fRxRlLsb2r0H%2B1yvAOJj3K72JPAFWxsgoSFXz%2BBXP2oSMcy%2FJdG%2BcB%2FNpisD1scSUyort2wl0NxYaEDtLXxjRFrV2FotIBFx5WWS22t1klNFpEZ%2B5lmJ6I2yvb3nQSx68KoewgN1rhzBwjLwZWWoFMxztISSnTfe4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7b342412b9df03ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 NCWdSDwXUTkA-Ug
u0dboa84tl63e3dd5ec845e.causee.ru/cdn-cgi/challenge-platform/h/b/img/7b342403baa82bd3/1680722345823/ 61 B
476 B 34ms
33ms Image
image/png 2606:4700:3036::ac43:afcd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u0dboa84tl63e3dd5ec845e.causee.ru/cdn-cgi/challenge-platform/h/b/img/7b342403baa82bd3/1680722345823/NCWdSDwXUTkA-Ug
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:afcd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c8640db17e09c4e211a2bad88a18fa4b37cba5b175f8b05c74ec7c2cfb1512c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://u0dboa84tl63e3dd5ec845e.causee.ru/M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 19:19:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b342412fa8003ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKczZ4zW6fUh9dpZlk9T4p2HtqqQWALflGduagl9w6%2FhNEooKDGEP9MWBvnAstecmjzkj%2FSJhXc4i%2B6YkQ%2Bj4n4BEUPMNM3fZKzt%2FMd%2BfcIjoxqNTvCEqWrv5fLRA5w0jdX760sIFV8WsQTfrHh0OOFFKhjFqj1dwiL3nxU9xpk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png

POST
H3 200 5e50ee642ed8105 Show response
u0dboa84tl63e3dd5ec845e.causee.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1255688916:1680719596:Bffv7EGftO8Bl6nIR73jWeghKEXUtSoYf6G-9VCfFO8/7b342403baa82bd3/ 5 KB
5 KB 50ms
47ms XHR
text/plain 2606:4700:3036::ac43:afcd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://u0dboa84tl63e3dd5ec845e.causee.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1255688916:1680719596:Bffv7EGftO8Bl6nIR73jWeghKEXUtSoYf6G-9VCfFO8/7b342403baa82bd3/5e50ee642ed8105
Requested by: Host: u0dboa84tl63e3dd5ec845e.causee.ru
URL: https://u0dboa84tl63e3dd5ec845e.causee.ru/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=7b342403baa82bd3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:afcd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1535b72e52867d4adb106e935c8a8a78115364cc8769c7b706bf06646cf8298

Request headers

Referer: https://u0dboa84tl63e3dd5ec845e.causee.ru/M
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
CF-Challenge: 5e50ee642ed8105
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 05 Apr 2023 19:19:08 GMT
content-encoding: br
cf_chl_gen: ejJ2TOlOmfvHzNb14vkT9PzZ89sExx8WjBZ8mdmMca95SB3J6y4u+zHQKLeqwrKP$ukse57D85HTJoiNtBs8v/g==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KkZf3rEGOnBw8Q6O6LVk36UPjESPwfeuDp8iw4T%2BkyPRia%2FNQEQ7RkNZFVwvmyGLcPjE9EjUKxy%2F90AwtT5wK%2FDc651PqFmbMf0YIrWGUd2lNn%2ByuNxYQt3S%2BGuyuz9V6drPgIivSKbq8OM1bza6rLqzte%2FlaM00bQpWtEkDdno%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7b342413ec8f03ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 187 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://u0dboa84tl63e3dd5ec845e.causee.ru/M Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://u0dboa84tl63e3dd5ec845e.causee.ru/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://u0dboa84tl63e3dd5ec845e.causee.ru/cdn-cgi/challenge-platform/h/b/pat/7b342403baa82bd3/1680722345819/ac23fd930f5d5f02b7574b7e6664ae717d44c47900c8272824b69840e851e00e/I2BrQxc-0EbVBeb Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdigital.com.pk
challenges.cloudflare.com
u0dboa84tl63e3dd5ec845e.causee.ru
203.124.44.2
2606:4700:3036::ac43:afcd
2606:4700::6812:7b9
03ddbb73ffd6cb8566aaa1ec573874a4ee3b3d7844bb8d3740e73bc85be2e5a7
1c8640db17e09c4e211a2bad88a18fa4b37cba5b175f8b05c74ec7c2cfb1512c
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
38065ca232356314bc86aad8e1b1ad253d7b20a16bc6387d01ab225c29e86490
4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
839420bd30ec65a5e33be3c6246a9f7c92002f7f31f0d4fdaeed1e3e9f529818
c0c56485b866b0127f36aa704d72a7189ee61be43c7fc7b5458848dedf1a295e
cb352976c30ebbd936e7349353adf762d48467b74daf8060cd2bb2cfa88cff5e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1535b72e52867d4adb106e935c8a8a78115364cc8769c7b706bf06646cf8298
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

u0dboa84tl63e3dd5ec845e.causee.ru Open in urlscan Pro 2606:4700:3036::ac43:afcd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

91 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

206 kBTransfer

355 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

u0dboa84tl63e3dd5ec845e.causee.ru Open in urlscan Pro
2606:4700:3036::ac43:afcd Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

206 kB
Transfer

355 kB
Size

0
Cookies

11 HTTP transactions
2 data transactions