pi5cjdsgte6436fb4dcbf2a.wizkha.ru Open in urlscan Pro
2606:4700:3034::ac43:a2cc  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://sterlingengineering.com.sg/red/?= Page URL
2. https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/M0 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ sterlingengineering.com.sg/red/	573 B 781 B	56ms 8ms	Document text/html	117.120.7.133 READYSPACE-SG Rea...
General Check archive.org Show headers Download Go to Full URL http://sterlingengineering.com.sg/red/?= Protocol HTTP/1.1 Server 117.120.7.133 , Singapore, ASN7595 (READYSPACE-SG Readyspace Cloud Services, SG), Reverse DNS genesis.thewebpeople.asia Software Apache / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Tue, 23 May 2023 17:33:41 GMT Keep-Alive timeout=5, max=100 Server Apache Transfer-Encoding chunked
GET H2	403	Primary Request M0 Show response pi5cjdsgte6436fb4dcbf2a.wizkha.ru/	7 KB 5 KB	376ms 10ms	Document text/html	2606:4700:3034::ac43:a2cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/M0 Requested by Host: sterlingengineering.com.sg URL: http://sterlingengineering.com.sg/red/?= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:a2cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ba8aab92bb6fc9b025f0c468b76105515e20c445377b931b2003bf60ef028ad Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://sterlingengineering.com.sg/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-mitigated challenge cf-ray 7cbf0bac4b529f9d-SIN content-encoding br content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Tue, 23 May 2023 17:33:43 GMT expires Thu, 01 Jan 1970 00:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ApjVYA%2FZwF4iPjcHlWmWYpRf6NOri0bMSyATjiyR%2FeuuAytihYZimeg91CbPgkJjABoPzN2Blk0X1ssUALy8%2FrjH4YgKVqYLcl4FP8eAZxAcAh0yDNGgW9kx116feGgZJAUQeSYJnEdsWAu9S89iAGbvNKORm1Fws827wK5M2GU%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	challenges.css pi5cjdsgte6436fb4dcbf2a.wizkha.ru/cdn-cgi/styles/	6 KB 3 KB	5ms 5ms	Stylesheet text/css	2606:4700:3034::ac43:a2cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/cdn-cgi/styles/challenges.css Requested by Host: pi5cjdsgte6436fb4dcbf2a.wizkha.ru URL: https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/M0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:a2cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language zh-SG,zh;q=0.9 Referer https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/M0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Tue, 23 May 2023 17:33:43 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 18 May 2023 12:46:56 GMT server cloudflare etag W/"64661e40-19c8" x-frame-options DENY vary Accept-Encoding content-type text/css cache-control max-age=7200, public cf-ray 7cbf0bac7b759f9d-SIN expires Tue, 23 May 2023 19:33:43 GMT
GET H3	200	v1 Show response pi5cjdsgte6436fb4dcbf2a.wizkha.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/	147 KB 53 KB	13ms 13ms	Script application/javascript	2606:4700:3034::ac43:a2cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7cbf0bac4b529f9d Requested by Host: pi5cjdsgte6436fb4dcbf2a.wizkha.ru URL: https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/M0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a2cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f92a0f2b5ccdb787a93eb4d28a6ec5744204c02108d1c8b0dfb45c166aa4dbe Request headers accept-language zh-SG,zh;q=0.9 Referer https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/M0?__cf_chl_rt_tk=5D3pkLnVUA5Gmjz1bcIZRwdO2u4YfoucHowqwNS1yug-1684863223-0-gaNycGzNC9A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Tue, 23 May 2023 17:33:43 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAOh6LD0jZe0JJF2mkpx0fVzt3nLvktqWBvsHARnigc88NKO3mDjiLPVX%2Bf6G9f7DScpIOrEgxomyiSeSFQtu1BKt79gJPPSG3H7C6nwo0K3Vm1m4oaCSx0SJBEB6UjJZThVgNxAczXCvk8fXgsPcWapX4vWw8Dbg2ujUth%2FhlU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=0, must-revalidate cf-ray 7cbf0bac9e0d9fc1-SIN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	transparent.gif pi5cjdsgte6436fb4dcbf2a.wizkha.ru/cdn-cgi/images/trace/managed/js/	42 B 261 B	5ms 4ms	Image image/gif	2606:4700:3034::ac43:a2cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cbf0bac4b529f9d Requested by Host: pi5cjdsgte6436fb4dcbf2a.wizkha.ru URL: https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/M0?__cf_chl_rt_tk=5D3pkLnVUA5Gmjz1bcIZRwdO2u4YfoucHowqwNS1yug-1684863223-0-gaNycGzNC9A Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a2cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language zh-SG,zh;q=0.9 Referer https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/M0?__cf_chl_rt_tk=5D3pkLnVUA5Gmjz1bcIZRwdO2u4YfoucHowqwNS1yug-1684863223-0-gaNycGzNC9A User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Tue, 23 May 2023 17:33:43 GMT x-content-type-options nosniff last-modified Thu, 18 May 2023 12:46:56 GMT server cloudflare etag "64661e40-2a" x-frame-options DENY vary Accept-Encoding content-type image/gif cache-control max-age=7200, public accept-ranges bytes cf-ray 7cbf0bac9e0e9fc1-SIN content-length 42 expires Tue, 23 May 2023 19:33:43 GMT
GET H2	200	api.js Show response challenges.cloudflare.com/turnstile/v0/g/7fe8adc8/	15 KB 5 KB	41ms 23ms	Script application/javascript	2606:4700::6812:7b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/g/7fe8adc8/api.js?onload=_cf_chl_turnstile_l&render=explicit Requested by Host: pi5cjdsgte6436fb4dcbf2a.wizkha.ru URL: https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7cbf0bac4b529f9d Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51957b7f445f96a4f027db0a264c33904aaa9cd1ef944148008e41d54d4f8f0c Request headers Referer Origin https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Tue, 23 May 2023 17:33:43 GMT content-encoding br server cloudflare vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=31536000 cf-ray 7cbf0baceb674565-SIN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	403	favicon.ico pi5cjdsgte6436fb4dcbf2a.wizkha.ru/	7 KB 7 KB	9ms 9ms	Image text/html	2606:4700:3034::ac43:a2cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/favicon.ico Requested by Host: pi5cjdsgte6436fb4dcbf2a.wizkha.ru URL: https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/M0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a2cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aecfee37f71dd2998b70c9f30f09583e493e17d7075171a625bf5839b470f56d Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language zh-SG,zh;q=0.9 Referer https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/M0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Tue, 23 May 2023 17:33:43 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cross-origin-embedder-policy require-corp cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 referrer-policy same-origin server cloudflare cross-origin-opener-policy same-origin cf-mitigated challenge x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8czohvwKaYp5jlF6qLqCVLkrCnFYy7m2XUhQr2CT5GZUStL4QSavI27jbehSvMw7GfFqVmpTA3trsWYHpAR49SnVuc1Ufux1Si8CTteLgsC9oGl2rctWCh6%2F34C18f%2F8F%2FNeXzxTyPEu8X5q6B2ko15QMzvcuzpC2s6sL%2BKnQZU%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 vary Accept-Encoding cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() cf-ray 7cbf0bacce4e9fc1-SIN expires Thu, 01 Jan 1970 00:00:01 GMT
GET DATA	200 OK	truncated /	586 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/png
POST H3	200	09b66acb440c66a Show response pi5cjdsgte6436fb4dcbf2a.wizkha.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/784865848:1684859742:_OPrivGA_oPYqVp9IopRjwb8d2DdqAu-ZyGC30A9Jgs/7cbf0bac4b529f9d/	206 KB 151 KB	105ms 105ms	XHR text/plain	2606:4700:3034::ac43:a2cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/784865848:1684859742:_OPrivGA_oPYqVp9IopRjwb8d2DdqAu-ZyGC30A9Jgs/7cbf0bac4b529f9d/09b66acb440c66a Requested by Host: pi5cjdsgte6436fb4dcbf2a.wizkha.ru URL: https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7cbf0bac4b529f9d Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a2cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e191f891e4527cc43c80399638389757ef97c5fd989e79606eaec301877f3376 Request headers Referer https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/M0 accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 CF-Challenge 09b66acb440c66a Content-type application/x-www-form-urlencoded Response headers date Tue, 23 May 2023 17:33:44 GMT content-encoding br cf_chl_gen RlyKHISszaakx8sFHYfkr5OQ418twxxgGcdSmFCvHMhAgEB4DojSS7IHezNGqHQbhK7QOtggRIS4NK4gtcVMCocgwgQGRNW1ASN54KBb2uIKC7/ONzzWK2Be+sFXN3/Uqe0rJ0I2wZ5BeTIBswHXEIMgQfJrRhdgtWMWZG0QNALcY5xd1IyTZc+1/ufYgh44HgdHLOixO0fmjzKuxkkau40cITtnRDw15R/rLeTgKeMC6Sx91UfWbjKCA/ms+GindyL7uloM5UOlkdfv1L6bxHILeLiT2HEVH7LeFnE+r8Dap6Uvi9iTYt65WW5blsErvECBwrdZLudFaOzzXR7b7WZwLAmsITP5RKY5qXJdMVHjw/38Fl84BopVgOK25AT0O2Vxf1jJ3EDuzN2S9eAd+USAZpW+Sv2g1MxStQCJeiXfC3yG9PZljHFKly7Iz9y8$lzT38rY1UTuJsK4RjezWNA== nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AmEZRH5ytXxfgWw4Stx991H0XFPzJofGOqXqIIZApQ7DHe%2BT0a4Eg84R2QvHvSYiA9WI4TlcgAr%2BWMF2585MDp5LGQjQZLhYuM50RILUQavhy%2FXmIEUl0zI5zyuv%2Be9RvbNaDcF60B%2B18cay2glpwsEvI1gjWClJzx1skBvi2Hw%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 7cbf0bad7f379fc1-SIN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	401	APSgXFCjRdrUWVI Show response pi5cjdsgte6436fb4dcbf2a.wizkha.ru/cdn-cgi/challenge-platform/h/g/pat/7cbf0bac4b529f9d/1684863223926/e6642aa38198afa82106641c58f5057312c4923ccf29775cf55ef9ea40715a07/	1 B 971 B	11ms 10ms	Fetch text/plain	2606:4700:3034::ac43:a2cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/cdn-cgi/challenge-platform/h/g/pat/7cbf0bac4b529f9d/1684863223926/e6642aa38198afa82106641c58f5057312c4923ccf29775cf55ef9ea40715a07/APSgXFCjRdrUWVI Requested by Host: pi5cjdsgte6436fb4dcbf2a.wizkha.ru URL: https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7cbf0bac4b529f9d Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a2cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5 Request headers accept-language zh-SG,zh;q=0.9 Referer https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/M0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Tue, 23 May 2023 17:33:44 GMT www-authenticate PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g5mQqo4GYr6ghBmQcWPUFcxLEkjzPKXdc9V756kBxWgcAIXBpNWNqZHNndGU2NDM2ZmI0ZGNiZjJhLndpemtoYS5ydQ==, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAySgKXvR721O-HwSCp6BF8TeuHicxXGVHXJN4EB8npTqPvHY_3JsFIv19McA1L_Hls3UzYxU0XpOgHKAk34hMPkndSXxOerIbkadB_CcGCGM3mS-MrXbJiPIuFgBG1c4mu9avO3K1PWqsKlOpNbqr3V0u4BiLmYsxv7KoBsqjvx76B8USG1V2-VBOhuDmcIwSxzaawL3Rm_dqQHqe805K_T89EWQFXwEL50CjRQCJvBgvj77mAuVESaB4GPQeDcPqKSlZ4wfa6jcuT9Va-g7stXB7YRLo2TZxdG5n_1yP6-jhXLmQ7q5ijd4DKvWX_BNTIc_g3efHdgEFkfHiizu1qwIDAQAB, max-age=20 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ERmos43h23LDAc%2FVy2x%2FsSAHrkh3AoJXrbJEfNe1r1AjUOyYqqOF3CiNxxGSXKaDxrsal%2F1j%2F21CMukIrRJwB%2Bp5k%2FEYerv1iYSdYQ%2B53i0QR2toe5a6g9dqhEx2D9xoSMU4RDIeoA5AdRLJ67nmr2LD6Ae%2B8yIz85KcD3JX%2FQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 7cbf0bb02ad89fc1-SIN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	b78inVGGNH0WvuJ pi5cjdsgte6436fb4dcbf2a.wizkha.ru/cdn-cgi/challenge-platform/h/g/img/7cbf0bac4b529f9d/1684863223929/	61 B 474 B	9ms 9ms	Image image/png	2606:4700:3034::ac43:a2cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/cdn-cgi/challenge-platform/h/g/img/7cbf0bac4b529f9d/1684863223929/b78inVGGNH0WvuJ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a2cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 25b9300c5deba8b0e67ed0ca6204a1f282d1e7e44b694b615b892afe273b192c Request headers accept-language zh-SG,zh;q=0.9 Referer https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/M0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Tue, 23 May 2023 17:33:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 7cbf0bb2fd529fc1-SIN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYf1aWmWePke8oKqCyYz9tW%2BY%2FM6UcRkjpcLkB3Mu8qaTSxZkgtlO4ItTybMYdlMEBiMWnUFKc%2BvY7LCg20JJHB%2FqKQKv0eRU0Jwm5TLhklaH0Ts59FgaO10zAu1cIRGdp62UYP5iJpyQey28cCuD6qvZX%2Fl7furLUJFh4ukBVo%3D"}],"group":"cf-nel","max_age":604800} content-type image/png
POST H3	200	09b66acb440c66a Show response pi5cjdsgte6436fb4dcbf2a.wizkha.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/784865848:1684859742:_OPrivGA_oPYqVp9IopRjwb8d2DdqAu-ZyGC30A9Jgs/7cbf0bac4b529f9d/	8 KB 6 KB	32ms 31ms	XHR text/plain	2606:4700:3034::ac43:a2cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/784865848:1684859742:_OPrivGA_oPYqVp9IopRjwb8d2DdqAu-ZyGC30A9Jgs/7cbf0bac4b529f9d/09b66acb440c66a Requested by Host: pi5cjdsgte6436fb4dcbf2a.wizkha.ru URL: https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7cbf0bac4b529f9d Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::ac43:a2cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8d060557293366cc68743d8e1a23ce660c68320287cd3babf59435ef758f86d1 Request headers Referer https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/M0 accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 CF-Challenge 09b66acb440c66a Content-type application/x-www-form-urlencoded Response headers date Tue, 23 May 2023 17:33:45 GMT content-encoding br cf_chl_gen AFQgJrWQzEv7qaxmmYFwBAutnqRnOzaL+oA/troMB+TJXTCombe8RlvptathsmH0$Y0v1MGn5swd7Lda0k3uUuA== nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLkyYLhnHmy4REj7KAw%2Fc6dY10YHMkflA%2B%2FN%2BV7sOwYek2dtaegT9xAGwd%2FcV%2F49MHrOs3oIppPEV1Ixi6rb1%2Fol4HqOYZewjsiD2laREEEIeAFb47q8qlPG9d1aBA2gOMD4%2FLJ1ooV%2BexBNXqYyUK2yD7hXQ2CEtX0%2FYoxXX54%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 7cbf0bb839b69fc1-SIN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	normal Show response challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nsllm/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame D598	22 KB 7 KB	31ms 22ms	Document text/html	2606:4700::6812:7b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nsllm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/g/7fe8adc8/api.js?onload=_cf_chl_turnstile_l&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a40b6d99e7784ab267b1855e65264b3797283a2b129b15f1ff881393026804ac Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=0, must-revalidate cf-ray 7cbf0bb88d8a3fab-SIN content-encoding br content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Tue, 23 May 2023 17:33:45 GMT document-policy js-profiling permissions-policy accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare
GET DATA	200 OK	truncated /	187 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578 Request headers accept-language zh-SG,zh;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/png
GET H3	200	v1 Show response challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame D598	153 KB 55 KB	24ms 24ms	Script application/javascript	2606:4700::6812:7b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7cbf0bb88d8a3fab Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nsllm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb9bd3da7cf4e739b9a154c11deb1c839bf304719f2077e9dd1ed3fd9752b900 Request headers accept-language zh-SG,zh;q=0.9 Referer https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nsllm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Tue, 23 May 2023 17:33:45 GMT cache-control max-age=0, must-revalidate content-encoding br server cloudflare cf-ray 7cbf0bb8fdfc3fab-SIN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-type application/javascript; charset=UTF-8
POST H3	200	3f77409b42d23d1 Show response challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/793069027:1684859856:yVequYiKQxha3T9RTm5x4TB9k5FnqAXZEgMNQih9vMc/7cbf0bb88d8a3fab/ Frame D598	170 KB 121 KB	91ms 90ms	XHR text/plain	2606:4700::6812:7b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/793069027:1684859856:yVequYiKQxha3T9RTm5x4TB9k5FnqAXZEgMNQih9vMc/7cbf0bb88d8a3fab/3f77409b42d23d1 Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7cbf0bb88d8a3fab Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b3b608a2ee41db8857486aa0473ae72649e7f4a5306fd2c243fdd4071e5e4f6f Request headers Referer https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nsllm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 CF-Challenge 3f77409b42d23d1 Content-type application/x-www-form-urlencoded Response headers date Tue, 23 May 2023 17:33:45 GMT content-encoding br cf_chl_gen xpPZHn7CBRUFPtDFpELIFnlalBzBLAfWP8eN8+NQQCULdsCYSe0PE0GqcTBZU5WuDOMmRDo7XQJRhlEjR/2kOwQhlfGnbWbzlSjcjiLUOzPVImtnrmxTV6Juk/IKCPxBVh9vHwSpHOih5JL8i41fgVMy7m4m7eHdxchqfEpfQ+MJMUvH3Nc8qKneh9dKfmECLb1fSSqGMHQtmvplSaDGiLyWAMcz2/OBTd6AB2uusHPLoe9+ap5DgR/y99ABFrYbCgkO1GyHupeHTrHVFfiT1wJcfOBr+Gdy+S2qz4vwYDX+82ZACPR/1PZ4/VgX4oWzj+mMwz6CB0ZtgbjeUOYjmcZFS7tDpW/PVj/cjR0tGnmItXUAv2ONx2w+7kc7wZoS$pFmqVgjGrOpNmX+1JgRR9g== server cloudflare cf-ray 7cbf0bb9eefb3fab-SIN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-type text/plain; charset=UTF-8
GET H3	200	rGAIycCx0ePEmJW challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7cbf0bb88d8a3fab/1684863225916/ Frame D598	61 B 167 B	11ms 11ms	Image image/png	2606:4700::6812:7b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7cbf0bb88d8a3fab/1684863225916/rGAIycCx0ePEmJW Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd07ddd79795f5ff5f13bc9f663f28ae437dfa4f0aa96972ab0b2a551e507a78 Request headers accept-language zh-SG,zh;q=0.9 Referer https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nsllm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Tue, 23 May 2023 17:33:46 GMT server cloudflare cf-ray 7cbf0bbabfc03fab-SIN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-type image/png
GET H3	401	VTVg4uaDqJGTHEo Show response challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7cbf0bb88d8a3fab/1684863225916/e4b4b713212756342f9882cbe0cf936de745b9b24612ff82c3105c4904e8880d/ Frame D598	1 B 651 B	12ms 11ms	Fetch text/plain	2606:4700::6812:7b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7cbf0bb88d8a3fab/1684863225916/e4b4b713212756342f9882cbe0cf936de745b9b24612ff82c3105c4904e8880d/VTVg4uaDqJGTHEo Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7cbf0bb88d8a3fab Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5 Request headers accept-language zh-SG,zh;q=0.9 Referer https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nsllm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Tue, 23 May 2023 17:33:46 GMT www-authenticate PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g5LS3EyEnVjQvmILL4M-TbedFubJGEv-CwxBcSQToiA0AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAySgKXvR721O-HwSCp6BF8TeuHicxXGVHXJN4EB8npTqPvHY_3JsFIv19McA1L_Hls3UzYxU0XpOgHKAk34hMPkndSXxOerIbkadB_CcGCGM3mS-MrXbJiPIuFgBG1c4mu9avO3K1PWqsKlOpNbqr3V0u4BiLmYsxv7KoBsqjvx76B8USG1V2-VBOhuDmcIwSxzaawL3Rm_dqQHqe805K_T89EWQFXwEL50CjRQCJvBgvj77mAuVESaB4GPQeDcPqKSlZ4wfa6jcuT9Va-g7stXB7YRLo2TZxdG5n_1yP6-jhXLmQ7q5ijd4DKvWX_BNTIc_g3efHdgEFkfHiizu1qwIDAQAB, max-age=20 server cloudflare cf-ray 7cbf0bbf4be43fab-SIN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-type text/plain; charset=UTF-8
POST H3	200	3f77409b42d23d1 Show response challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/793069027:1684859856:yVequYiKQxha3T9RTm5x4TB9k5FnqAXZEgMNQih9vMc/7cbf0bb88d8a3fab/ Frame D598	13 KB 10 KB	33ms 32ms	XHR text/plain	2606:4700::6812:7b9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/793069027:1684859856:yVequYiKQxha3T9RTm5x4TB9k5FnqAXZEgMNQih9vMc/7cbf0bb88d8a3fab/3f77409b42d23d1 Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7cbf0bb88d8a3fab Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5b32ed067d596e6bacdad6f7b063ce79d8325a7d9daff1d004b08a54ceafb25 Request headers Referer https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/nsllm/0x4AAAAAAAAjq6WYeRDKmebM/light/normal accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 CF-Challenge 3f77409b42d23d1 Content-type application/x-www-form-urlencoded Response headers date Tue, 23 May 2023 17:33:47 GMT content-encoding br cf_chl_gen erim+wodBl5jJ4dZb7T8hJi6YWYSlJr9DGfUnVdfFL253DfrMvxQKKmSC+wQtPlJ$/gZqXHRazPd67LHPhtnZuw== server cloudflare cf-ray 7cbf0bc4a9213fab-SIN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-type text/plain; charset=UTF-8

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _cf_chl_opt function| sendRequest function| SHA256 function| _cf_chl_turnstile_l function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded undefined| _cf_gcr

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/M0 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://pi5cjdsgte6436fb4dcbf2a.wizkha.ru/cdn-cgi/challenge-platform/h/g/pat/7cbf0bac4b529f9d/1684863223926/e6642aa38198afa82106641c58f5057312c4923ccf29775cf55ef9ea40715a07/APSgXFCjRdrUWVI Message: Failed to load resource: the server responded with a status of 401 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7cbf0bb88d8a3fab/1684863225916/e4b4b713212756342f9882cbe0cf936de745b9b24612ff82c3105c4904e8880d/VTVg4uaDqJGTHEo Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
pi5cjdsgte6436fb4dcbf2a.wizkha.ru
sterlingengineering.com.sg
117.120.7.133
2606:4700:3034::ac43:a2cc
2606:4700::6812:7b9
25b9300c5deba8b0e67ed0ca6204a1f282d1e7e44b694b615b892afe273b192c
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578
51957b7f445f96a4f027db0a264c33904aaa9cd1ef944148008e41d54d4f8f0c
5f92a0f2b5ccdb787a93eb4d28a6ec5744204c02108d1c8b0dfb45c166aa4dbe
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7ba8aab92bb6fc9b025f0c468b76105515e20c445377b931b2003bf60ef028ad
8d060557293366cc68743d8e1a23ce660c68320287cd3babf59435ef758f86d1
a40b6d99e7784ab267b1855e65264b3797283a2b129b15f1ff881393026804ac
aecfee37f71dd2998b70c9f30f09583e493e17d7075171a625bf5839b470f56d
b3b608a2ee41db8857486aa0473ae72649e7f4a5306fd2c243fdd4071e5e4f6f
bb9bd3da7cf4e739b9a154c11deb1c839bf304719f2077e9dd1ed3fd9752b900
bd07ddd79795f5ff5f13bc9f663f28ae437dfa4f0aa96972ab0b2a551e507a78
e191f891e4527cc43c80399638389757ef97c5fd989e79606eaec301877f3376
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5b32ed067d596e6bacdad6f7b063ce79d8325a7d9daff1d004b08a54ceafb25
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa