tumc.ngampr.ru Open in urlscan Pro
2606:4700:20::ac43:4835 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://4c0zulr.goldhaven.sa.com/
Effective URL:
https://tumc.ngampr.ru/M
Submission: On March 17 via manual (March 17th 2023, 6:56:50 am UTC) from NL — Scanned from NL

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 15 HTTP transactions. The main IP is 2606:4700:20::ac43:4835, located in United States and belongs to CLOUDFLARENET, US. The main domain is tumc.ngampr.ru.
TLS certificate: Issued by E1 on February 27th 2023. Valid for: 3 months.

This is the only time tumc.ngampr.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	162.241.71.248 162.241.71.248	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
7	2606:4700:20:... 2606:4700:20::ac43:4835	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2606:4700::68... 2606:4700::6812:6b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	3

1 162.241.71.248 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 162-241-71-248.webhostbox.net

4c0zulr.goldhaven.sa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::ac43:4835 (United States)

ASN13335 (CLOUDFLARENET, US)

tumc.ngampr.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:6b9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 5237	123 KB
7	ngampr.ru tumc.ngampr.ru	111 KB
1	sa.com 4c0zulr.goldhaven.sa.com	471 B
15	3

	Domain	Requested by
8	challenges.cloudflare.com	1 redirects tumc.ngampr.ru challenges.cloudflare.com 4c0zulr.goldhaven.sa.com
7	tumc.ngampr.ru	4c0zulr.goldhaven.sa.com tumc.ngampr.ru
1	4c0zulr.goldhaven.sa.com
15	3

This site contains no links.

Subject Issuer	Validity	Valid
*.ngampr.ru E1	`2023-02-27` - `2023-05-28`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://tumc.ngampr.ru/M
Frame ID: 1BF3FB5E9ADF8856FD79223B77F4B166
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/4ats0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 9822645E624E165D77DAB28D9C5A9209
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loading...

Page URL History Show full URLs

http://4c0zulr.goldhaven.sa.com/ Page URL
https://tumc.ngampr.ru/M Page URL

Page Statistics

15
Requests

87 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

234 kB
Transfer

532 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://4c0zulr.goldhaven.sa.com/ Page URL
https://tumc.ngampr.ru/M Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/db880165/api.js?onload=_cf_chl_turnstile_l&render=explicit

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
4c0zulr.goldhaven.sa.com/ 90 B
471 B 710ms
373ms Document
text/html 162.241.71.248
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: http://4c0zulr.goldhaven.sa.com/
Protocol: HTTP/1.1
Server: 162.241.71.248 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: 162-241-71-248.webhostbox.net
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Mar 2023 06:56:45 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

GET
H2 403 Primary Request M Show response
tumc.ngampr.ru/ 7 KB
5 KB 122ms
32ms Document
text/html 2606:4700:20::ac43:4835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tumc.ngampr.ru/M

Requested by

Host: 4c0zulr.goldhaven.sa.com
URL: http://4c0zulr.goldhaven.sa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fd1536300793521c442e391531c5b73c1c859003335c357df20195be6ac9cd0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://4c0zulr.goldhaven.sa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7a935683ea570bdb-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Fri, 17 Mar 2023 06:56:46 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqodFtkUdeHLFncIN%2BAD3qlUlKsJUXlRviYk17%2FRyJHlFWWjzi9S%2Bm7QsTNmugcPmsapJs%2FtSfmi1nzwDErxoQoRFKYdP1gsRnMfW%2BolFmBANK2H7z%2B6afSMeeYjhagnDfOXcQcxcX0b%2FpwN"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 v1 Show response
tumc.ngampr.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ 152 KB
55 KB 36ms
35ms Script
application/javascript 2606:4700:20::ac43:4835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tumc.ngampr.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7a935683ea570bdb
Requested by: Host: tumc.ngampr.ru
URL: https://tumc.ngampr.ru/M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a27d21fce64d4c38038d8c6d1cd3ffc6bf7c1df53c7823ebd1beb16756e16cdc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tumc.ngampr.ru/M?__cf_chl_rt_tk=LVeNXZLby8ryJ37vu9Qe4fvWYQOmyHnwbKNMjiazrs4-1679036206-0-gaNycGzNCbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 06:56:46 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzLFcEN%2F%2BzICnvrbsde5jG1QBA5hOZwH7c%2Fs2viNuxUtJepvdYtnRIT28yIab1gYvrUWDNueoK3Igs%2Brur%2BzU%2FPhUY9h6jnjJH5%2BoBcmaNr0ileDChDhKwdc5Wnq%2BcteSRrs3nzC5d068jVy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 7a9356845ac80bdb-AMS

GET
H2 200 transparent.gif
tumc.ngampr.ru/cdn-cgi/images/trace/managed/js/ 42 B
219 B 28ms
28ms Image
image/gif 2606:4700:20::ac43:4835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tumc.ngampr.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7a935683ea570bdb

Requested by

Host: tumc.ngampr.ru
URL: https://tumc.ngampr.ru/M?__cf_chl_rt_tk=LVeNXZLby8ryJ37vu9Qe4fvWYQOmyHnwbKNMjiazrs4-1679036206-0-gaNycGzNCbs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tumc.ngampr.ru/M?__cf_chl_rt_tk=LVeNXZLby8ryJ37vu9Qe4fvWYQOmyHnwbKNMjiazrs4-1679036206-0-gaNycGzNCbs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 06:56:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 22:56:11 GMT
server: cloudflare
etag: "6407c10b-2a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 7a9356845ac90bdb-AMS
content-length: 42
expires: Fri, 17 Mar 2023 08:56:46 GMT

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/db880165/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
https://challenges.cloudflare.com/turnstile/v0/g/db880165/api.js?onload=_cf_chl_turnstile_l&render=explicit

14 KB
5 KB

56ms
55ms

Script
application/javascript

2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/db880165/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by: Host: tumc.ngampr.ru
URL: https://tumc.ngampr.ru/M
Protocol: H2
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d395cc53363e6e22c75f73de0d4de7355ed844b65b8f0d149664ec06facd2d8e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 06:56:46 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7a9356856bd4b8be-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Fri, 17 Mar 2023 06:56:46 GMT
server: cloudflare
vary: accept-encoding
location: /turnstile/v0/g/db880165/api.js?onload=_cf_chl_turnstile_l&render=explicit
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7a9356853b7ab8be-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 2df3238faed829d Show response
tumc.ngampr.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/181327432:1679033364:-N5zcpAsdjxV4V1oTFA8lreiq4TzCFVib5se1KNQlo4/7a935683ea570bdb/ 85 KB
46 KB 59ms
58ms XHR
text/plain 2606:4700:20::ac43:4835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tumc.ngampr.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/181327432:1679033364:-N5zcpAsdjxV4V1oTFA8lreiq4TzCFVib5se1KNQlo4/7a935683ea570bdb/2df3238faed829d
Requested by: Host: tumc.ngampr.ru
URL: https://tumc.ngampr.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7a935683ea570bdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcc1cad4ef7a3b411619a2002a4c5716e1a51d04153136b89cd169391e0686e8

Request headers

Referer: https://tumc.ngampr.ru/M
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: 2df3238faed829d
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Mar 2023 06:56:47 GMT
content-encoding: br
cf_chl_gen: P8eMY6J+PzGM38+Qknt0r1ZCiV5OuvrVmv7iA1eDXC9sT3WT5QlasBbWG+arrWFEnqkpR4RS5TfDwuWU0I2loXOw7jfLGXQPYbAMCLDNUJVE+rk2h3If2xesu0t8hg28q88nuN1DSekqwgd//Gyx7wB6oEjoASjHmcKo8gOsascubWP1m0kHpdlZ3vOPKR8WyXS6gS6A3G/VVwsmF/mbOklZJ+MkJAMNdZOwXCb75itINZX2jWA4Bvg/2lMYQJrSmCGYmpmdDMkMBM7Ga5dLg+PB+RUIy4Z0qEl8/6cbr4PNvRHz9U7eeDmIvkphcnRVLIUaiH3d1SBbrevWMJYB97aA9spvdoZ9FychKOXjSQJ/v/eifVkCdgQAyZn9KIjnygW04q8m+hnH4+03eAUWaIx544+OlchiTz47AacWKT4=$kDsxKd/AQRUqPkTrRK0ktQ==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtPuqQR7aWYyniT90pC2GarGaOj%2BXjCS0bP3Ylcnmrq1vTsw0pf5rbeCY7l5WNZ7tG46cVEq%2BTCxso7G3gMD%2FEdEEtgX1%2BApl5dwZYA8bn%2Bi6mPSc31%2FSl22Xs0UJdFW3%2FBxR4qI7V1B5z4K"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7a9356859c2b0bdb-AMS

GET
H2 401 1-spKk3XtsyDean Show response
tumc.ngampr.ru/cdn-cgi/challenge-platform/h/g/pat/7a935683ea570bdb/1679036206980/a0bb65b2670a935e5ae5c7a29fe80d8c65237008e2137effb54aa48bd1993aaf/ 1 B
762 B 34ms
34ms Fetch
text/plain 2606:4700:20::ac43:4835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tumc.ngampr.ru/cdn-cgi/challenge-platform/h/g/pat/7a935683ea570bdb/1679036206980/a0bb65b2670a935e5ae5c7a29fe80d8c65237008e2137effb54aa48bd1993aaf/1-spKk3XtsyDean
Requested by: Host: 4c0zulr.goldhaven.sa.com
URL: http://4c0zulr.goldhaven.sa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tumc.ngampr.ru/M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 06:56:47 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20goLtlsmcKk15a5cein-gNjGUjcAjiE37_tUqki9GZOq8ADnR1bWMubmdhbXByLnJ1, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtK0fk8UgMasGK5V3T5wY7a3bUfa1Tk6cfuSReEDBgmTTk9fqUKZ-Ggt5F9FJ1uwqd0HYxixLl_RWXjBIvYJnQjOCdgocx_dtJX0HUsbnXCfqiYpIeSJFIKo1OEB2qE6Mo-yf5bNei97DT30-L3tp35JZNiva27hJ33lDc2DpBThSZJkQZOEUC0eIGteS9GpzKKOgBXDnY5uLmewDUWxRf75KVl_4xp4DYxyd6UHynCTcPH5J0UDGeGdnEK-l2On9Kao1M5xzKjKwaqHnc1XEcYw_43MSrFs8wlezfFYJE7k6y2acgGfGHmI9KKCy8EuyXzknUdo8saMec8jSdaf0rQIDAQAB, max-age=20
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a9356862cbe0bdb-AMS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tz2R3Emh7QPRPmy2W3LT7q%2F3a5P%2FkZczKtmOY4DWklfYkl7gzDfd7QLuTTC5FRrvsTZbNUepBVdmP0o%2BWt3A9yKxhR63tUAUGMa8uDyZHVtIdlQwP6vnPNPKMMBI9OSYZeKJKCwv9aqHtk2E"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 hwRvqBvDdiK-0B5
tumc.ngampr.ru/cdn-cgi/challenge-platform/h/g/img/7a935683ea570bdb/1679036206982/ 61 B
340 B 37ms
37ms Image
image/png 2606:4700:20::ac43:4835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tumc.ngampr.ru/cdn-cgi/challenge-platform/h/g/img/7a935683ea570bdb/1679036206982/hwRvqBvDdiK-0B5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 478d9c92bea379bd20eb6d98b849d2ca752d4cd6854597148023e5267a6d037d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tumc.ngampr.ru/M
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 06:56:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a93568948340bdb-AMS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3KJYyoLkXURGumnCPgtkjuMbCwV%2BBqv9%2FnxJJtHCv1k9qAOibG09c1fen4Xhua0p%2BFKfbqnGeW3wE1XeZ2avQH1cYxO0Mfu8grgQ64uPTu9njKP3SzOZ56xex9YYrtLhZDoy6sJy99bw%2BIc"}],"group":"cf-nel","max_age":604800}
content-type: image/png

POST
H2 200 2df3238faed829d Show response
tumc.ngampr.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/181327432:1679033364:-N5zcpAsdjxV4V1oTFA8lreiq4TzCFVib5se1KNQlo4/7a935683ea570bdb/ 5 KB
4 KB 77ms
77ms XHR
text/plain 2606:4700:20::ac43:4835
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tumc.ngampr.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/181327432:1679033364:-N5zcpAsdjxV4V1oTFA8lreiq4TzCFVib5se1KNQlo4/7a935683ea570bdb/2df3238faed829d
Requested by: Host: tumc.ngampr.ru
URL: https://tumc.ngampr.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7a935683ea570bdb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d1c925cbb40a30c2031fbb89a8d7f649e1c3e6ebb91c20e17ce8543dee976d2

Request headers

Referer: https://tumc.ngampr.ru/M
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: 2df3238faed829d
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Mar 2023 06:56:47 GMT
content-encoding: br
cf_chl_gen: 6FZdGD/NZXbD8bmkC2XsXXj3UACOKy1os+bExe7V8kcqcjlLjqPvUSak0lHbH/sP$6zcN3RKi3mwvz9Oem8OBeA==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izCI6wC%2FkKOKebsPgWbpZ%2FAu1lNsB9FH5ia%2F66C7RqNEXvAmjoZC5BBRkIZ5DKM4frNT8TV1OVBo%2F4INvMzNpKnz66RvJkuRBIBE6Df2HW88HX4B0EbKlEdbW5670l8aAS2ATMiF9vF0m4HI"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7a93568b1a5e0bdb-AMS

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/4ats0/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 9822 21 KB
7 KB 65ms
37ms Document
text/html 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/4ats0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8bfb020de0d07cfbf36d6f08ca7eac91784fc10675c7d31dbe83b03553d323a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7a93568bcd3ab93e-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 06:56:47 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 9822 149 KB
54 KB 38ms
38ms Script
application/javascript 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7a93568bcd3ab93e
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/4ats0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fe255761fbc492c2b71dcde35670a0051192ba2803403195875c8dd5c0cc5da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/4ats0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 06:56:48 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7a93568c6db8b93e-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

POST
H3 200 b66f2231b883c6a Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1342654740:1679033110:iDZC4KkuuKEIgN2h4kCea3lTgE4IIH_QfuDAfH46840/7a93568bcd3ab93e/ Frame 9822 88 KB
47 KB 61ms
61ms XHR
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1342654740:1679033110:iDZC4KkuuKEIgN2h4kCea3lTgE4IIH_QfuDAfH46840/7a93568bcd3ab93e/b66f2231b883c6a
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7a93568bcd3ab93e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26c05ca22faf75ab4ca32dd4db16824ae9165cd2e4cb1285e84a0b777e50bf26

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/4ats0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: b66f2231b883c6a
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Mar 2023 06:56:48 GMT
content-encoding: br
cf_chl_gen: 8drYRxA/1hbf0E9ttlAgOA88KpWCZNOmrv6Ely8SrjTmN+6DbNxUmPuKOJToS/7g/+R8Y8N+SKX6I9lfS3cCHLIJu7gusnd7eEbU2MvG199lKssSBwEJTVRQED2Jmn846gTEqrpYC6a7i1Gdn+ULf00HDuMQNuRr29T4/OSetDAPeg7o2Ue4z8MDZoscI1UNcbj74w4aWOMxLWLDZGr+aTskWHEabBEUjsA34qPc+aPMMv23kZNsGspQ53lQKnL2fR2yfp0rh7I4tTVWsU77cZnFANt9z4dqH8RgHBh4Y2MJFxsaUNfQEl1YXbqO3ruSHNLwaA8Sych0GTgWvjSlb8Rz/vJMD1txxJwO9DpkyTQbhxUq+agGZbpcw8wqJVyI+3lPDs2dGek+lI5LGtKsuQ==$4yAlycJz0LmGpG9uzZ5yLg==
server: cloudflare
cf-ray: 7a93568dbeecb93e-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 401 ln4rjsX4vdsYwJf Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a93568bcd3ab93e/1679036208281/fbfba4f5f71ee087156ffd5e20a7be41b6bf9f62a4c920874aeec5808937850e/ Frame 9822 1 B
645 B 34ms
33ms Fetch
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a93568bcd3ab93e/1679036208281/fbfba4f5f71ee087156ffd5e20a7be41b6bf9f62a4c920874aeec5808937850e/ln4rjsX4vdsYwJf
Requested by: Host: 4c0zulr.goldhaven.sa.com
URL: http://4c0zulr.goldhaven.sa.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/4ats0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 06:56:48 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g-_uk9fce4IcVb_1eIKe-Qba_n2KkySCHSu7FgIk3hQ4AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtK0fk8UgMasGK5V3T5wY7a3bUfa1Tk6cfuSReEDBgmTTk9fqUKZ-Ggt5F9FJ1uwqd0HYxixLl_RWXjBIvYJnQjOCdgocx_dtJX0HUsbnXCfqiYpIeSJFIKo1OEB2qE6Mo-yf5bNei97DT30-L3tp35JZNiva27hJ33lDc2DpBThSZJkQZOEUC0eIGteS9GpzKKOgBXDnY5uLmewDUWxRf75KVl_4xp4DYxyd6UHynCTcPH5J0UDGeGdnEK-l2On9Kao1M5xzKjKwaqHnc1XEcYw_43MSrFs8wlezfFYJE7k6y2acgGfGHmI9KKCy8EuyXzknUdo8saMec8jSdaf0rQIDAQAB, max-age=20
server: cloudflare
cf-ray: 7a93568f888eb93e-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 207coZy95702Nxq
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7a93568bcd3ab93e/1679036208281/ Frame 9822 61 B
166 B 32ms
31ms Image
image/png 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7a93568bcd3ab93e/1679036208281/207coZy95702Nxq
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67c3e664f64616f0753d66198f1b4c458343f8225fb45c6a802e40b8fa4cd8f1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/4ats0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 06:56:48 GMT
server: cloudflare
cf-ray: 7a93568fc8d6b93e-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/png

POST
H3 200 b66f2231b883c6a Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1342654740:1679033110:iDZC4KkuuKEIgN2h4kCea3lTgE4IIH_QfuDAfH46840/7a93568bcd3ab93e/ Frame 9822 11 KB
8 KB 55ms
50ms XHR
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1342654740:1679033110:iDZC4KkuuKEIgN2h4kCea3lTgE4IIH_QfuDAfH46840/7a93568bcd3ab93e/b66f2231b883c6a
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7a93568bcd3ab93e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae402e7c74c73af98554d995d2fb26d84e491524bea941815746b34589c6d974

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/4ats0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: b66f2231b883c6a
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Mar 2023 06:56:49 GMT
content-encoding: br
cf_chl_gen: lX/3/QWP+6hWVgankYE377KJvxIJD131kp4eVWYCyzHtHRBF+HDWZzY63Bbve7CN$YCqA4H4gx8tme+hZAiQkLg==
server: cloudflare
cf-ray: 7a9356944d68b93e-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			4c0zulr.goldhaven.sa.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0a21e081e7bddc53fabce9cd5cf394e7

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://tumc.ngampr.ru/M Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://tumc.ngampr.ru/cdn-cgi/challenge-platform/h/g/pat/7a935683ea570bdb/1679036206980/a0bb65b2670a935e5ae5c7a29fe80d8c65237008e2137effb54aa48bd1993aaf/1-spKk3XtsyDean Message: Failed to load resource: the server responded with a status of 401 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a93568bcd3ab93e/1679036208281/fbfba4f5f71ee087156ffd5e20a7be41b6bf9f62a4c920874aeec5808937850e/ln4rjsX4vdsYwJf Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4c0zulr.goldhaven.sa.com
challenges.cloudflare.com
tumc.ngampr.ru
162.241.71.248
2606:4700:20::ac43:4835
2606:4700::6812:6b9
26c05ca22faf75ab4ca32dd4db16824ae9165cd2e4cb1285e84a0b777e50bf26
2fe255761fbc492c2b71dcde35670a0051192ba2803403195875c8dd5c0cc5da
478d9c92bea379bd20eb6d98b849d2ca752d4cd6854597148023e5267a6d037d
4d1c925cbb40a30c2031fbb89a8d7f649e1c3e6ebb91c20e17ce8543dee976d2
5fd1536300793521c442e391531c5b73c1c859003335c357df20195be6ac9cd0
67c3e664f64616f0753d66198f1b4c458343f8225fb45c6a802e40b8fa4cd8f1
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
a27d21fce64d4c38038d8c6d1cd3ffc6bf7c1df53c7823ebd1beb16756e16cdc
ae402e7c74c73af98554d995d2fb26d84e491524bea941815746b34589c6d974
d395cc53363e6e22c75f73de0d4de7355ed844b65b8f0d149664ec06facd2d8e
e8bfb020de0d07cfbf36d6f08ca7eac91784fc10675c7d31dbe83b03553d323a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcc1cad4ef7a3b411619a2002a4c5716e1a51d04153136b89cd169391e0686e8

tumc.ngampr.ru Open in urlscan Pro 2606:4700:20::ac43:4835 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

15 Requests

87 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

234 kBTransfer

532 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

1 Cookies

5 Console Messages

Indicators

tumc.ngampr.ru Open in urlscan Pro
2606:4700:20::ac43:4835 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

87 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

234 kB
Transfer

532 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions