urlscan.io logo urlscan.io
SecurityTrails logo

trk.cloudtraff.com Open in urlscan Pro
2606:4700:4400::ac40:9973  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clck.ru/3BJXE9?adv2
Effective URL: https://trk.cloudtraff.com/4ab2be10-2a9c-4230-aa29-bcfe01b189f6?o=2829&subPublisher=2155263&clicktag=QyUzsEqOZTNKNBSZTybrGl...
Submission: On August 20 via manual from ZA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 7 domains to perform 11 HTTP transactions. The main IP is 2606:4700:4400::ac40:9973, located in United States and belongs to CLOUDFLARENET, US. The main domain is trk.cloudtraff.com. The Cisco Umbrella rank of the primary domain is 890113.
TLS certificate: Issued by E6 on July 2nd 2024. Valid for: 3 months.
This is the only time trk.cloudtraff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a02:6b8::221 13238 (YANDEX)
1 1 2a02:6b8::232 13238 (YANDEX)
1 1 2600:9000:225... 16509 (AMAZON-02)
1 3 198.252.104.134 20068 (HAWKHOST)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
11 5
1    2a02:6b8::221 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
clck.ru
1    2a02:6b8::232 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
sba.yandex.ru
1    2600:9000:2250:4800:1:7145:e880:93a1 (United States)

ASN16509 (AMAZON-02, US)
bnc.lt
3    198.252.104.134 (United States)

ASN20068 (HAWKHOST, CA)
PTR: interstellar.bigbig.space
malia.sarakohl.de
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
dirtyvalentine4.com
5    2606:4700:4400::ac40:9973 (United States)

ASN13335 (CLOUDFLARENET, US)
trk.cloudtraff.com
1    2606:4700::6812:5e29 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    2606:4700::6812:5f29 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
5 cloudtraff.com
trk.cloudtraff.com — Cisco Umbrella Rank: 890113
58 KB
3 sarakohl.de
malia.sarakohl.de
1 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3877
15 KB
1 dirtyvalentine4.com
dirtyvalentine4.com
890 B
1 bnc.lt
bnc.lt — Cisco Umbrella Rank: 46426
951 B
1 yandex.ru
sba.yandex.ru — Cisco Umbrella Rank: 320430
284 B
1 clck.ru
clck.ru — Cisco Umbrella Rank: 249236
822 B
11 7
Domain Requested by
5 trk.cloudtraff.com malia.sarakohl.de
trk.cloudtraff.com
3 malia.sarakohl.de 1 redirects malia.sarakohl.de
2 challenges.cloudflare.com trk.cloudtraff.com
challenges.cloudflare.com
1 dirtyvalentine4.com 1 redirects
1 bnc.lt 1 redirects
1 sba.yandex.ru 1 redirects
1 clck.ru 1 redirects
11 7

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
*.sarakohl.de
R3		 2024-05-27 -
2024-08-25		 3 months crt.sh
cloudtraff.com
E6		 2024-07-02 -
2024-09-30		 3 months crt.sh
challenges.cloudflare.com
E5		 2024-07-17 -
2024-10-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://trk.cloudtraff.com/4ab2be10-2a9c-4230-aa29-bcfe01b189f6?o=2829&subPublisher=2155263&clicktag=QyUzsEqOZTNKNBSZTybrGlOdlZmjdHBmaWCQj
Frame ID: 30E8F8FCD1A33E0124EDB28D64BB6F54
Requests: 10 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/2ttnz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: 9580522E7402E47C136A6AFAA143C01F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nur einen Moment…

Page URL History Show full URLs

  1. https://clck.ru/3BJXE9?adv2 HTTP 302
    https://sba.yandex.ru/redirect?url=https%3A%2F%2Fbnc.lt%2FEfQGSFoVtKb&client=clck&request_id=17241... HTTP 302
    https://bnc.lt/EfQGSFoVtKb HTTP 307
    http://malia.sarakohl.de/ZzhFUm8sUEFSVFktQ1VORElORywxNzE4NTYxMjYzLCxBRFZFUlRFTiww?_branch_match_id=13... HTTP 307
    https://malia.sarakohl.de/ZzhFUm8sUEFSVFktQ1VORElORywxNzE4NTYxMjYzLCxBRFZFUlRFTiww?_branch_match_id=13... Page URL
  2. https://malia.sarakohl.de/_meetups/?click_id=party-cunding&network=ADVERTEN&guid=96ecf9a2a02c8503dac61... HTTP 302
    https://malia.sarakohl.de/_meetups/r.php?click_id=cunding&groups=party&network=ADVERTEN&guid=0d9f41fbd... Page URL
  3. https://dirtyvalentine4.com/?utm_source=bQfk2PNc8zlIn&utm_campaign=CUNDING&utm_term=PARTY&utm_content=Q1... HTTP 302
    https://trk.cloudtraff.com/4ab2be10-2a9c-4230-aa29-bcfe01b189f6?o=2829&subPublisher=2155263&clicktag=Qy... Page URL

Page Statistics

11
Requests

82 %
HTTPS

88 %
IPv6

7
Domains

7
Subdomains

5
IPs

2
Countries

75 kB
Transfer

171 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clck.ru/3BJXE9?adv2 HTTP 302
    https://sba.yandex.ru/redirect?url=https%3A%2F%2Fbnc.lt%2FEfQGSFoVtKb&client=clck&request_id=1724192649161454-7470823331609944530&sign=d9128bbfc76756961113403c8fbf845d HTTP 302
    https://bnc.lt/EfQGSFoVtKb HTTP 307
    http://malia.sarakohl.de/ZzhFUm8sUEFSVFktQ1VORElORywxNzE4NTYxMjYzLCxBRFZFUlRFTiww?_branch_match_id=1354569028390600271&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT61IzC3ISdVLLCjQy8nMy9Z3TQt0D3bLDyvxTgIA1962hCQAAAA%3D HTTP 307
    https://malia.sarakohl.de/ZzhFUm8sUEFSVFktQ1VORElORywxNzE4NTYxMjYzLCxBRFZFUlRFTiww?_branch_match_id=1354569028390600271&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT61IzC3ISdVLLCjQy8nMy9Z3TQt0D3bLDyvxTgIA1962hCQAAAA%3D Page URL
  2. https://malia.sarakohl.de/_meetups/?click_id=party-cunding&network=ADVERTEN&guid=96ecf9a2a02c8503dac6140247a92773 HTTP 302
    https://malia.sarakohl.de/_meetups/r.php?click_id=cunding&groups=party&network=ADVERTEN&guid=0d9f41fbdf045e7c8736aa5cc371567a Page URL
  3. https://dirtyvalentine4.com/?utm_source=bQfk2PNc8zlIn&utm_campaign=CUNDING&utm_term=PARTY&utm_content=Q1VORElORyxERSw0NS4xNDEuMTUyLjc1LFdFQixQQVJUWQ HTTP 302
    https://trk.cloudtraff.com/4ab2be10-2a9c-4230-aa29-bcfe01b189f6?o=2829&subPublisher=2155263&clicktag=QyUzsEqOZTNKNBSZTybrGlOdlZmjdHBmaWCQj Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://clck.ru/3BJXE9?adv2 HTTP 302
  • https://sba.yandex.ru/redirect?url=https%3A%2F%2Fbnc.lt%2FEfQGSFoVtKb&client=clck&request_id=1724192649161454-7470823331609944530&sign=d9128bbfc76756961113403c8fbf845d HTTP 302
  • https://bnc.lt/EfQGSFoVtKb HTTP 307
  • http://malia.sarakohl.de/ZzhFUm8sUEFSVFktQ1VORElORywxNzE4NTYxMjYzLCxBRFZFUlRFTiww?_branch_match_id=1354569028390600271&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT61IzC3ISdVLLCjQy8nMy9Z3TQt0D3bLDyvxTgIA1962hCQAAAA%3D HTTP 307
  • https://malia.sarakohl.de/ZzhFUm8sUEFSVFktQ1VORElORywxNzE4NTYxMjYzLCxBRFZFUlRFTiww?_branch_match_id=1354569028390600271&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT61IzC3ISdVLLCjQy8nMy9Z3TQt0D3bLDyvxTgIA1962hCQAAAA%3D
Request Chain 1
  • https://malia.sarakohl.de/_meetups/?click_id=party-cunding&network=ADVERTEN&guid=96ecf9a2a02c8503dac6140247a92773 HTTP 302
  • https://malia.sarakohl.de/_meetups/r.php?click_id=cunding&groups=party&network=ADVERTEN&guid=0d9f41fbdf045e7c8736aa5cc371567a

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ZzhFUm8sUEFSVFktQ1VORElORywxNzE4NTYxMjYzLCxBRFZFUlRFTiww
malia.sarakohl.de/
Redirect Chain
  • https://clck.ru/3BJXE9?adv2
  • https://sba.yandex.ru/redirect?url=https%3A%2F%2Fbnc.lt%2FEfQGSFoVtKb&client=clck&request_id=1724192649161454-7470823331609944530&sign=d9128bbfc76756961113403c8fbf845d
  • https://bnc.lt/EfQGSFoVtKb
  • http://malia.sarakohl.de/ZzhFUm8sUEFSVFktQ1VORElORywxNzE4NTYxMjYzLCxBRFZFUlRFTiww?_branch_match_id=1354569028390600271&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT61IzC3ISdVLLCjQy8nMy9Z3TQt0D3bLDyvxT...
  • https://malia.sarakohl.de/ZzhFUm8sUEFSVFktQ1VORElORywxNzE4NTYxMjYzLCxBRFZFUlRFTiww?_branch_match_id=1354569028390600271&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT61IzC3ISdVLLCjQy8nMy9Z3TQt0D3bLDyvx...
874 B
656 B 		Document
General
Check archive.org
Download Go to
Full URL
https://malia.sarakohl.de/ZzhFUm8sUEFSVFktQ1VORElORywxNzE4NTYxMjYzLCxBRFZFUlRFTiww?_branch_match_id=1354569028390600271&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT61IzC3ISdVLLCjQy8nMy9Z3TQt0D3bLDyvxTgIA1962hCQAAAA%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.104.134 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
interstellar.bigbig.space
Software
LiteSpeed / PHP/7.4.33
Resource Hash
1d62384dc19de08b6ecd7290e47c1bf1b3744bc17fca033c8d64d92b32e585b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache
content-encoding
br
content-length
370
content-type
text/html; charset=UTF-8
date
Tue, 20 Aug 2024 22:24:10 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

Location
https://malia.sarakohl.de/ZzhFUm8sUEFSVFktQ1VORElORywxNzE4NTYxMjYzLCxBRFZFUlRFTiww?_branch_match_id=1354569028390600271&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT61IzC3ISdVLLCjQy8nMy9Z3TQt0D3bLDyvxTgIA1962hCQAAAA%3D
Non-Authoritative-Reason
HttpsUpgrades
r.php
malia.sarakohl.de/_meetups/
Redirect Chain
  • https://malia.sarakohl.de/_meetups/?click_id=party-cunding&network=ADVERTEN&guid=96ecf9a2a02c8503dac6140247a92773
  • https://malia.sarakohl.de/_meetups/r.php?click_id=cunding&groups=party&network=ADVERTEN&guid=0d9f41fbdf045e7c8736aa5cc371567a
802 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://malia.sarakohl.de/_meetups/r.php?click_id=cunding&groups=party&network=ADVERTEN&guid=0d9f41fbdf045e7c8736aa5cc371567a
Requested by
Host: malia.sarakohl.de
URL: https://malia.sarakohl.de/ZzhFUm8sUEFSVFktQ1VORElORywxNzE4NTYxMjYzLCxBRFZFUlRFTiww?_branch_match_id=1354569028390600271&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT61IzC3ISdVLLCjQy8nMy9Z3TQt0D3bLDyvxTgIA1962hCQAAAA%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.252.104.134 , United States, ASN20068 (HAWKHOST, CA),
Reverse DNS
interstellar.bigbig.space
Software
LiteSpeed / PHP/7.4.33
Resource Hash

Request headers

Referer
https://malia.sarakohl.de/ZzhFUm8sUEFSVFktQ1VORElORywxNzE4NTYxMjYzLCxBRFZFUlRFTiww?_branch_match_id=1354569028390600271&_branch_referrer=H4sIAAAAAAAAA8soKSkottLXT61IzC3ISdVLLCjQy8nMy9Z3TQt0D3bLDyvxTgIA1962hCQAAAA%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
br
content-length
337
content-type
text/html; charset=UTF-8
date
Tue, 20 Aug 2024 22:24:10 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 20 Aug 2024 22:24:10 GMT
location
/_meetups/r.php?click_id=cunding&groups=party&network=ADVERTEN&guid=0d9f41fbdf045e7c8736aa5cc371567a
pragma
no-cache
server
LiteSpeed
x-powered-by
PHP/7.4.33
Primary Request 4ab2be10-2a9c-4230-aa29-bcfe01b189f6
trk.cloudtraff.com/
Redirect Chain
  • https://dirtyvalentine4.com/?utm_source=bQfk2PNc8zlIn&utm_campaign=CUNDING&utm_term=PARTY&utm_content=Q1VORElORyxERSw0NS4xNDEuMTUyLjc1LFdFQixQQVJUWQ
  • https://trk.cloudtraff.com/4ab2be10-2a9c-4230-aa29-bcfe01b189f6?o=2829&subPublisher=2155263&clicktag=QyUzsEqOZTNKNBSZTybrGlOdlZmjdHBmaWCQj
20 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://trk.cloudtraff.com/4ab2be10-2a9c-4230-aa29-bcfe01b189f6?o=2829&subPublisher=2155263&clicktag=QyUzsEqOZTNKNBSZTybrGlOdlZmjdHBmaWCQj
Requested by
Host: malia.sarakohl.de
URL: https://malia.sarakohl.de/_meetups/r.php?click_id=cunding&groups=party&network=ADVERTEN&guid=0d9f41fbdf045e7c8736aa5cc371567a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9973 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5de8228679296f48da257c1b73277e648c5e4ce25e53ae5dd18ad3222bb01f2a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://malia.sarakohl.de/_meetups/r.php?click_id=cunding&groups=party&network=ADVERTEN&guid=0d9f41fbdf045e7c8736aa5cc371567a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
kFAlTOjSjOBci6K/8cV4HEJC34TLjHLqXtkKCaBp+sTwOIfmQE1saU1UkO7mfUK3VcvoNYVQNze7HoqOLo+StSmOtm2UGj7BQTelg/j12d/VEgL+U3+K6pqvXsvGWx6iFL430WYEb6uW+1MFYrUInA==$RpoaUJ1UaAOEk+cCjg82sg==
cf-mitigated
challenge
cf-ray
8b65cac5688d92c9-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 20 Aug 2024 22:24:11 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8b65cac3fafd18e1-FRA
content-type
text/html; charset=utf-8
date
Tue, 20 Aug 2024 22:24:11 GMT
location
https://trk.cloudtraff.com/4ab2be10-2a9c-4230-aa29-bcfe01b189f6?o=2829&subPublisher=2155263&clicktag=QyUzsEqOZTNKNBSZTybrGlOdlZmjdHBmaWCQj
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NidCn0yvkjVv7JKn4j24Th7UcIvJJnCCYaRBNFTE3fpKVn%2Bln64F6tK8h2Mqlo%2FWD68%2F6LzM2aG7wUBwBseaX0%2FI4CAez2%2F3u7kKLBKSCEUsKNsqv2hkyvUmoEOraDfoGsjmgLhNDmzpRfwWr%2BFPv4pQ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
v1
trk.cloudtraff.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		89 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk.cloudtraff.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8b65cac5688d92c9
Requested by
Host: trk.cloudtraff.com
URL: https://trk.cloudtraff.com/4ab2be10-2a9c-4230-aa29-bcfe01b189f6?o=2829&subPublisher=2155263&clicktag=QyUzsEqOZTNKNBSZTybrGlOdlZmjdHBmaWCQj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9973 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6ea2a432aafdbc02168545e8e2f77849b17caf47a5c91c704f44e8c9986475f

Request headers

Referer
https://trk.cloudtraff.com/4ab2be10-2a9c-4230-aa29-bcfe01b189f6?o=2829&subPublisher=2155263&clicktag=QyUzsEqOZTNKNBSZTybrGlOdlZmjdHBmaWCQj&__cf_chl_rt_tk=TpcdBpIDshYZlOt4NfDoV61ZFFLnI5Dn1l561zCjILo-1724192651-0.0.1.1-7786
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 22:24:11 GMT
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
server
cloudflare
cf-ray
8b65cac5b8d892c9-FRA
content-type
application/javascript; charset=UTF-8
api.js
challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js?onload=FWtH0&render=explicit
Requested by
Host: trk.cloudtraff.com
URL: https://trk.cloudtraff.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8b65cac5688d92c9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eda47b0c02c44bdaa43a5b14857f1257ddbd620b0397c32aa3ae8baf769ab55

Request headers

Referer
Origin
https://trk.cloudtraff.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 22:24:11 GMT
content-encoding
br
last-modified
Thu, 15 Aug 2024 16:28:23 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
cross-origin-resource-policy
cross-origin
cf-ray
8b65cac61ff765da-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
trk.cloudtraff.com/ 		0
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trk.cloudtraff.com/favicon.ico
Requested by
Host: trk.cloudtraff.com
URL: https://trk.cloudtraff.com/4ab2be10-2a9c-4230-aa29-bcfe01b189f6?o=2829&subPublisher=2155263&clicktag=QyUzsEqOZTNKNBSZTybrGlOdlZmjdHBmaWCQj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9973 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://trk.cloudtraff.com/4ab2be10-2a9c-4230-aa29-bcfe01b189f6?o=2829&subPublisher=2155263&clicktag=QyUzsEqOZTNKNBSZTybrGlOdlZmjdHBmaWCQj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-trace-id
d454ed6a93bff90bda748b6333846e68
date
Tue, 20 Aug 2024 22:24:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
last-modified
Tue, 20 Aug 2024 22:20:59 GMT
server
cloudflare
vary
Accept-Encoding
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8b65cac5f90192c9-FRA
content-length
0
expires
Wed, 21 Aug 2024 02:24:11 GMT
30b158ea-134f-4df2-be5c-de8f20a606ae
https://trk.cloudtraff.com/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://trk.cloudtraff.com/30b158ea-134f-4df2-be5c-de8f20a606ae
Requested by
Host: trk.cloudtraff.com
URL: https://trk.cloudtraff.com/4ab2be10-2a9c-4230-aa29-bcfe01b189f6?o=2829&subPublisher=2155263&clicktag=QyUzsEqOZTNKNBSZTybrGlOdlZmjdHBmaWCQj
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

Referer
https://trk.cloudtraff.com/4ab2be10-2a9c-4230-aa29-bcfe01b189f6?o=2829&subPublisher=2155263&clicktag=QyUzsEqOZTNKNBSZTybrGlOdlZmjdHBmaWCQj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
favicon.ico
trk.cloudtraff.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://trk.cloudtraff.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9973 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://trk.cloudtraff.com/4ab2be10-2a9c-4230-aa29-bcfe01b189f6?o=2829&subPublisher=2155263&clicktag=QyUzsEqOZTNKNBSZTybrGlOdlZmjdHBmaWCQj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-trace-id
d454ed6a93bff90bda748b6333846e68
date
Tue, 20 Aug 2024 22:24:11 GMT
cf-cache-status
HIT
last-modified
Tue, 20 Aug 2024 22:20:59 GMT
server
cloudflare
vary
Accept-Encoding
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8b65cac5f90192c9-FRA
content-length
0
expires
Wed, 21 Aug 2024 02:24:11 GMT
e73736e4c5cfd7a
trk.cloudtraff.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1143328967:1724191881:DRIkj1ufD8nKBGg9o-wacNECW384K4MMmhPDh98KtDg/8b65cac5688d92c9/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trk.cloudtraff.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1143328967:1724191881:DRIkj1ufD8nKBGg9o-wacNECW384K4MMmhPDh98KtDg/8b65cac5688d92c9/e73736e4c5cfd7a
Requested by
Host: trk.cloudtraff.com
URL: https://trk.cloudtraff.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8b65cac5688d92c9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9973 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d11657a04f547badcf57e9a5e8b3867118c976270e33f7d0be7012503b8c0fe6

Request headers

Referer
https://trk.cloudtraff.com/4ab2be10-2a9c-4230-aa29-bcfe01b189f6?o=2829&subPublisher=2155263&clicktag=QyUzsEqOZTNKNBSZTybrGlOdlZmjdHBmaWCQj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
CF-Challenge
e73736e4c5cfd7a
Content-type
application/x-www-form-urlencoded

Response headers

content-type
text/plain; charset=UTF-8
date
Tue, 20 Aug 2024 22:24:11 GMT
content-encoding
br
server
cloudflare
cf-ray
8b65cac6997592c9-FRA
cf-chl-gen
SfTrZDq7KjYzUpMdgUzlOV+jSBxDnv0TcQk5pC+Wdk43ezTtXOGy7HqHZlRZ9VvGbYEXNc3UOA==$xbrb1RkA6Slwfk+X
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/2ttnz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame 9580 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/2ttnz/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js?onload=FWtH0&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8b65cac70d032baa-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 20 Aug 2024 22:24:11 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
799532a2-495c-455c-b7a5-e6112433b00e
https://trk.cloudtraff.com/ 		80 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://trk.cloudtraff.com/799532a2-495c-455c-b7a5-e6112433b00e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3418640c1204265881221580b9d1554424f6ed49549d408da50c690ab29f400

Request headers

Referer
https://trk.cloudtraff.com/4ab2be10-2a9c-4230-aa29-bcfe01b189f6?o=2829&subPublisher=2155263&clicktag=QyUzsEqOZTNKNBSZTybrGlOdlZmjdHBmaWCQj
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
80
Content-Type
text/javascript

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| iQQUo8 function| kiQcC5 function| RlyNT8 object| ScCr4 object| VRCR7 function| nMYjh2 function| aFNi0 function| FWtH0 boolean| Wglfs7 function| aIHeB3 object| jopu8 number| wqXrO5 object| angular object| turnstile boolean| NVwJR5 string| eYgKi3 boolean| bMPsx2

4 Cookies

Domain/Path Name / Value
.clck.ru/ Name: _yasc
Value: BibTMyHob87Plhn0uiGXY8Qcz+Gg9MY/0iSiWeFV90fWZ7Y+M6DTtdTbzcUHbdlE
bnc.lt/ Name: _s
Value: YYTmhOns6bJXudh8oiWzNbUELXALjUhozTcMJfwLOawXr%2FdvQurLXnaJb3G5LLar
dirtyvalentine4.com/ Name: k
Value: SFMyNTY.g3QAAAAEbQAAAARhdW5xdAAAAAFtAAAABjEwNDc1M20AAAAKcGVFWkdhb296cG0AAAADaGlkbQAAACVReVV6c0VxT1pUTktOQlNaVHlickdsT2RsWm1qZEhCbWFXQ1FqbQAAAAJobGQAA25pbG0AAAADdW5xbQAAAAxPZ2hWSkdleHhNVG8.KwR7rnr7Mco7qTZEfl4MY6Cq17ebZPDKvlQ8BhJKG98
.cloudtraff.com/ Name: __cf_bm
Value: oImVXklIE5HidqyQLtyaU.880Bbumey0i3yiAMrCAsY-1724192651-1.0.1.1-NCFs0dAoSxtcZMAfkrMrSAkNFgcb3jh1qqYkFIAvdPYaIOTS_CyBa20O5ugiwJfCIAsSMuCn1uxDCpBhTiHq0g

1 Console Messages

Source Level URL
Text
network error URL: https://trk.cloudtraff.com/4ab2be10-2a9c-4230-aa29-bcfe01b189f6?o=2829&subPublisher=2155263&clicktag=QyUzsEqOZTNKNBSZTybrGlOdlZmjdHBmaWCQj
Message:
Failed to load resource: the server responded with a status of 403 ()