urlscan.io logo urlscan.io
SecurityTrails logo

zjibx4l.ngampr.ru Open in urlscan Pro
2606:4700:20::ac43:4835  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ib.adnxs.com/getuid?https%3A%2F%2Fobjectstorage.us-chicago-1.oraclecloud.com%2Fn%2Fax44b3wcalwe%2Fb%2Fbucket-...
Effective URL: https://zjibx4l.ngampr.ru/Mdaniel.massey@wtec.ag
Submission Tags: falconsandbox
Submission: On March 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 2606:4700:20::ac43:4835, located in United States and belongs to CLOUDFLARENET, US. The main domain is zjibx4l.ngampr.ru.
TLS certificate: Issued by E1 on February 27th 2023. Valid for: 3 months.
This is the only time zjibx4l.ngampr.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 185.89.210.90 29990 (ASN-APPNEX)
1 134.70.188.1 31898 (ORACLE-BM...)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
15 3
Apex Domain
Subdomains		 Transfer
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5459
126 KB
7 ngampr.ru
zjibx4l.ngampr.ru
104 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 208
2 KB
1 oraclecloud.com
objectstorage.us-chicago-1.oraclecloud.com
2 KB
15 4
Domain Requested by
8 challenges.cloudflare.com 1 redirects zjibx4l.ngampr.ru
challenges.cloudflare.com
objectstorage.us-chicago-1.oraclecloud.com
7 zjibx4l.ngampr.ru objectstorage.us-chicago-1.oraclecloud.com
zjibx4l.ngampr.ru
2 ib.adnxs.com 2 redirects
1 objectstorage.us-chicago-1.oraclecloud.com
15 4

This site contains no links.

Subject Issuer Validity Valid
objectstorage.us-chicago-1.oraclecloud.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2022-08-24 -
2023-08-25		 a year crt.sh
*.ngampr.ru
E1		 2023-02-27 -
2023-05-28		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://zjibx4l.ngampr.ru/Mdaniel.massey@wtec.ag
Frame ID: A4B85DB5518B70D29018B8DD33B8DFBE
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/3ftje/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: CCF0511F479DCB59BE2EA2C0C780A173
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading...

Page URL History Show full URLs

  1. https://ib.adnxs.com/getuid?https%3A%2F%2Fobjectstorage.us-chicago-1.oraclecloud.com%2Fn%2Fax44b3... HTTP 307
    https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fobjectstorage.us-chicago-1.oracleclou... HTTP 302
    https://objectstorage.us-chicago-1.oraclecloud.com/n/ax44b3wcalwe/b/bucket-20230308-1203/o/bandwidth.html?/ZGFuaWVsLm1hc3NleUB3... Page URL
  2. https://zjibx4l.ngampr.ru/Mdaniel.massey@wtec.ag Page URL

Page Statistics

15
Requests

93 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

231 kB
Transfer

523 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ib.adnxs.com/getuid?https%3A%2F%2Fobjectstorage.us-chicago-1.oraclecloud.com%2Fn%2Fax44b3wcalwe%2Fb%2Fbucket-20230308-1203%2Fo%2Fbandwidth.html%3F%2FZGFuaWVsLm1hc3NleUB3dGVjLmFn HTTP 307
    https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fobjectstorage.us-chicago-1.oraclecloud.com%252Fn%252Fax44b3wcalwe%252Fb%252Fbucket-20230308-1203%252Fo%252Fbandwidth.html%253F%252FZGFuaWVsLm1hc3NleUB3dGVjLmFn HTTP 302
    https://objectstorage.us-chicago-1.oraclecloud.com/n/ax44b3wcalwe/b/bucket-20230308-1203/o/bandwidth.html?/ZGFuaWVsLm1hc3NleUB3dGVjLmFn Page URL
  2. https://zjibx4l.ngampr.ru/Mdaniel.massey@wtec.ag Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fobjectstorage.us-chicago-1.oraclecloud.com%2Fn%2Fax44b3wcalwe%2Fb%2Fbucket-20230308-1203%2Fo%2Fbandwidth.html%3F%2FZGFuaWVsLm1hc3NleUB3dGVjLmFn HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fobjectstorage.us-chicago-1.oraclecloud.com%252Fn%252Fax44b3wcalwe%252Fb%252Fbucket-20230308-1203%252Fo%252Fbandwidth.html%253F%252FZGFuaWVsLm1hc3NleUB3dGVjLmFn HTTP 302
  • https://objectstorage.us-chicago-1.oraclecloud.com/n/ax44b3wcalwe/b/bucket-20230308-1203/o/bandwidth.html?/ZGFuaWVsLm1hc3NleUB3dGVjLmFn
Request Chain 3
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/af326ed3/api.js?onload=_cf_chl_turnstile_l&render=explicit

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
bandwidth.html
objectstorage.us-chicago-1.oraclecloud.com/n/ax44b3wcalwe/b/bucket-20230308-1203/o/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fobjectstorage.us-chicago-1.oraclecloud.com%2Fn%2Fax44b3wcalwe%2Fb%2Fbucket-20230308-1203%2Fo%2Fbandwidth.html%3F%2FZGFuaWVsLm1hc3NleUB3dGVjLmFn
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fobjectstorage.us-chicago-1.oraclecloud.com%252Fn%252Fax44b3wcalwe%252Fb%252Fbucket-20230308-1203%252Fo%252Fbandwidth.html%253F%252FZGFuaW...
  • https://objectstorage.us-chicago-1.oraclecloud.com/n/ax44b3wcalwe/b/bucket-20230308-1203/o/bandwidth.html?/ZGFuaWVsLm1hc3NleUB3dGVjLmFn
811 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://objectstorage.us-chicago-1.oraclecloud.com/n/ax44b3wcalwe/b/bucket-20230308-1203/o/bandwidth.html?/ZGFuaWVsLm1hc3NleUB3dGVjLmFn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.70.188.1 Chicago, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
811
Content-Type
text/html
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
content-md5
JQRWd8wRqzvCmS7LQHWpzA==
date
Thu, 09 Mar 2023 11:23:48 GMT
etag
22e59418-c478-491a-a030-c4320f0da24d
last-modified
Thu, 09 Mar 2023 00:49:18 GMT
opc-request-id
ord-1:R99Mg0G93NDwvq2n-Im4wExn50Mx4dNBx-U1d7-MV5v8QXdJ7DK9LAYYuytAW0Hh
storage-tier
Standard
version-id
64c63375-7e03-47dc-a83c-39b7db636eee
x-api-id
native

Redirect headers

AN-X-Request-Uuid
e77bba8f-cb09-42d6-adeb-2adce51621a3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 09 Mar 2023 11:23:48 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://objectstorage.us-chicago-1.oraclecloud.com/n/ax44b3wcalwe/b/bucket-20230308-1203/o/bandwidth.html?/ZGFuaWVsLm1hc3NleUB3dGVjLmFn
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Primary Request Mdaniel.massey@wtec.ag
zjibx4l.ngampr.ru/ 		7 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zjibx4l.ngampr.ru/Mdaniel.massey@wtec.ag
Requested by
Host: objectstorage.us-chicago-1.oraclecloud.com
URL: https://objectstorage.us-chicago-1.oraclecloud.com/n/ax44b3wcalwe/b/bucket-20230308-1203/o/bandwidth.html?/ZGFuaWVsLm1hc3NleUB3dGVjLmFn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f784906073c1a1325d5310053c83d9d249570dd17f940a7b8b5088020d5e2d8a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://objectstorage.us-chicago-1.oraclecloud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7a52f2af8b7d9b61-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 09 Mar 2023 11:23:49 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HY9P9Eb1%2BiyeZhOan5g7dOuZsVmElwNJpIyo6dfwywSfMM2gw6BZYQTgQGBCqdqP9s4mLTvKaB%2BeTZqjK1bvzNg7jl1COAB8B9IndaS45otp8R5jrhlzYhxAhTn75n6OpdmsVlnAHtxtbvZitkh4"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
v1
zjibx4l.ngampr.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ 		150 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zjibx4l.ngampr.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7a52f2af8b7d9b61
Requested by
Host: zjibx4l.ngampr.ru
URL: https://zjibx4l.ngampr.ru/Mdaniel.massey@wtec.ag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8df495358961e5fc71d09c8769a3543e158f232ea4f2b986eba9337ef537c84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zjibx4l.ngampr.ru/Mdaniel.massey@wtec.ag?__cf_chl_rt_tk=Rp1W5RnK0GPzPSGdGi4PicJBHF6zFzkt48bfJrjZ5Mk-1678361029-0-gaNycGzNCiU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 11:23:49 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I07N0Gv9IDVYsxjhjJdFJpCVeJcYtvfHEX8el0d%2BRBkLHeevnIOBUa4nLUkJ6aHIk0QhB7gxO2XMf1AAsfnWfUhgV2TPGBGLaBbVvRNWhjpV8dYKj9RXPzc%2Ba%2Bmor8No3r1SYtjf8W37ZxfEqqQ0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7a52f2afcbb29b61-FRA
transparent.gif
zjibx4l.ngampr.ru/cdn-cgi/images/trace/managed/js/ 		42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zjibx4l.ngampr.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7a52f2af8b7d9b61
Requested by
Host: zjibx4l.ngampr.ru
URL: https://zjibx4l.ngampr.ru/Mdaniel.massey@wtec.ag?__cf_chl_rt_tk=Rp1W5RnK0GPzPSGdGi4PicJBHF6zFzkt48bfJrjZ5Mk-1678361029-0-gaNycGzNCiU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zjibx4l.ngampr.ru/Mdaniel.massey@wtec.ag?__cf_chl_rt_tk=Rp1W5RnK0GPzPSGdGi4PicJBHF6zFzkt48bfJrjZ5Mk-1678361029-0-gaNycGzNCiU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 11:23:49 GMT
x-content-type-options
nosniff
last-modified
Fri, 03 Mar 2023 16:16:17 GMT
server
cloudflare
etag
"64021d51-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7a52f2afcbb39b61-FRA
content-length
42
expires
Thu, 09 Mar 2023 13:23:49 GMT
api.js
challenges.cloudflare.com/turnstile/v0/g/af326ed3/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/g/af326ed3/api.js?onload=_cf_chl_turnstile_l&render=explicit
14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/af326ed3/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: zjibx4l.ngampr.ru
URL: https://zjibx4l.ngampr.ru/Mdaniel.massey@wtec.ag
Protocol
H2
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a8fd792db45f6d5c2f3bb383b931fbdc61b483d2d9be455d62e11a4357f93e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 11:23:49 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7a52f2b07e4490d4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location
/turnstile/v0/g/af326ed3/api.js?onload=_cf_chl_turnstile_l&render=explicit
date
Thu, 09 Mar 2023 11:23:49 GMT
cache-control
max-age=300, public
server
cloudflare
cf-ray
7a52f2b05e2090d4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vary
accept-encoding
bb8738e3dfe535d
zjibx4l.ngampr.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/702994523:1678358179:bqlD4ZLT4DynMHK_xZRochoFRHMfDZ2YTOlbBtXASRo/7a52f2af8b7d9b61/ 		66 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://zjibx4l.ngampr.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/702994523:1678358179:bqlD4ZLT4DynMHK_xZRochoFRHMfDZ2YTOlbBtXASRo/7a52f2af8b7d9b61/bb8738e3dfe535d
Requested by
Host: zjibx4l.ngampr.ru
URL: https://zjibx4l.ngampr.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7a52f2af8b7d9b61
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5da45df9f87cfe6e0d6a5f73367734c6168110eb35b7cdac2a15c1d7aeeb4766

Request headers

Referer
https://zjibx4l.ngampr.ru/Mdaniel.massey@wtec.ag
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge
bb8738e3dfe535d
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 09 Mar 2023 11:23:49 GMT
content-encoding
br
cf_chl_gen
ZwqQdJugRcdCJoAuE5Tm9Swi+h/TZEZPJQVTLLPZwUX0Bxk3AwsQ1Td0X0XVyWxbnXsUu+ETZnXuS43wDUUP81/qReCx+IF8lJkWFchZJZGMaPzqdmrvY8G7Po3SF+4Bl8ElvzQOKQXIbzOzoxGXmNvL7IjT2H7f+unbiZxShDYxggKoenjJgoeW6uHYp8jQdarusm4eXc2tnzcBX4yH0K/0qZvkHyaxdDxsR7kllC8/qwu4RcDSPjk4Upm+KO9gaqED8qUNWyEENsRlAQmqy4kKdXRoe2jnjjnUC2hwSzdmuosGQpVxQMj1PRvVyikTwAKFEwTwzRFI4bWkXHLElA==$CMxdz6yOjPcYuv8hSOsMFQ==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bLU355CINzQpeK7bmpKNrk%2Fl6uyp2sH4iaII9GpVJ6OKcMkklEKEelmpjsUGTYphEn%2FbU1IVs%2BVvxfe0Lv0cnIKpjdcSMTt6Vgqy2IpWVnZkN4TnFuZ0i3t1YRNOLY2rhiAEhMZBQCoYjsaGEWgH"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7a52f2b0ccf09b61-FRA
dbXqO77nPwgCWTD
zjibx4l.ngampr.ru/cdn-cgi/challenge-platform/h/g/img/7a52f2af8b7d9b61/1678361029251/ 		61 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zjibx4l.ngampr.ru/cdn-cgi/challenge-platform/h/g/img/7a52f2af8b7d9b61/1678361029251/dbXqO77nPwgCWTD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6742f1baa1dcbd7f0744d62584c86fbb910fab0312f46e99ae51c07ef9e729d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zjibx4l.ngampr.ru/Mdaniel.massey@wtec.ag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 11:23:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7a52f2b13d739b61-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUWZJybufwVKahKYnT4PlXo5cSxkLMecb5b1tt2L9v%2Bf3v2UvluUfdQE0c8LGH9DfvaryLEp%2FJ4UezoPb78XrTObvmaPFPhDfGr2CSJuSLxBN37t2EN8NYyOf1ObjhUUBVq1AVETyb6WRdOmSG5b"}],"group":"cf-nel","max_age":604800}
content-type
image/png
87BwTjc9eV_EObZ
zjibx4l.ngampr.ru/cdn-cgi/challenge-platform/h/g/pat/7a52f2af8b7d9b61/1678361029252/459831428bc9cd8307a6de936d467f58769c1020cee0ad824766763eae29ceaf/ 		1 B
771 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://zjibx4l.ngampr.ru/cdn-cgi/challenge-platform/h/g/pat/7a52f2af8b7d9b61/1678361029252/459831428bc9cd8307a6de936d467f58769c1020cee0ad824766763eae29ceaf/87BwTjc9eV_EObZ
Requested by
Host: objectstorage.us-chicago-1.oraclecloud.com
URL: https://objectstorage.us-chicago-1.oraclecloud.com/n/ax44b3wcalwe/b/bucket-20230308-1203/o/bandwidth.html?/ZGFuaWVsLm1hc3NleUB3dGVjLmFn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://zjibx4l.ngampr.ru/Mdaniel.massey@wtec.ag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 11:23:49 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gRZgxQovJzYMHpt6TbUZ_WHacECDO4K2CR2Z2Pq4pzq8AEXpqaWJ4NGwubmdhbXByLnJ1, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtM36gtcQXzi5XpeTNxbMn5Uxk4ZQTSzSssfqmc92M35EvqVnBzWtAkZzNkM5nhKHweggvBeq3tfmiEKGO4UbUCDHDjNRiY0V-c7beLBsuZ5mSKHzOErYodfcpo0TmFcWETFqJIQta8mePmEsl6IQ4f3-FhDMPOBNcA_07xaVvdaMmpP5i6_0KHb-A5yJOAXW0tTZrPP1d-t_tTN69nQN4c5j2-Zg7g9pb_H5WvGlmfQ16JRFsCYSsaCXiwdvT9gI8f7hWhIy5PH-fnlNjbUWgVtVLPn-ygwPaofdcwATmdR-BgCHIGuH1yXxgr7P0JZubZChBIB96vOn1_3Bt2yRvwIDAQAB, max-age=20
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7a52f2b499a09b61-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCOEIsJLGzm7Q3FRkb2Tq6q5QWd8v%2F8a8nucayBgHQDQOUlBcBAau%2FJCHxOmdiOf0M8R0wDhH7XEKgU%2FKvWwnGCEONQEq5GjyjVD8qIcgCWOfei6rPza9QIT9sr0H2mDK3Gvm5TWk4HoaGF5yyr6"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
bb8738e3dfe535d
zjibx4l.ngampr.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/702994523:1678358179:bqlD4ZLT4DynMHK_xZRochoFRHMfDZ2YTOlbBtXASRo/7a52f2af8b7d9b61/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://zjibx4l.ngampr.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/702994523:1678358179:bqlD4ZLT4DynMHK_xZRochoFRHMfDZ2YTOlbBtXASRo/7a52f2af8b7d9b61/bb8738e3dfe535d
Requested by
Host: zjibx4l.ngampr.ru
URL: https://zjibx4l.ngampr.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7a52f2af8b7d9b61
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4835 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2f90041b40dc21c97deb43e9f0783087850974e2cdaccb1f0a47a79a194510b

Request headers

Referer
https://zjibx4l.ngampr.ru/Mdaniel.massey@wtec.ag
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge
bb8738e3dfe535d
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 09 Mar 2023 11:23:50 GMT
content-encoding
br
cf_chl_gen
qcrPpsfiz/NCod1WeZzN4ClYdjpZoYk74NW6B8Rllv8=$PNL6goWZplMfuzeK2hp2Sw==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jErZOki5Ux5jcB0OBRfnK1I6AzAyHXhKNXAyglih37CvMCVcPai%2BB7dsnwlgA3ieoYgDl5ITGpGoMd9QfJXi%2FFrfIrEgC8NWynC1jQTpqvRAQSoavOgAdZy0j39pOLBDWmljDS%2FfwCRMUB4kOFT%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7a52f2b74d2d9b61-FRA
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/3ftje/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame CCF0 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/3ftje/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d28ef6ae6b213a0a616f05a74994e9d612865050bd3549f53c3516dbd0d8ad70

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7a52f2b79c3fbbdf-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 09 Mar 2023 11:23:50 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame CCF0 		150 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7a52f2b79c3fbbdf
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/3ftje/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1b7346ce840877fe9e3ebacb61c15293cd68f52e58c0fded84049df1644c5ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/3ftje/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 11:23:52 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7a52f2b96ed3bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
e73a8b833e71dab
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/828225662:1678358044:xrmWPkB3BI3Ih5NyIF4n5-dqJ2Je5wyVJc9wwdRPm5Q/7a52f2b79c3fbbdf/ Frame CCF0 		99 KB
50 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/828225662:1678358044:xrmWPkB3BI3Ih5NyIF4n5-dqJ2Je5wyVJc9wwdRPm5Q/7a52f2b79c3fbbdf/e73a8b833e71dab
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7a52f2b79c3fbbdf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f0d2a49351dd2155bd15fb1d5b610bd73e43ba0068376d9b5550e15ef11f280

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/3ftje/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge
e73a8b833e71dab
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 09 Mar 2023 11:23:52 GMT
content-encoding
br
cf_chl_gen
jpk6udWZMoN9JYwQpJvy+HkjMD3QwLhGuazRzDQYH+eW3wOJeelGk/SdpSi9efifx4osHmIDPc4afUnQwlxUrqkHrmAK6/Adfohp1jnEHgB0q0URd2B5dKwe1Asn2Zw9XUtyjfg86ylYUE3RvKYklbK+7JCYixH+MD1LWP1BpsoCy0JXh6sYq96G8glGPrnqBnfmA/73N/EED7nis1UL54RZ6/5bzO/a9pe6K5vs9p3MkhlszAphaSzyl0dRKDj5q+TeM9maBzHtvhSyw0Iwuubi7ytH3EtyZ4XpfE8yvIt6ZchqcuXKV/EwwfY/4dPYg7/sjC1z8/yoIuIWuc1UH8vAa1mGuaVBVb2sN2Zs+ogxr+iC9gcXKlVG6O7DOI5g$yqkdCrCRAKtUec6Fb5a57Q==
server
cloudflare
cf-ray
7a52f2c39bbbbbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
RKt0bvjDnedwbhl
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7a52f2b79c3fbbdf/1678361032273/ Frame CCF0 		61 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7a52f2b79c3fbbdf/1678361032273/RKt0bvjDnedwbhl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aa0c87e38166e06ab0596c64cbeef6dd0eddc08db691e2f166bc14d22f409d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/3ftje/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 11:23:52 GMT
server
cloudflare
cf-ray
7a52f2c42c73bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
jCn4AJmbSFLrIfx
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a52f2b79c3fbbdf/1678361032274/e5d2242ee39536b2c4e1332e3a9397f35ba1b3a29c2506798b2e000f9b8988a7/ Frame CCF0 		1 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a52f2b79c3fbbdf/1678361032274/e5d2242ee39536b2c4e1332e3a9397f35ba1b3a29c2506798b2e000f9b8988a7/jCn4AJmbSFLrIfx
Requested by
Host: objectstorage.us-chicago-1.oraclecloud.com
URL: https://objectstorage.us-chicago-1.oraclecloud.com/n/ax44b3wcalwe/b/bucket-20230308-1203/o/bandwidth.html?/ZGFuaWVsLm1hc3NleUB3dGVjLmFn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/3ftje/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 11:23:52 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g5dIkLuOVNrLE4TMuOpOX81uhs6KcJQZ5iy4AD5uJiKcAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtM36gtcQXzi5XpeTNxbMn5Uxk4ZQTSzSssfqmc92M35EvqVnBzWtAkZzNkM5nhKHweggvBeq3tfmiEKGO4UbUCDHDjNRiY0V-c7beLBsuZ5mSKHzOErYodfcpo0TmFcWETFqJIQta8mePmEsl6IQ4f3-FhDMPOBNcA_07xaVvdaMmpP5i6_0KHb-A5yJOAXW0tTZrPP1d-t_tTN69nQN4c5j2-Zg7g9pb_H5WvGlmfQ16JRFsCYSsaCXiwdvT9gI8f7hWhIy5PH-fnlNjbUWgVtVLPn-ygwPaofdcwATmdR-BgCHIGuH1yXxgr7P0JZubZChBIB96vOn1_3Bt2yRvwIDAQAB, max-age=20
server
cloudflare
cf-ray
7a52f2c62eddbbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
e73a8b833e71dab
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/828225662:1678358044:xrmWPkB3BI3Ih5NyIF4n5-dqJ2Je5wyVJc9wwdRPm5Q/7a52f2b79c3fbbdf/ Frame CCF0 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/828225662:1678358044:xrmWPkB3BI3Ih5NyIF4n5-dqJ2Je5wyVJc9wwdRPm5Q/7a52f2b79c3fbbdf/e73a8b833e71dab
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7a52f2b79c3fbbdf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fed310343c6489ce912e6ffe80d8d26f7d5138e8ae4f7a9521e07d43f3ec49c8

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/3ftje/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge
e73a8b833e71dab
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 09 Mar 2023 11:23:53 GMT
content-encoding
br
cf_chl_gen
eJnVDxbXIkRgEaY0HBslOpWM4Y7F5UE3+DuoAikYCKU=$RRSy7cXbzumkqA5ff9960A==
server
cloudflare
cf-ray
7a52f2c869c5bbdf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _cf_chl_opt function| SHA256 function| sendRequest function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| __cf_md5 function| _cf_chl_turnstile_l object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded object| _

1 Cookies

Domain/Path Name / Value
.adnxs.com/ Name: uuid2
Value: 2541076457049493164

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://zjibx4l.ngampr.ru/Mdaniel.massey@wtec.ag
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://zjibx4l.ngampr.ru/cdn-cgi/challenge-platform/h/g/pat/7a52f2af8b7d9b61/1678361029252/459831428bc9cd8307a6de936d467f58769c1020cee0ad824766763eae29ceaf/87BwTjc9eV_EObZ
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a52f2b79c3fbbdf/1678361032274/e5d2242ee39536b2c4e1332e3a9397f35ba1b3a29c2506798b2e000f9b8988a7/jCn4AJmbSFLrIfx
Message:
Failed to load resource: the server responded with a status of 401 ()