urlscan.io logo urlscan.io
SecurityTrails logo

balellusska.xyz Open in urlscan Pro
2606:4700:3031::6815:1b1d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://lttmkhhbb.cc.rs6.net/tn.jsp?f=001peNoEiFomrvPyFSm9AwswdnZtdPTnSepTGfijDN7uMcehitgUcG0yPQc2tNQfUWahwBugDj4g3LAt2v2ze-0...
Effective URL: https://balellusska.xyz/
Submission: On June 11 via manual from MX — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3031::6815:1b1d, located in United States and belongs to CLOUDFLARENET, US. The main domain is balellusska.xyz.
TLS certificate: Issued by WE1 on June 11th 2024. Valid for: 3 months.
This is the only time balellusska.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 208.75.122.11 40444 (ASN-CC)
1 2 172.93.120.13 393960 (HOST4GEEK...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
10 4
Apex Domain
Subdomains		 Transfer
5 balellusska.xyz
balellusska.xyz
145 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4305
14 KB
2 sevencars.de
sevencars.de
661 B
1 rs6.net
lttmkhhbb.cc.rs6.net
350 B
10 4
Domain Requested by
5 balellusska.xyz sevencars.de
balellusska.xyz
2 challenges.cloudflare.com balellusska.xyz
challenges.cloudflare.com
2 sevencars.de 1 redirects
1 lttmkhhbb.cc.rs6.net 1 redirects
10 4

This site contains no links.

Subject Issuer Validity Valid
www.sevencars.de
R11		 2024-06-10 -
2024-09-08		 3 months crt.sh
balellusska.xyz
WE1		 2024-06-11 -
2024-09-09		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://balellusska.xyz/
Frame ID: 8D860476E25B39D7B2DC241284016516
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xm0i1/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: A3B29A95C5D5345A7223B168A31B7A13
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nur einen Moment…

Page URL History Show full URLs

  1. https://lttmkhhbb.cc.rs6.net/tn.jsp?f=001peNoEiFomrvPyFSm9AwswdnZtdPTnSepTGfijDN7uMcehitgUcG0yPQc2tNQfUWa... HTTP 302
    https://sevencars.de/propar/crew HTTP 301
    https://sevencars.de/propar/crew/ Page URL
  2. https://balellusska.xyz/ HTTP 307
    https://balellusska.xyz/ Page URL

Page Statistics

10
Requests

80 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

160 kB
Transfer

467 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lttmkhhbb.cc.rs6.net/tn.jsp?f=001peNoEiFomrvPyFSm9AwswdnZtdPTnSepTGfijDN7uMcehitgUcG0yPQc2tNQfUWahwBugDj4g3LAt2v2ze-0hLKbTARhVxML2ZXjp4PLsR49sd6yGcIwaXVhhumG34jWaoQCtW1Rrb8vZxP2u_F0RC1bQ_7q_aS239S0gkNbOQ4=&c=eKsDIk5c79XQ7GKLeCfKrMuHE__ztGIphh7Qza9Y5HuFT1cRcmh7Vg==&ch=6bP2Cw-k4S8-kwQkGr3B8l_iJnNS9DEJQRncRc9B06hrd0K6vV-67Q== HTTP 302
    https://sevencars.de/propar/crew HTTP 301
    https://sevencars.de/propar/crew/ Page URL
  2. https://balellusska.xyz/ HTTP 307
    https://balellusska.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://lttmkhhbb.cc.rs6.net/tn.jsp?f=001peNoEiFomrvPyFSm9AwswdnZtdPTnSepTGfijDN7uMcehitgUcG0yPQc2tNQfUWahwBugDj4g3LAt2v2ze-0hLKbTARhVxML2ZXjp4PLsR49sd6yGcIwaXVhhumG34jWaoQCtW1Rrb8vZxP2u_F0RC1bQ_7q_aS239S0gkNbOQ4=&c=eKsDIk5c79XQ7GKLeCfKrMuHE__ztGIphh7Qza9Y5HuFT1cRcmh7Vg==&ch=6bP2Cw-k4S8-kwQkGr3B8l_iJnNS9DEJQRncRc9B06hrd0K6vV-67Q== HTTP 302
  • https://sevencars.de/propar/crew HTTP 301
  • https://sevencars.de/propar/crew/

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
sevencars.de/propar/crew/
Redirect Chain
  • https://lttmkhhbb.cc.rs6.net/tn.jsp?f=001peNoEiFomrvPyFSm9AwswdnZtdPTnSepTGfijDN7uMcehitgUcG0yPQc2tNQfUWahwBugDj4g3LAt2v2ze-0hLKbTARhVxML2ZXjp4PLsR49sd6yGcIwaXVhhumG34jWaoQCtW1Rrb8vZxP2u_F0RC1bQ_7q...
  • https://sevencars.de/propar/crew
  • https://sevencars.de/propar/crew/
201 B
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sevencars.de/propar/crew/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.93.120.13 Lenoir, United States, ASN393960 (HOST4GEEKS-LLC, US),
Reverse DNS
uni1.ewcbd.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 11 Jun 2024 17:48:09 GMT
Keep-Alive
timeout=5, max=99
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Connection
Keep-Alive
Content-Length
241
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 11 Jun 2024 17:48:08 GMT
Keep-Alive
timeout=5, max=100
Location
https://sevencars.de/propar/crew/
Server
Apache
Primary Request /
balellusska.xyz/
Redirect Chain
  • https://balellusska.xyz/
  • https://balellusska.xyz/
16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://balellusska.xyz/
Requested by
Host: sevencars.de
URL: https://sevencars.de/propar/crew/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64e6f125ea1b5755d8707aa417dc2d5c754271c1e441ac38ffbbf1f4bee63c52
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://sevencars.de/propar/crew/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
+4sYkViULd6xoHi64xOCVnyi24OSKBYOC86HROLXXIrF30RUL81A1JmhUB22+7SwmbHX385qzZXNhyhl+reImbMwoyfH3ig0/1BS6T3LKr8+EoPkKwV3KGjfu2mOlIg1h/zhEDL7RycjHyYhu2sBDw==$RH1Sj47kTomxWKn14S/cGA==
cf-mitigated
challenge
cf-ray
89236e2de8a365d6-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 11 Jun 2024 17:48:09 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MCb8LCzS%2FjC%2B1jvYdOxu0q3yusIR8vQkRFoZudK86YjEGLdXC%2B%2FCbfLew20SfB9%2B7%2FmuDNh9vMjs9XnMpaLAHdRW42bm5Ccmd8Y14bTzDSBAOtSD3M%2BwWBGKKZdY2chaT6ys25ziuS%2BrNwc3C8c%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://balellusska.xyz/
v1
balellusska.xyz/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		362 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://balellusska.xyz/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=89236e2de8a365d6
Requested by
Host: balellusska.xyz
URL: https://balellusska.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b799f3879835fd4ae66289c97dd5fc19ad868576da81d2f566feff7fd94f55b9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"125.0.6422.141"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://balellusska.xyz/?__cf_chl_rt_tk=ZYKndvqT_zp7dd5eMHkWgKtNFfwIzWSvUj1LAjy.x0I-1718128089-0.0.1.1-3881
sec-ch-ua-full-version-list
"Google Chrome";v="125.0.6422.141", "Chromium";v="125.0.6422.141", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:48:09 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sfcWk9tV1jDkgNqGhVPe55IpVlhi5SfCkP7EKG7K%2BseMUw0zlH%2Bg5BBpjdqNyVCyIIt6e5H7l22j369fvSqDMC8O%2FdmZ%2FTUFvZ21EnKu09s199HAAP9SDnC78dAqWXEyfP9CIZW99U%2BZhqT8eyo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
89236e2e594365d6-FRA
alt-svc
h3=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/api.js?onload=OZxW4&render=explicit
Requested by
Host: balellusska.xyz
URL: https://balellusska.xyz/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=89236e2de8a365d6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22401f58443400f39ce653a1736059092e1e5f85ffbbbaeda4b11c16b5bade6e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://balellusska.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:48:09 GMT
content-encoding
br
last-modified
Thu, 06 Jun 2024 21:04:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
89236e2f2ec61e45-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
balellusska.xyz/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://balellusska.xyz/favicon.ico
Requested by
Host: balellusska.xyz
URL: https://balellusska.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
211a344a1220a678c80befae4b1f5ee2c9346d1fc9fbd8a368733a8da4f1daeb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"125.0.6422.141"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://balellusska.xyz/
sec-ch-ua-full-version-list
"Google Chrome";v="125.0.6422.141", "Chromium";v="125.0.6422.141", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:48:09 GMT
content-encoding
br
x-content-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
cf-chl-out
ZA+jHJm+Bde4Oy6KduwtdDGqQM8Bcf8tgPRrW8oeWSkYRWSLlcNVyBZUMwEvEtWGsjUGEOqWipyoRdQvA94eEOCuhKvP1GBhuyjPqo/UezqS8J2ArTcPgiG1ki/Z+o5TnQLcDkBgtF7bkbqREwuZPQ==$rcMg+rjb++F/+M2v5qtsUw==
referrer-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2BpKfMP1MIGO%2BwiFFU66zUWsDaS1pqNNp4%2FvQI%2BE7R3iMjvVTgOwbpyA9qT6JUAzVvUczV6S6Ktr8BY0bpxmwk3pp0K0ryeENCjNYwmikmdWx11H3l0DjQ7RRbMe%2F8FO6qq7GIX%2BBWGSZk4jdgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
89236e2f0a2f65d6-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
1039aa13-5681-4989-b6b9-48dcf3dac0a9
https://balellusska.xyz/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://balellusska.xyz/1039aa13-5681-4989-b6b9-48dcf3dac0a9
Requested by
Host: balellusska.xyz
URL: https://balellusska.xyz/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://balellusska.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
favicon.ico
balellusska.xyz/ 		16 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://balellusska.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d97cf4f72d1a07cc8a8586f2af98bdb3268c848305297a70ceb1b3610a6f876
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"125.0.6422.141"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://balellusska.xyz/
sec-ch-ua-full-version-list
"Google Chrome";v="125.0.6422.141", "Chromium";v="125.0.6422.141", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:48:09 GMT
content-encoding
br
x-content-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
cf-chl-out
mAFSbiOEOTNnZFZmeB6zcPYy/YwOPBvNpH+1QT8uesId7thPYd81sTwVkPdmGkMRONAypRN1vZfE716dS76Z439Kh3LNAJc7wR66hh7zTHNHNMBQCmqqs/S+2HS947Hh9ClXZDdPWny9AYePunelyQ==$R5WlxXoKiXX0Ldi+gzZLDQ==
referrer-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gN8dJlLlfzktDbYE1TnAEREUJ%2F17mlvIrB0ryEUAzAnEwOXkQSmryUpyDWvk7E9mJsuyG%2FMwtXsokWxuGTiCzHxAamGmURTVvBVOwMxB%2BmCMbcACb2wCUI6UXLnCUKKYFOvMn3V648qaOQY6POg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
89236e2f7afd65d6-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
1ab3f39470b9ab7
balellusska.xyz/cdn-cgi/challenge-platform/h/g/flow/ov1/2019117540:1718125814:nrFtm-zEi_GzeXvILtqRdBlZESn-PTjdlgB_CutvKxM/89236e2de8a365d6/ 		16 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://balellusska.xyz/cdn-cgi/challenge-platform/h/g/flow/ov1/2019117540:1718125814:nrFtm-zEi_GzeXvILtqRdBlZESn-PTjdlgB_CutvKxM/89236e2de8a365d6/1ab3f39470b9ab7
Requested by
Host: balellusska.xyz
URL: https://balellusska.xyz/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=89236e2de8a365d6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:1b1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6114aad0ff62a03cf1850a95670fbf7ba905080a9601e5a78874c5e10595e10

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
Content-type
application/x-www-form-urlencoded
sec-ch-ua-full-version
"125.0.6422.141"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://balellusska.xyz/
sec-ch-ua-full-version-list
"Google Chrome";v="125.0.6422.141", "Chromium";v="125.0.6422.141", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
CF-Challenge
1ab3f39470b9ab7
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:48:09 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rOTmKUOb8LIVQufWxGVcp7%2FinyBbsSDhlwRbqreWm4fbtaSzFJ79c2GDV3B1cHWsV6n5ffMI0kOkhFMKM9yHWQ4NIuBhRP%2BW2CNx90N%2FBVKiTQeCUSgVwBTFc6NvFLex5KdlS2Zzd3WQjLpxVZY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
89236e2fbb5c65d6-FRA
alt-svc
h3=":443"; ma=86400
cf-chl-gen
ElM9sqdrfIWgW8mMZI/LjB84NvZrn4zBK1Jx675R0MkGbe/Nx7MpLEMTitKRWz4t$+h1Oiz5TyKZJl7GQWAQTrg==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xm0i1/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame A3B2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xm0i1/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/6aac8896f227/api.js?onload=OZxW4&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
89236e306cb130f3-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 11 Jun 2024 17:48:09 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
ed7d5833-36e2-4719-8246-10d33da7a790
https://balellusska.xyz/ 		80 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://balellusska.xyz/ed7d5833-36e2-4719-8246-10d33da7a790
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3418640c1204265881221580b9d1554424f6ed49549d408da50c690ab29f400

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://balellusska.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
80
Content-Type
text/javascript

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _cf_chl_opt function| gjwQJ1 function| kwsq6 object| krDY8 object| vWLFN5 function| OZxW4 boolean| xUuJ3 function| Hbleq2 function| gnIE8 function| OGjdC1 function| KTENW1 object| IsRt4 number| vcXU0 object| angular object| turnstile boolean| vTyI7 string| NCyjN1

0 Cookies

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://balellusska.xyz/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://balellusska.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://balellusska.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()