urlscan.io logo urlscan.io
SecurityTrails logo

bgmmk.detnb.ru Open in urlscan Pro
2606:4700:3037::6815:1296  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fantasy.onelink.me/786320431?pid=email&c=US_Acquisition_YMktg_AcquisitionDailyFantasyFootballUsers_20210923_PlayPas...
Effective URL: https://bgmmk.detnb.ru/Madavanzo@kpmg.com
Submission Tags: falconsandbox
Submission: On April 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3037::6815:1296, located in United States and belongs to CLOUDFLARENET, US. The main domain is bgmmk.detnb.ru.
TLS certificate: Issued by GTS CA 1P5 on March 31st 2023. Valid for: 3 months.
This is the only time bgmmk.detnb.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.66.97.88 16509 (AMAZON-02)
1 1 192.185.131.105 19871 (NETWORK-S...)
7 2606:4700:303... 13335 (CLOUDFLAR...)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
19 3
Apex Domain
Subdomains		 Transfer
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4009
125 KB
7 detnb.ru
bgmmk.detnb.ru
126 KB
1 dicorlab.com
dicorlab.com
124 B
1 onelink.me
fantasy.onelink.me
539 B
19 4
Domain Requested by
8 challenges.cloudflare.com 1 redirects bgmmk.detnb.ru
challenges.cloudflare.com
7 bgmmk.detnb.ru bgmmk.detnb.ru
1 dicorlab.com 1 redirects
1 fantasy.onelink.me 1 redirects
19 4

This site contains no links.

Subject Issuer Validity Valid
*.detnb.ru
GTS CA 1P5		 2023-03-31 -
2023-06-29		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://bgmmk.detnb.ru/Madavanzo@kpmg.com
Frame ID: 4794BF2E23ECF40717FC81585EA78957
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/i145n/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 7AAED4A4659E412FC51071970AA5789B
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading...

Page URL History Show full URLs

  1. https://fantasy.onelink.me/786320431?pid=email&c=US_Acquisition_YMktg_AcquisitionDailyFantasyFootballUs... HTTP 301
    https://dicorlab.com/enero/wp-content/upgrade/adavanzo@kpmg.com/dailyfantasy/contest/9426255?is_r... HTTP 302
    https://bgmmk.detnb.ru/Madavanzo@kpmg.com Page URL

Page Statistics

19
Requests

68 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

251 kB
Transfer

576 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fantasy.onelink.me/786320431?pid=email&c=US_Acquisition_YMktg_AcquisitionDailyFantasyFootballUsers_20210923_PlayPastSeason&af_sub1=Acquisition&af_sub2=US_YMktg&af_sub3&af_sub4=0ebb6285-329b-4008-8c13-ec8b8929cb50&af_sub5=DynamicTemplate_Email_Static_&af_dp=https%3A%2F%2Fsports.yahoo.com%2Fdailyfantasy%2Fcontest%2F9426255%3Fpid-email--c-US_Acquisition_YMktg_AcquisitionDailyFantasyFootballUsers_20210923_PlayPastSeason--af_sub1-Acquisition--af_sub2-US_YMktg--af_sub3---af_sub4-0ebb6285-329b-4008-8c13-ec8b8929cb50--af_sub5-DynamicTemplate_Email_Static_--is_retargeting-true&af_web_dp=https%3A%2F%2Fdicorlab.com%2Fenero%2Fwp-content%2Fupgrade%2Fadavanzo%40kpmg.com%2Fdailyfantasy%2Fcontest%2F9426255&is_retargeting=true HTTP 301
    https://dicorlab.com/enero/wp-content/upgrade/adavanzo@kpmg.com/dailyfantasy/contest/9426255?is_retargeting=true&af_sub1=Acquisition&c=US_Acquisition_YMktg_AcquisitionDailyFantasyFootballUsers_20210923_PlayPastSeason&pid=email&af_sub4=0ebb6285-329b-4008-8c13-ec8b8929cb50&af_sub5=DynamicTemplate_Email_Static_&af_sub2=US_YMktg HTTP 302
    https://bgmmk.detnb.ru/Madavanzo@kpmg.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/70d5f7ce/api.js?onload=_cf_chl_turnstile_l&render=explicit

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Madavanzo@kpmg.com
bgmmk.detnb.ru/
Redirect Chain
  • https://fantasy.onelink.me/786320431?pid=email&c=US_Acquisition_YMktg_AcquisitionDailyFantasyFootballUsers_20210923_PlayPastSeason&af_sub1=Acquisition&af_sub2=US_YMktg&af_sub3&af_sub4=0ebb6285-329b...
  • https://dicorlab.com/enero/wp-content/upgrade/adavanzo@kpmg.com/dailyfantasy/contest/9426255?is_retargeting=true&af_sub1=Acquisition&c=US_Acquisition_YMktg_AcquisitionDailyFantasyFootballUsers_2021...
  • https://bgmmk.detnb.ru/Madavanzo@kpmg.com
8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bgmmk.detnb.ru/Madavanzo@kpmg.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1296 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26dae22c0779750dedc228458c3c68d77f5fe51888f056294fba5658af274966
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7bc3c956babe9951-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sun, 23 Apr 2023 05:43:00 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i13JVVgki5JXbJVvKjVR%2F4%2FDYbQwtsp8Biy9P10%2BeW1pWIq04lqnpqbVYqQ3Hdllhkv3P1SfAfbXFrJV%2BJm%2BxnsAPqSkZ9H24aqMKbbGcTgrtl%2Bl7xFkWFD3ZlCn7vnOr6vABi0vQNhQTadSQg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

content-encoding
gzip
content-length
101
content-type
text/html; charset=UTF-8
date
Sun, 23 Apr 2023 05:43:00 GMT
location
https://bgmmk.detnb.ru/Madavanzo@kpmg.com
server
Apache
vary
Accept-Encoding
v1
bgmmk.detnb.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ 		148 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bgmmk.detnb.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7bc3c956babe9951
Requested by
Host: bgmmk.detnb.ru
URL: https://bgmmk.detnb.ru/Madavanzo@kpmg.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1296 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bb17da6135d79db48a0c70fb9586190ff5bc53e6299d704d27d115f4244eb5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bgmmk.detnb.ru/Madavanzo@kpmg.com?__cf_chl_rt_tk=D8b8upUUSs_fuWRebKYSn4w62ai4nUsiTw7W_R6flbU-1682228580-0-gaNycGzNC6U
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 05:43:01 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQMyC3a0YDTGSpsXTOM%2BXhou8lxShHt1MOkpSJovlS9Lk%2FKBFPiLN%2FM7kU8j5Vitv9HVKaUcXQpmCMTV%2Bsg4NSq%2B4qSCpILV2n9Hq8dIKs2xVDcwd%2BecCMson0e5dWbQn9Cai9x0%2ByTuHP%2F%2FuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7bc3c9574b1b9951-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
transparent.gif
bgmmk.detnb.ru/cdn-cgi/images/trace/managed/js/ 		42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgmmk.detnb.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7bc3c956babe9951
Requested by
Host: bgmmk.detnb.ru
URL: https://bgmmk.detnb.ru/Madavanzo@kpmg.com?__cf_chl_rt_tk=D8b8upUUSs_fuWRebKYSn4w62ai4nUsiTw7W_R6flbU-1682228580-0-gaNycGzNC6U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1296 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bgmmk.detnb.ru/Madavanzo@kpmg.com?__cf_chl_rt_tk=D8b8upUUSs_fuWRebKYSn4w62ai4nUsiTw7W_R6flbU-1682228580-0-gaNycGzNC6U
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 05:43:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 Apr 2023 16:29:34 GMT
server
cloudflare
etag
"643ec56e-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7bc3c9574b1a9951-FRA
content-length
42
expires
Sun, 23 Apr 2023 07:43:01 GMT
api.js
challenges.cloudflare.com/turnstile/v0/g/70d5f7ce/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/g/70d5f7ce/api.js?onload=_cf_chl_turnstile_l&render=explicit
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/70d5f7ce/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: bgmmk.detnb.ru
URL: https://bgmmk.detnb.ru/Madavanzo@kpmg.com
Protocol
H2
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b40667594c82d7c843189fa25ecf138c252bda05d50bcbf9e84c6c1b5b150f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 05:43:01 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7bc3c9586f476922-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Sun, 23 Apr 2023 05:43:01 GMT
server
cloudflare
vary
accept-encoding
location
/turnstile/v0/g/70d5f7ce/api.js?onload=_cf_chl_turnstile_l&render=explicit
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7bc3c9582f146922-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
32fb6ecd326fa3f
bgmmk.detnb.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1214308966:1682226445:kUMBhV3dgl4t8rd6-Fx1LS0_P5hql3EcR7KRAPE_oVE/7bc3c956babe9951/ 		114 KB
61 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bgmmk.detnb.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1214308966:1682226445:kUMBhV3dgl4t8rd6-Fx1LS0_P5hql3EcR7KRAPE_oVE/7bc3c956babe9951/32fb6ecd326fa3f
Requested by
Host: bgmmk.detnb.ru
URL: https://bgmmk.detnb.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7bc3c956babe9951
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1296 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74af5c44b02da899c9c90321e30cfa15ae55b4efdae18ebcc48e58d55793b8c9

Request headers

Referer
https://bgmmk.detnb.ru/Madavanzo@kpmg.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
CF-Challenge
32fb6ecd326fa3f
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 23 Apr 2023 05:43:01 GMT
content-encoding
br
cf_chl_gen
U31WQ3z2hHx4616fifzbrNW+oHDz3gI+GQ7cJfBm87bttfve2uKp41PBUL1eNhQ4oJYsrJw7+YgPIfexpQ3HcrXNK1p1yMqA1+FJrS4imA/WvgOtyXMFck1ah9QYud5DR3tJuHRMX9brelZvim3SE3feyQBgOQ0ifUm21NpVc3UjHBQPpgd3E3/8eqKj9o0fFTFHhlx2+ZoS9YK+7DL+DMCsSAxzHPwrCWLqU8Dh0lrjvEcm4G9d3OHeTPZgZPDjTE+vaAT7l5JAZSoSN4rUXbVBrl7iWw8gsQQyj5QygLxFzRILaanYftU1w2BHYP0UDvR953H/++91YCsxHJf3HUq9VnTPt7SKA4yqcF2tXO8cnoyfY+Dl/pcFaIdWlSv1jUGnbPgyJznAWxn7TB4lhuF9CpsJZ8yQBInBPcxBx/9wMuju3lNSmT62rB9VxR4ZkzMgOO4G53cYzW+YPXKh6ndjGSJZXFZNrNZwWBGpWKI=$/2/Wf3vimSKj8IB6nyMNBQ==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLiIUy142lUDVsRg3hpkLwkjWAWSgscreSPJCc4PWvCTKpAP3UUuiWJjvvyCu77bbr2EzD12xLtlgRpvje9Hof4friSld9I3EhgsY0IT%2FnweOqJ%2BT4aViMRCDuP4VCHm5gJSJNvf618RTySMpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7bc3c9587e6d68f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7KRSb6EBvZECVDA
bgmmk.detnb.ru/cdn-cgi/challenge-platform/h/g/img/7bc3c956babe9951/1682228581208/ 		61 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgmmk.detnb.ru/cdn-cgi/challenge-platform/h/g/img/7bc3c956babe9951/1682228581208/7KRSb6EBvZECVDA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1296 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4c5c70d5e75ced7cb4d1cd46a11ef902089607dc1d126640c56106e4fe734a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bgmmk.detnb.ru/Madavanzo@kpmg.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 05:43:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7bc3c9599f6668f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5EJ%2BbrsTH8WFxgz82ef7xRnyyKraui%2FZsGfBWhNuEenXKoLwRwbXkz48O6QM%2FO8THnbH%2FLUVK%2Fsev0%2Bg88RgghtksGeIVap8uv5toufuVhLN34KJJGDRPLEBIP%2FOQd7Oy7VssrxMav1oASE7wA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
37c216e0-d636-4f8f-a6ea-d5bf8ba6ef25
https://bgmmk.detnb.ru/ 		656 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://bgmmk.detnb.ru/37c216e0-d636-4f8f-a6ea-d5bf8ba6ef25
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bgmmk.detnb.ru/Madavanzo@kpmg.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
656
Content-Type
text/javascript
6QDveMhpAVjZ09L
bgmmk.detnb.ru/cdn-cgi/challenge-platform/h/g/pat/7bc3c956babe9951/1682228581212/9e64039cac6a273fee900c740d56a2b709e5c9d87bcad069195b180df436d852/ 		1 B
926 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bgmmk.detnb.ru/cdn-cgi/challenge-platform/h/g/pat/7bc3c956babe9951/1682228581212/9e64039cac6a273fee900c740d56a2b709e5c9d87bcad069195b180df436d852/6QDveMhpAVjZ09L
Requested by
Host: bgmmk.detnb.ru
URL: https://bgmmk.detnb.ru/Madavanzo@kpmg.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1296 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bgmmk.detnb.ru/Madavanzo@kpmg.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 05:43:02 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gnmQDnKxqJz_ukAx0DVaitwnlydh7ytBpGVsYDfQ22FIADmJnbW1rLmRldG5iLnJ1, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAvs9E2WtOHukHE4JlkcSimfV97Bu4XmGrVTg9BC-wZU49y0HWBQKs5YvbHxIZmJqWjJ7FVWmmRcr_AFezYdaWw4JszO0DdWVtxEuedcIsAWvjv7KczqNao28n-nQffA4QBBl2jgytBw-wzstRTLnbWRs03f2_SNNj2RPcs5LJ0KeDEoszg9DO2JLqxdaT5xCFqq-_J_eybiEZDs1XU3HxgR3EjTtfBjHy_PgVXFOgvvTitGT_dcU8dtRi9MJmoSBEFseWB5NDiCcmjfnxsuSEFCWk1BzC9jxLkGTweBm6amRGJlR06WyMoOsYAvTJclZJHkr2z_FzA1C5VQkNP6D-jwIDAQAB, max-age=20
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ol%2BV%2FGlVs7zoEv%2B7sRqsC7GuI1MhjpWprqgk%2Btek6Ym1IL5tK0l%2BmbOiDS%2F%2BvVOCaMoHeTFDDfhaghorO%2BJ5oemAIhPKr8Jnv5yFr8uhdB4XxC2D6lErOwEvQrlhe9jfRS5Ky791ZCiTjPonzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7bc3c95e5c1a68f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
32fb6ecd326fa3f
bgmmk.detnb.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1214308966:1682226445:kUMBhV3dgl4t8rd6-Fx1LS0_P5hql3EcR7KRAPE_oVE/7bc3c956babe9951/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bgmmk.detnb.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1214308966:1682226445:kUMBhV3dgl4t8rd6-Fx1LS0_P5hql3EcR7KRAPE_oVE/7bc3c956babe9951/32fb6ecd326fa3f
Requested by
Host: bgmmk.detnb.ru
URL: https://bgmmk.detnb.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7bc3c956babe9951
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:1296 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e30793c3c1c1d4c29681841b688641cafa47b6ea0bb4453255664600ec11a64c

Request headers

Referer
https://bgmmk.detnb.ru/Madavanzo@kpmg.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
CF-Challenge
32fb6ecd326fa3f
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 23 Apr 2023 05:43:03 GMT
content-encoding
br
cf_chl_gen
dn0ZE+QFs0nX1SsoDUrPRzHDxsGIVgBq39LTgrrtzgKS2lD/SR2W+WXK+8A4Nvt/$1DfZ+zUiWB8k8KudvuLj6w==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbsGKfZ9uIcwm6tTGZBRRtZ%2FABv5X82iMWk541V%2BtU0PUCZH%2BOhAv66uPcwnMGGBWJFeTIFcf7fwZNdTcModDW1FBvGA%2BqdgQO4yOQx4bNDq0bDHMcY9hIOIn3Zny7OjWdscjeh9cltkNV6YLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7bc3c9650a7c68f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/i145n/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 7AAE 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/i145n/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0341cd87a28d69c5c3a82402359f0a024dc9a7aa2251edc716779c22696f204

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7bc3c966a8d59290-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sun, 23 Apr 2023 05:43:03 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 7AAE 		151 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7bc3c966a8d59290
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/i145n/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed0e8132c9213a95466ce27acf693a78d6852f36875feb68b2642a6e887774c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/i145n/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 05:43:03 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7bc3c967797a9290-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
71ccf8327664662
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1443325826:1682226330:ldTGdjWHx8OvFHm5fs9wGfUKGxT-b1VbQwN3Yt6T_HQ/7bc3c966a8d59290/ Frame 7AAE 		91 KB
49 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1443325826:1682226330:ldTGdjWHx8OvFHm5fs9wGfUKGxT-b1VbQwN3Yt6T_HQ/7bc3c966a8d59290/71ccf8327664662
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7bc3c966a8d59290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3165427d79ff8a7feea431043ac1c5b891b7691f1c2a455b2971cdb215fa7c5

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/i145n/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
CF-Challenge
71ccf8327664662
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 23 Apr 2023 05:43:03 GMT
content-encoding
br
cf_chl_gen
virImW7tG99I4e/3Z5disxpGfXq/itt4Xt9JG2zBffHeyA5zGVpnjoLoE/mlminPW5d90UWeOWpwVCXDPwsdvK9mFNwteXRxDcnjLkjsIHbz+GGZroH1Tp2pS+cJAnkbdWYZh0nOyP9T7g4YPboYJluMfKy/UvWze6AdYrdRhUckqilgMRp0B2gU9cSp1mxELCxkxrjwR8hsYdPJI+URGamHCSm8bSK7vuUlwTSs0+o5ZWLeaYSl/C/TSWpETx1kBfQirFAiN5M3utCbvdy97bCj3N5m0WS/9dGIUBT4gTX1yI2nblj9wLVc+Dfaz3SqGysOYldri/+hK8wAuU6ecyeBfsBCSrDBexv22xs0w9HyMc0xhAyYRzCJ/fJL4jgS+Wb4/Su0wleIRtB514ICXSeXjrM1YaIEOHklHdHkGC0=$wa688VBZbzYNYtkHt2zRjQ==
server
cloudflare
cf-ray
7bc3c968ca769290-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
9R5BC4vckfFGKrN
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7bc3c966a8d59290/1682228583817/5b9143ee901c8894d5c505ccfc835da09e481e6536c57ab6652e46afe7ebf7dd/ Frame 7AAE 		1 B
648 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7bc3c966a8d59290/1682228583817/5b9143ee901c8894d5c505ccfc835da09e481e6536c57ab6652e46afe7ebf7dd/9R5BC4vckfFGKrN
Requested by
Host: bgmmk.detnb.ru
URL: https://bgmmk.detnb.ru/Madavanzo@kpmg.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/i145n/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 05:43:04 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gW5FD7pAciJTVxQXM_INdoJ5IHmU2xXq2ZS5Gr-fr990AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAvs9E2WtOHukHE4JlkcSimfV97Bu4XmGrVTg9BC-wZU49y0HWBQKs5YvbHxIZmJqWjJ7FVWmmRcr_AFezYdaWw4JszO0DdWVtxEuedcIsAWvjv7KczqNao28n-nQffA4QBBl2jgytBw-wzstRTLnbWRs03f2_SNNj2RPcs5LJ0KeDEoszg9DO2JLqxdaT5xCFqq-_J_eybiEZDs1XU3HxgR3EjTtfBjHy_PgVXFOgvvTitGT_dcU8dtRi9MJmoSBEFseWB5NDiCcmjfnxsuSEFCWk1BzC9jxLkGTweBm6amRGJlR06WyMoOsYAvTJclZJHkr2z_FzA1C5VQkNP6D-jwIDAQAB, max-age=20
server
cloudflare
cf-ray
7bc3c96ccd849290-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
ZLLGU24hiinmZYI
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7bc3c966a8d59290/1682228583817/ Frame 7AAE 		61 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7bc3c966a8d59290/1682228583817/ZLLGU24hiinmZYI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0404e6a39e95913db6ed127bd6ac190402875af5db179904c679f28f9fcd6b06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/i145n/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 23 Apr 2023 05:43:04 GMT
server
cloudflare
cf-ray
7bc3c96d0dad9290-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
0fe6e24a-c895-434f-8a79-ec5cf7d00689
https://challenges.cloudflare.com/ Frame 7AAE 		539 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/0fe6e24a-c895-434f-8a79-ec5cf7d00689
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08c91791d18c8b35509f8951ba53b3868ebc91a142f78fb1294aadad03f537c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/i145n/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
539
Content-Type
text/javascript
5c45edc4-c656-4e1d-bb3b-81f9494f2af4
https://challenges.cloudflare.com/ Frame 7AAE 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/5c45edc4-c656-4e1d-bb3b-81f9494f2af4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
343e096721541278125accf20614a71fe5a90c6f26775dc86c5bae6e382650f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/i145n/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
3449
Content-Type
text/javascript
5c45edc4-c656-4e1d-bb3b-81f9494f2af4
https://challenges.cloudflare.com/ Frame 7AAE 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/5c45edc4-c656-4e1d-bb3b-81f9494f2af4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
343e096721541278125accf20614a71fe5a90c6f26775dc86c5bae6e382650f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/i145n/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
3449
Content-Type
text/javascript
5c45edc4-c656-4e1d-bb3b-81f9494f2af4
https://challenges.cloudflare.com/ Frame 7AAE 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/5c45edc4-c656-4e1d-bb3b-81f9494f2af4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
343e096721541278125accf20614a71fe5a90c6f26775dc86c5bae6e382650f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/i145n/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
3449
Content-Type
text/javascript
71ccf8327664662
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1443325826:1682226330:ldTGdjWHx8OvFHm5fs9wGfUKGxT-b1VbQwN3Yt6T_HQ/7bc3c966a8d59290/ Frame 7AAE 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1443325826:1682226330:ldTGdjWHx8OvFHm5fs9wGfUKGxT-b1VbQwN3Yt6T_HQ/7bc3c966a8d59290/71ccf8327664662
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7bc3c966a8d59290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39d718e26ad249521dba8c3554ae60cdbc4c86da85d77241085e8618255c20e4

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/i145n/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
CF-Challenge
71ccf8327664662
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 23 Apr 2023 05:43:05 GMT
content-encoding
br
cf_chl_gen
ZEBc2VRbuXXG+d3kMkOV5Jmvxsyi9YZcsnd7CQcc+BqQpWUbL8zbEPlioGNUjyuc$2WZ1+vk+CMZkG8iuh30uaQ==
server
cloudflare
cf-ray
7bc3c97058a09290-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _cf_chl_opt function| sendRequest function| _cf_chl_turnstile_l function| SHA256 function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded object| _ undefined| _cf_gcr

0 Cookies

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://bgmmk.detnb.ru/Madavanzo@kpmg.com
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://bgmmk.detnb.ru/cdn-cgi/challenge-platform/h/g/pat/7bc3c956babe9951/1682228581212/9e64039cac6a273fee900c740d56a2b709e5c9d87bcad069195b180df436d852/6QDveMhpAVjZ09L
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7bc3c966a8d59290/1682228583817/5b9143ee901c8894d5c505ccfc835da09e481e6536c57ab6652e46afe7ebf7dd/9R5BC4vckfFGKrN
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN