xqg5ag.ngampr.ru Open in urlscan Pro
2606:4700:20::ac43:4835 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xqg5ag.ngampr.ru/PS-641222a43522b
Submission: On March 15 via manual (March 15th 2023, 7:58:52 pm UTC) from GB — Scanned from GB

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 14 HTTP transactions. The main IP is 2606:4700:20::ac43:4835, located in United States and belongs to CLOUDFLARENET, US. The main domain is xqg5ag.ngampr.ru.
TLS certificate: Issued by E1 on February 27th 2023. Valid for: 3 months.

This is the only time xqg5ag.ngampr.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:20:... 2606:4700:20::ac43:4835	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2606:4700::68... 2606:4700::6812:6b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2

7 2606:4700:20::ac43:4835 (United States)

ASN13335 (CLOUDFLARENET, US)

xqg5ag.ngampr.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:6b9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 5237	127 KB
7	ngampr.ru xqg5ag.ngampr.ru	123 KB
14	2

	Domain	Requested by
8	challenges.cloudflare.com	1 redirects xqg5ag.ngampr.ru challenges.cloudflare.com
7	xqg5ag.ngampr.ru	xqg5ag.ngampr.ru
14	2

This site contains no links.

Subject Issuer	Validity	Valid
*.ngampr.ru E1	`2023-02-27` - `2023-05-28`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://xqg5ag.ngampr.ru/PS-641222a43522b
Frame ID: D52B74EDF956E910F4623BCCB987E8C6
Requests: 8 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/dvcrx/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 8B37A89E66B925BD87F632E442D3465D
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loading...

Page Statistics

14
Requests

93 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

250 kB
Transfer

573 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
https://challenges.cloudflare.com/turnstile/v0/b/78289926/api.js?onload=_cf_chl_turnstile_l&render=explicit

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 403 Primary Request PS-641222a43522b Show response
xqg5ag.ngampr.ru/ 7 KB
5 KB 106ms
34ms Document
text/html 2606:4700:20::ac43:4835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://xqg5ag.ngampr.ru/PS-641222a43522b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c394c45e5f78d2ea0e2c5eb5c2f224b647812c1795d88e1d82b4de80f9855cfd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7a87554b9aba7314-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Wed, 15 Mar 2023 19:58:47 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1%2FfQ7FIAuBQKB8jyzBi%2Fepszk9M4eVJJO7ybNSmJuN5PlE8shtXbYhXns%2BMjtNckQ9DB61mazas9i0mNEZMBaFxm6GfLx%2BEBCg9eUkK8UWEqazwEkSXeFOz%2BX%2FMrDaD%2BlyW8p3wUM01HUUa354%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 v1 Show response
xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ 141 KB
51 KB 49ms
48ms Script
application/javascript 2606:4700:20::ac43:4835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7a87554b9aba7314
Requested by: Host: xqg5ag.ngampr.ru
URL: https://xqg5ag.ngampr.ru/PS-641222a43522b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 569ef9608f75da432cfba7ba38c1a0c56491efef5917d6097d6e0558a5bea2b6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xqg5ag.ngampr.ru/PS-641222a43522b?__cf_chl_rt_tk=AsCCW37iy8BKKbtD_xfsq4I01iSJlOIpQFqQT3pkAqc-1678910327-0-gaNycGzNCeU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 19:58:47 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0EdYJT9JbfhnjlkVj%2F96AsSmiotv2gNaeoRV68sxMFiGdFgg0sE1elp5KjGUrdQpTuI0NqZ7qXMdcjClUI9eqeS7AqZYh77I4prGwvlF8K%2F0Y238ChPE3B1O48t%2F0e69fwdRc8vBa1XBhaMK9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 7a87554c1b8c7314-LHR

GET
H2 200 transparent.gif
xqg5ag.ngampr.ru/cdn-cgi/images/trace/managed/js/ 42 B
219 B 40ms
40ms Image
image/gif 2606:4700:20::ac43:4835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xqg5ag.ngampr.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7a87554b9aba7314

Requested by

Host: xqg5ag.ngampr.ru
URL: https://xqg5ag.ngampr.ru/PS-641222a43522b?__cf_chl_rt_tk=AsCCW37iy8BKKbtD_xfsq4I01iSJlOIpQFqQT3pkAqc-1678910327-0-gaNycGzNCeU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xqg5ag.ngampr.ru/PS-641222a43522b?__cf_chl_rt_tk=AsCCW37iy8BKKbtD_xfsq4I01iSJlOIpQFqQT3pkAqc-1678910327-0-gaNycGzNCeU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 19:58:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 22:56:11 GMT
server: cloudflare
etag: "6407c10b-2a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 7a87554c1b8f7314-LHR
content-length: 42
expires: Wed, 15 Mar 2023 21:58:47 GMT

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/b/78289926/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
https://challenges.cloudflare.com/turnstile/v0/b/78289926/api.js?onload=_cf_chl_turnstile_l&render=explicit

14 KB
5 KB

62ms
62ms

Script
application/javascript

2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/78289926/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by: Host: xqg5ag.ngampr.ru
URL: https://xqg5ag.ngampr.ru/PS-641222a43522b
Protocol: H2
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3987d36c0215af10ae03c644e5d8cb500b98e238e2be5cd06002287e198dab70

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 19:58:47 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7a87554d2a4f71d4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Wed, 15 Mar 2023 19:58:47 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /turnstile/v0/b/78289926/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control: max-age=300, public
cf-ray: 7a87554cea1771d4-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 9d7a839f3033371 Show response
xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1018628242:1678907445:IxklBVt3JJaB-o2PsLkVtb2zgyyIW5M5ghbfKsXDjJo/7a87554b9aba7314/ 123 KB
62 KB 91ms
91ms XHR
text/plain 2606:4700:20::ac43:4835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1018628242:1678907445:IxklBVt3JJaB-o2PsLkVtb2zgyyIW5M5ghbfKsXDjJo/7a87554b9aba7314/9d7a839f3033371
Requested by: Host: xqg5ag.ngampr.ru
URL: https://xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7a87554b9aba7314
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5b7a089ccda1199600b86080080d6c0d297e3409be0265ebec3a4d0c7fa2560

Request headers

Referer: https://xqg5ag.ngampr.ru/PS-641222a43522b
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: 9d7a839f3033371
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Mar 2023 19:58:47 GMT
content-encoding: br
cf_chl_gen: WhCot9HZJgiQrAenX+qobb00g4fbV4EfW/EShj4mBOSxFThU/QZ1qfyx8rvpAyQNQl1Jmv388s7jkVu/Jnh1B6OtCy7keHr4SMMxwoMqjwuGQV6ZTqTosFLyfno6RCDJFuUgAgwV/4QH4F4O8c2+A4j1pUxPZBr3QsvNReZ0k3w+CI9wLFQ77KqDyTbEFrEbh0KI/d8cInSLVS17fWCIFsn7pGxI1gtN01BmIEHcQxvK4qkBnbsNNh3M34Xd3V62kkOzE80pKNs2bN8nqML1s5fJzcSEaatGWzbUqmFzjjLPW0/nhFHAa3/z2YCdQLjEm9Ij8YEeqiG9bZHJryfemrMoeDYizmOxmxGyDaCSmrAegHO9gfUmYpo5Vr9IfF34DNuSv+LKj/Ac+gQ/b4s4nvEwPaB6GAky6mVSA/l4jCVovzTPicIActBhTRXIZT4SVcf0jHtdEEzKht1NAgJx6w==$YoLwYbHtONBjE1NLAZ3nHw==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtJgTkUCtjRnavgDcnmZGkdl%2Fb6FgRkn%2F4yzG9k6sz42Cjqbu2xpKXlH1hAfpjsl6rHssPBuS%2BcnUne48X2TSG%2BMDFrsTdmf2GpEiWBCHHd%2FPp7w11Lmw5GBAr7SzrKvBI2ip5YSnFxsIGKJKRo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7a87554d3d1b7314-LHR

GET
H2 200 CRVyTPfeLRlyUs1
xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/img/7a87554b9aba7314/1678910327894/ 61 B
371 B 48ms
44ms Image
image/png 2606:4700:20::ac43:4835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/img/7a87554b9aba7314/1678910327894/CRVyTPfeLRlyUs1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8647537c5b1c1d45bbfb02a6ef11748a7941a5ee4534db442490ed1025358b69

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xqg5ag.ngampr.ru/PS-641222a43522b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 19:58:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a8755557b467314-LHR
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sh4TbAx5axzUMlmHIJrWIHsVXQP1hAzaK1naj50AqDSmQuGZxkdLHI%2FrMNBFH5OkQKKUjSMOFJ%2FwEWSWoZfREkM6TBa6qvHJwyNb%2FxInLodu4yumcGzDbrdtHLmCReky1MPmaOD4purXiNWr%2F6o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png

GET
H2 401 w9yJ-Moc2KdYIbz Show response
xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/pat/7a87554b9aba7314/1678910327894/209c90d207426c8ab8338efe3f0c37f4c74d87756ac590905c25ab508d841fbb/ 1 B
775 B 43ms
42ms Fetch
text/plain 2606:4700:20::ac43:4835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/pat/7a87554b9aba7314/1678910327894/209c90d207426c8ab8338efe3f0c37f4c74d87756ac590905c25ab508d841fbb/w9yJ-Moc2KdYIbz
Requested by: Host: xqg5ag.ngampr.ru
URL: https://xqg5ag.ngampr.ru/PS-641222a43522b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://xqg5ag.ngampr.ru/PS-641222a43522b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 19:58:49 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gIJyQ0gdCbIq4M47-Pww39MdNh3VqxZCQXCWrUI2EH7sAEHhxZzVhZy5uZ2FtcHIucnU=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtK0fk8UgMasGK5V3T5wY7a3bUfa1Tk6cfuSReEDBgmTTk9fqUKZ-Ggt5F9FJ1uwqd0HYxixLl_RWXjBIvYJnQjOCdgocx_dtJX0HUsbnXCfqiYpIeSJFIKo1OEB2qE6Mo-yf5bNei97DT30-L3tp35JZNiva27hJ33lDc2DpBThSZJkQZOEUC0eIGteS9GpzKKOgBXDnY5uLmewDUWxRf75KVl_4xp4DYxyd6UHynCTcPH5J0UDGeGdnEK-l2On9Kao1M5xzKjKwaqHnc1XEcYw_43MSrFs8wlezfFYJE7k6y2acgGfGHmI9KKCy8EuyXzknUdo8saMec8jSdaf0rQIDAQAB, max-age=20
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a8755567d267314-LHR
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fo6KPTc87QxP0wdXhh7CeIIm%2B%2FNFHjGwmhr%2BW13WLj0OdbRDB9eNY0pYQD50BnoI8ruJvFkPBPTtyDW7eDcJ54FfO71HCG8KjLxhI8qyyTR1TxyMRwcww1MLlROsNu%2FknAMQekC6MwTJyme%2Bpfk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

POST
H2 200 9d7a839f3033371 Show response
xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1018628242:1678907445:IxklBVt3JJaB-o2PsLkVtb2zgyyIW5M5ghbfKsXDjJo/7a87554b9aba7314/ 5 KB
4 KB 96ms
95ms XHR
text/plain 2606:4700:20::ac43:4835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1018628242:1678907445:IxklBVt3JJaB-o2PsLkVtb2zgyyIW5M5ghbfKsXDjJo/7a87554b9aba7314/9d7a839f3033371
Requested by: Host: xqg5ag.ngampr.ru
URL: https://xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7a87554b9aba7314
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20cf6818db3a40f3281d648ad04bfff9120b57b91a7388ccb42fcb4349764b44

Request headers

Referer: https://xqg5ag.ngampr.ru/PS-641222a43522b
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: 9d7a839f3033371
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Mar 2023 19:58:49 GMT
content-encoding: br
cf_chl_gen: 533ennylt5/daCkzkNFRV5R9eH9HQo79edzk6fIOqWRVC/7QNkypjn3oGXwgdL1E$o4x/MDp/MHQejHHoYfM0BA==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BgpKDeFBOBY%2BOd5gu5%2FNOxJGvkJk0f5cU7p5aQD2BnkpWDualJ0aobetEqRt%2BvfDVN1hYMojSZ8iGUznjqkD%2FwD1iPFPLq8TVsaKnb8OcVNEqQYynjntX9iTcHemR7WgPBERqm4VsB3oPCffl0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7a8755573e967314-LHR

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/dvcrx/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 8B37 21 KB
7 KB 104ms
59ms Document
text/html 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/dvcrx/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f07e669f917130f33583f2fa447979f5b3e8d2c8aad4b77d7d21ad2cf460e42

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7a8755582987772f-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 19:58:49 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 8B37 150 KB
55 KB 47ms
47ms Script
application/javascript 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7a8755582987772f
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/dvcrx/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4df6a0daa2bf5b543405b207b9b074e1e65444152500bb7ca89e1f22eccc4a49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/dvcrx/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 19:58:49 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7a8755595be3772f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

POST
H3 200 c4f150e399311fd Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/46034221:1678907230:eXmhSOFeOfVkuuGa9YikotxDoQYpLFj1L1cRcrEW6Wc/7a8755582987772f/ Frame 8B37 101 KB
51 KB 165ms
165ms XHR
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/46034221:1678907230:eXmhSOFeOfVkuuGa9YikotxDoQYpLFj1L1cRcrEW6Wc/7a8755582987772f/c4f150e399311fd
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7a8755582987772f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 133fe309e8e1943aa58da54d7cd4c3fa14d98f8ff334ffb9138e12e0c0e0fb2d

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/dvcrx/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: c4f150e399311fd
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Mar 2023 19:58:50 GMT
content-encoding: br
cf_chl_gen: TeS+yOQCyejl6g2FPeaukmERpgG/UZSkAk9pZ81sIcBGg6kuCIjAzOamfLFMIixrM4X0uztCcwayegOYSfpNnRf0VMZnNIgqCg9zM08uNCBIFoEt69Cl4BbmWq8pwRlOrTAxCeKFHBkIDiYwCj/8RpWFfn39K0CzpXi8r5cRd836RKej21xbEt5YswGp9wX5AbYtcG3DnvWkpnavukHiQodDmBdx7P6bWMGsGe2J9lgn+/ilgzKL25gIUr1XY8UslyR4HetZzTr5mV8MLkc4OzUlmmozrbFZOO8oWikL4JF1KNpAep98VZoBzHRTAa1stX1w8d0KMW7naG0kKoStmgL0roRx3gLs2m1WKbNtNWD7r1KaWea87xpLwwr1g8Cg7/fOzS4UbvKWhuiV9z5Xgw==$HsVe7CXx3LpqtibTF3KY3g==
server: cloudflare
cf-ray: 7a87555abe54772f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 sdfz0tdw5gj-5bY
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7a8755582987772f/1678910330082/ Frame 8B37 61 B
166 B 47ms
47ms Image
image/png 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7a8755582987772f/1678910330082/sdfz0tdw5gj-5bY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a8322a17323761d311172bdae98865576602b2649621d85784245a79735ef7d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/dvcrx/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 19:58:50 GMT
server: cloudflare
cf-ray: 7a87555c189c772f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/png

GET
H3 401 pophsWv1g-quEFs Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7a8755582987772f/1678910330084/df9a4ddd9a1c55350df52c0666c31f602c70d5b2e1c5d9d665fc72850c7f8421/ Frame 8B37 1 B
647 B 41ms
40ms Fetch
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7a8755582987772f/1678910330084/df9a4ddd9a1c55350df52c0666c31f602c70d5b2e1c5d9d665fc72850c7f8421/pophsWv1g-quEFs
Requested by: Host: xqg5ag.ngampr.ru
URL: https://xqg5ag.ngampr.ru/PS-641222a43522b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/dvcrx/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 19:58:50 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g35pN3ZocVTUN9SwGZsMfYCxw1bLhxdnWZfxyhQx_hCEAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtK0fk8UgMasGK5V3T5wY7a3bUfa1Tk6cfuSReEDBgmTTk9fqUKZ-Ggt5F9FJ1uwqd0HYxixLl_RWXjBIvYJnQjOCdgocx_dtJX0HUsbnXCfqiYpIeSJFIKo1OEB2qE6Mo-yf5bNei97DT30-L3tp35JZNiva27hJ33lDc2DpBThSZJkQZOEUC0eIGteS9GpzKKOgBXDnY5uLmewDUWxRf75KVl_4xp4DYxyd6UHynCTcPH5J0UDGeGdnEK-l2On9Kao1M5xzKjKwaqHnc1XEcYw_43MSrFs8wlezfFYJE7k6y2acgGfGHmI9KKCy8EuyXzknUdo8saMec8jSdaf0rQIDAQAB, max-age=20
server: cloudflare
cf-ray: 7a87555c9970772f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

POST
H3 200 c4f150e399311fd Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/46034221:1678907230:eXmhSOFeOfVkuuGa9YikotxDoQYpLFj1L1cRcrEW6Wc/7a8755582987772f/ Frame 8B37 11 KB
9 KB 88ms
84ms XHR
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/46034221:1678907230:eXmhSOFeOfVkuuGa9YikotxDoQYpLFj1L1cRcrEW6Wc/7a8755582987772f/c4f150e399311fd
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7a8755582987772f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aed84a2977a4a07d1c7e09971614252cf0902c7ea0e759c19a7b523076bfa47

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/dvcrx/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: c4f150e399311fd
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 15 Mar 2023 19:58:51 GMT
content-encoding: br
cf_chl_gen: agqJcjOxvEj5eRQQzkiXB1AuyPvS3OXQgFCkaOJKIN9dMEYyS3frQKJU8lbVTnjW$HUxhaoAvI3z87rKM4shVLQ==
server: cloudflare
cf-ray: 7a8755654946772f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://xqg5ag.ngampr.ru/PS-641222a43522b Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://xqg5ag.ngampr.ru/cdn-cgi/challenge-platform/h/b/pat/7a87554b9aba7314/1678910327894/209c90d207426c8ab8338efe3f0c37f4c74d87756ac590905c25ab508d841fbb/w9yJ-Moc2KdYIbz Message: Failed to load resource: the server responded with a status of 401 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7a8755582987772f/1678910330084/df9a4ddd9a1c55350df52c0666c31f602c70d5b2e1c5d9d665fc72850c7f8421/pophsWv1g-quEFs Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
xqg5ag.ngampr.ru
2606:4700:20::ac43:4835
2606:4700::6812:6b9
133fe309e8e1943aa58da54d7cd4c3fa14d98f8ff334ffb9138e12e0c0e0fb2d
20cf6818db3a40f3281d648ad04bfff9120b57b91a7388ccb42fcb4349764b44
3987d36c0215af10ae03c644e5d8cb500b98e238e2be5cd06002287e198dab70
4df6a0daa2bf5b543405b207b9b074e1e65444152500bb7ca89e1f22eccc4a49
569ef9608f75da432cfba7ba38c1a0c56491efef5917d6097d6e0558a5bea2b6
5f07e669f917130f33583f2fa447979f5b3e8d2c8aad4b77d7d21ad2cf460e42
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7a8322a17323761d311172bdae98865576602b2649621d85784245a79735ef7d
8647537c5b1c1d45bbfb02a6ef11748a7941a5ee4534db442490ed1025358b69
9aed84a2977a4a07d1c7e09971614252cf0902c7ea0e759c19a7b523076bfa47
a5b7a089ccda1199600b86080080d6c0d297e3409be0265ebec3a4d0c7fa2560
c394c45e5f78d2ea0e2c5eb5c2f224b647812c1795d88e1d82b4de80f9855cfd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

xqg5ag.ngampr.ru Open in urlscan Pro 2606:4700:20::ac43:4835 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

14 Requests

93 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

250 kBTransfer

573 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

0 Cookies

5 Console Messages

Security Headers

Indicators

xqg5ag.ngampr.ru Open in urlscan Pro
2606:4700:20::ac43:4835 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

250 kB
Transfer

573 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions