0u7dhr6.ngampr.ru Open in urlscan Pro
104.26.5.173 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://0u7dhr6.ngampr.ru/
Submission: On March 14 via manual (March 14th 2023, 10:15:57 pm UTC) from NZ — Scanned from NZ

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 104.26.5.173, located in United States and belongs to CLOUDFLARENET, US. The main domain is 0u7dhr6.ngampr.ru.
TLS certificate: Issued by E1 on February 27th 2023. Valid for: 3 months.

This is the only time 0u7dhr6.ngampr.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	104.26.5.173 104.26.5.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	104.18.7.185 104.18.7.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2

7 104.26.5.173 (United States)

ASN13335 (CLOUDFLARENET, US)

0u7dhr6.ngampr.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.7.185 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 5237	108 KB
7	ngampr.ru 0u7dhr6.ngampr.ru	118 KB
13	2

	Domain	Requested by
7	challenges.cloudflare.com	1 redirects 0u7dhr6.ngampr.ru challenges.cloudflare.com
7	0u7dhr6.ngampr.ru	0u7dhr6.ngampr.ru
13	2

This site contains no links.

Subject Issuer	Validity	Valid
*.ngampr.ru E1	`2023-02-27` - `2023-05-28`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://0u7dhr6.ngampr.ru/
Frame ID: 3CB6ADA396465BD722FDC9E6B2239F04
Requests: 8 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/foui9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 0D69ABB7E0CC10051F311367ADC19D63
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loading...

Page Statistics

13
Requests

92 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

226 kB
Transfer

514 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
https://challenges.cloudflare.com/turnstile/v0/b/78289926/api.js?onload=_cf_chl_turnstile_l&render=explicit

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 403 Primary Request / Show response
0u7dhr6.ngampr.ru/ 7 KB
5 KB 427ms
130ms Document
text/html 104.26.5.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0u7dhr6.ngampr.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3a36e1c579912b7c396d3ef6799c5fe49bfcade8feeb961c33fee3d354e4a87

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7a7fe0bfebb81c4e-AKL
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Tue, 14 Mar 2023 22:15:53 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJJYCz3R8ka%2FES6rxKB692wtTKRtJbuKF%2F8WSkRXUAeM%2FjcR1l0njZ54YL6Ew2V1aINop5Zzw63WLJPFBPDKsKxtEBB0yINhQAnVgetdMzOVPHyUxQ44Dl%2B1hFcJ1K9frOKa"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 v1 Show response
0u7dhr6.ngampr.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ 146 KB
53 KB 130ms
130ms Script
application/javascript 104.26.5.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0u7dhr6.ngampr.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7a7fe0bfebb81c4e
Requested by: Host: 0u7dhr6.ngampr.ru
URL: https://0u7dhr6.ngampr.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f440d49ca6a7cad4b8324e3141bf399d2370afdcff21e8a5cae18ddaa0787b1b

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://0u7dhr6.ngampr.ru/?__cf_chl_rt_tk=OFDuS1_SJlbABvvJVknM4BVgugZ7P1VAd7cV6BLH.6c-1678832153-0-gaNycGzNCaU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 22:15:53 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4AoDu1XLCEZkPJ69OUa7BYAKiXM96UFNYn%2FdjuUqzgFv3OteTNwDS9q0a1SNuQ0bBWUZakJNN2lpD2JX8x%2BjAoIq09macK9H4xv29jXRh040yA7ykYanJwR5iZSCtLZYOTo8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 7a7fe0c0fdb61c4e-AKL

GET
H2 200 transparent.gif
0u7dhr6.ngampr.ru/cdn-cgi/images/trace/managed/js/ 42 B
219 B 120ms
120ms Image
image/gif 104.26.5.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://0u7dhr6.ngampr.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7a7fe0bfebb81c4e

Requested by

Host: 0u7dhr6.ngampr.ru
URL: https://0u7dhr6.ngampr.ru/?__cf_chl_rt_tk=OFDuS1_SJlbABvvJVknM4BVgugZ7P1VAd7cV6BLH.6c-1678832153-0-gaNycGzNCaU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.5.173 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://0u7dhr6.ngampr.ru/?__cf_chl_rt_tk=OFDuS1_SJlbABvvJVknM4BVgugZ7P1VAd7cV6BLH.6c-1678832153-0-gaNycGzNCaU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 22:15:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 07 Mar 2023 22:56:11 GMT
server: cloudflare
etag: "6407c10b-2a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 7a7fe0c0fdb71c4e-AKL
content-length: 42
expires: Wed, 15 Mar 2023 00:15:53 GMT

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/b/78289926/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
https://challenges.cloudflare.com/turnstile/v0/b/78289926/api.js?onload=_cf_chl_turnstile_l&render=explicit

14 KB
5 KB

148ms
147ms

Script
application/javascript

104.18.7.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/78289926/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by: Host: 0u7dhr6.ngampr.ru
URL: https://0u7dhr6.ngampr.ru/
Protocol: H2
Server: 104.18.7.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3987d36c0215af10ae03c644e5d8cb500b98e238e2be5cd06002287e198dab70

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 22:15:54 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7a7fe0c57ca9fb7c-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Tue, 14 Mar 2023 22:15:54 GMT
server: cloudflare
vary: accept-encoding
location: /turnstile/v0/b/78289926/api.js?onload=_cf_chl_turnstile_l&render=explicit
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7a7fe0c41b20fb7c-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 a2282fd8e9037f7 Show response
0u7dhr6.ngampr.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/978646758:1678829471:AwauBvEnC8QH4T-UAgD-t14AWkmf3GIRRNiRTZ_FWHU/7a7fe0bfebb81c4e/ 99 KB
55 KB 173ms
172ms XHR
text/plain 104.26.5.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0u7dhr6.ngampr.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/978646758:1678829471:AwauBvEnC8QH4T-UAgD-t14AWkmf3GIRRNiRTZ_FWHU/7a7fe0bfebb81c4e/a2282fd8e9037f7
Requested by: Host: 0u7dhr6.ngampr.ru
URL: https://0u7dhr6.ngampr.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7a7fe0bfebb81c4e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13d79a605c258239c7c93474b56466329bfcf45651937a4471ae1798bfe248fe

Request headers

Referer: https://0u7dhr6.ngampr.ru/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: a2282fd8e9037f7
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 14 Mar 2023 22:15:54 GMT
content-encoding: br
cf_chl_gen: pmOmnhnk9Ak+zhepg34CX1ibRO4nAKDxfjMlkAN33HJ54xLHaWwgkYSnj4Feg8Kbgrz+K8yMlvW/dWxx4gPOL6CtDHPvOZTc+WIcYlVoeC9NAR0Y2iHYFfKdtWXUcBH1pBdQOdg0q92c+U9OXRiZyW4kWIi606BUQiCEro271SZMloQJCYJ0Tu3RwTIF3VYjj+fAsqkTvVbcAugLSBR670zire2xKXBXRwjHcuyee3R+YxmP1cED13/O/JVSNH+xV3viBizejTTdHRLssNhSAc2a/CFAUqlvR+LksbHXuYFORQTaiRSu1q5BUXs2OBznEnXNegXVeQE514WfInlLRFLjPcF8qDjEqdE1Be1T8pyIhaP7uqGUKlrGAk6/2ddd5WG2VmPJoedr9hJHZLYxY7lUMqR0S/vWmNKM+tpkykzIktTyZzeaaICjf3dWZm6QKRCZmnmfEi3bydDU61v9xQ==$v1yFrdqp1u+I6644y5MY7g==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSQ%2F3D%2BL64hGRgo7QzdPvnCtYeFCRWpsRgkDDGjmKMnE8ThS0y0snyP2gy5XZGnGejqcCZBwjbfxhVRnMvbFgX%2Bqv%2Bnhwe2XFW24IICHzWpowj3ja%2BKNsvxunAE9gk6XUDVl"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7a7fe0c34a521c4e-AKL

GET
H2 401 ChsYbj4eGrOXM-8 Show response
0u7dhr6.ngampr.ru/cdn-cgi/challenge-platform/h/b/pat/7a7fe0bfebb81c4e/1678832154143/b7337fa3ad04b7c85ae4ff8653b1dc0c19f6daac6ba63953c93d86dc664427bd/ 1 B
755 B 140ms
140ms Fetch
text/plain 104.26.5.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0u7dhr6.ngampr.ru/cdn-cgi/challenge-platform/h/b/pat/7a7fe0bfebb81c4e/1678832154143/b7337fa3ad04b7c85ae4ff8653b1dc0c19f6daac6ba63953c93d86dc664427bd/ChsYbj4eGrOXM-8
Requested by: Host: 0u7dhr6.ngampr.ru
URL: https://0u7dhr6.ngampr.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://0u7dhr6.ngampr.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 22:15:54 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gtzN_o60Et8ha5P-GU7HcDBn22qxrpjlTyT2G3GZEJ70AETB1N2RocjYubmdhbXByLnJ1, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtK0fk8UgMasGK5V3T5wY7a3bUfa1Tk6cfuSReEDBgmTTk9fqUKZ-Ggt5F9FJ1uwqd0HYxixLl_RWXjBIvYJnQjOCdgocx_dtJX0HUsbnXCfqiYpIeSJFIKo1OEB2qE6Mo-yf5bNei97DT30-L3tp35JZNiva27hJ33lDc2DpBThSZJkQZOEUC0eIGteS9GpzKKOgBXDnY5uLmewDUWxRf75KVl_4xp4DYxyd6UHynCTcPH5J0UDGeGdnEK-l2On9Kao1M5xzKjKwaqHnc1XEcYw_43MSrFs8wlezfFYJE7k6y2acgGfGHmI9KKCy8EuyXzknUdo8saMec8jSdaf0rQIDAQAB, max-age=20
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a7fe0c57f3f1c4e-AKL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yt49L%2FpI1mwur9B5FgJUXKr%2F%2FekZTBbHdepXyt6djX433HUYu0gddTMtQsO7Xf0btxSm0SB2v0BUfvia3ZoRdcN4sNpGAEWTxW02yj6YSCxEHzymkqbWlPZJCHtlqk6gnrYb"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 PAL_W--ecmkuZUY
0u7dhr6.ngampr.ru/cdn-cgi/challenge-platform/h/b/img/7a7fe0bfebb81c4e/1678832154144/ 61 B
328 B 131ms
131ms Image
image/png 104.26.5.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0u7dhr6.ngampr.ru/cdn-cgi/challenge-platform/h/b/img/7a7fe0bfebb81c4e/1678832154144/PAL_W--ecmkuZUY
Requested by: Host: 0u7dhr6.ngampr.ru
URL: https://0u7dhr6.ngampr.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b211ca1c9aca31f68cdd1b16949cfbd8e8def77d41c9ef63875329d979bc0842

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://0u7dhr6.ngampr.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 22:15:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a7fe0c6597f1c4e-AKL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FD%2FQ5YOyk9litXi37y5Ie674ip99LzGL6tECsI5oWR4ta5PilFnN2UgTqlHsT8lk11htVTWtjAxXAiNf0Odwrx%2B3cqmIdzVXlb8F8%2F6AxRl0yHuYC4YGzSA0mwNUiHHvUL70"}],"group":"cf-nel","max_age":604800}
content-type: image/png

POST
H2 200 a2282fd8e9037f7 Show response
0u7dhr6.ngampr.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/978646758:1678829471:AwauBvEnC8QH4T-UAgD-t14AWkmf3GIRRNiRTZ_FWHU/7a7fe0bfebb81c4e/ 5 KB
4 KB 275ms
274ms XHR
text/plain 104.26.5.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0u7dhr6.ngampr.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/978646758:1678829471:AwauBvEnC8QH4T-UAgD-t14AWkmf3GIRRNiRTZ_FWHU/7a7fe0bfebb81c4e/a2282fd8e9037f7
Requested by: Host: 0u7dhr6.ngampr.ru
URL: https://0u7dhr6.ngampr.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7a7fe0bfebb81c4e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1e0851cfb8063de0b313d8cd982c7929e99a8b7ff8bad50e6cb8b9fce9e6db4

Request headers

Referer: https://0u7dhr6.ngampr.ru/
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: a2282fd8e9037f7
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 14 Mar 2023 22:15:56 GMT
content-encoding: br
cf_chl_gen: atMuHP6jb4uTPLGmNPq3AMTt8dSnNU4fhkwjX81ZMLC8eg5fuVMOzZN6kpU+nU+S$HPXZdYNOQO2ii7tpqFlJkw==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLxBeMrrgLy0hN%2BHreVQTR73CnelcU05IuXTyDBOHfU%2Bs8Cu2pTj4f2qUuXgwJaNV9t9I0Zt8aaBqt8WY1G67GUtVeuGmPnIaQ2DbOOEXL3yiQaSkH%2F2ZawaxEyN6ik4fLBD"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7a7fe0ceccb71c4e-AKL

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/foui9/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 0D69 21 KB
7 KB 291ms
170ms Document
text/html 104.18.7.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/foui9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.7.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f9792ea1a4d6735ebd69bcb0937549322245f31fcb87165e77c6c567f7fac04

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7a7fe0d1489d1c51-AKL
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Tue, 14 Mar 2023 22:15:56 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 0D69 150 KB
54 KB 135ms
134ms Script
application/javascript 104.18.7.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7a7fe0d1489d1c51
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/foui9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.7.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1ecd4348783df0931af1e6e57bb8e3fd1347cf48309f1580c9b9579ee97fd0f

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/foui9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 22:15:56 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7a7fe0d33cea1c51-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

POST
H3 200 6ce41f21212f91b Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/239417434:1678829354:77MVeyBEF_lfmiZbRH3WU42K6gUE-ppBG6FgLSZXeaM/7a7fe0d1489d1c51/ Frame 0D69 71 KB
41 KB 172ms
171ms XHR
text/plain 104.18.7.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/239417434:1678829354:77MVeyBEF_lfmiZbRH3WU42K6gUE-ppBG6FgLSZXeaM/7a7fe0d1489d1c51/6ce41f21212f91b
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7a7fe0d1489d1c51
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.7.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8e03c4ee5b405d908bb054d7c225c597806c1fcd78366c9d3d2dfaa1cfed3a7

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/foui9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: 6ce41f21212f91b
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 14 Mar 2023 22:15:57 GMT
content-encoding: br
cf_chl_gen: vi0iTBQBVlWJhUPGuSk02Zt2GvE5+xVY4c+Lh/B5hTzl0LtLFf/PMWwNoxm8SBD2woYqS026mu+vt8GQh5j0Pd3mNBNqmJ75/ABuvp+g56eYXT+UYJVDqV7zR2o6yCa/5m54zurxxq1h6DbL3CVZp85xTlp8UjyuDCb2TVNNXXi966NRqoRKLDtt1hi+I12h/Y/gv43DUXzlEHAx2MUoV0I1ucfzczOSpGHJYD5NhAIUmXTJjegD6GkZNVZChQH5wu2ajzTeSDICKW4Yc3cu5hXdiFPovJPXB6MOOWgtu/lBh5JF7m7ugdJpqvCdhzTj9ur9lNZ+ULYmoZm1v6+oZg==$K1PDpbIp3cyu9pM1UibYoA==
server: cloudflare
cf-ray: 7a7fe0d64ad61c51-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 DxtZlobuaiOlq4I
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7a7fe0d1489d1c51/1678832157183/ Frame 0D69 61 B
166 B 125ms
125ms Image
image/png 104.18.7.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7a7fe0d1489d1c51/1678832157183/DxtZlobuaiOlq4I
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.7.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad90a5d023a801a5233ec92330130b6488d1ba721574f7ca298ff3979e1abbed

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/foui9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 22:15:57 GMT
server: cloudflare
cf-ray: 7a7fe0d79d7f1c51-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/png

GET
H3 401 SXZ5hYc9z55gjB1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7a7fe0d1489d1c51/1678832157183/a108e5e309ecbee27f38d52f8410ee1100621ca79a2fbc26ca2cd0edea3325d8/ Frame 0D69 0
0 138ms
137ms Fetch
text/plain 104.18.7.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7a7fe0d1489d1c51/1678832157183/a108e5e309ecbee27f38d52f8410ee1100621ca79a2fbc26ca2cd0edea3325d8/SXZ5hYc9z55gjB1
Requested by: Host: 0u7dhr6.ngampr.ru
URL: https://0u7dhr6.ngampr.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.7.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/foui9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 22:15:57 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20goQjl4wnsvuJ_ONUvhBDuEQBiHKeaL7wmyizQ7eozJdgAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtK0fk8UgMasGK5V3T5wY7a3bUfa1Tk6cfuSReEDBgmTTk9fqUKZ-Ggt5F9FJ1uwqd0HYxixLl_RWXjBIvYJnQjOCdgocx_dtJX0HUsbnXCfqiYpIeSJFIKo1OEB2qE6Mo-yf5bNei97DT30-L3tp35JZNiva27hJ33lDc2DpBThSZJkQZOEUC0eIGteS9GpzKKOgBXDnY5uLmewDUWxRf75KVl_4xp4DYxyd6UHynCTcPH5J0UDGeGdnEK-l2On9Kao1M5xzKjKwaqHnc1XEcYw_43MSrFs8wlezfFYJE7k6y2acgGfGHmI9KKCy8EuyXzknUdo8saMec8jSdaf0rQIDAQAB, max-age=20
server: cloudflare
cf-ray: 7a7fe0d86fce1c51-AKL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://0u7dhr6.ngampr.ru/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://0u7dhr6.ngampr.ru/cdn-cgi/challenge-platform/h/b/pat/7a7fe0bfebb81c4e/1678832154143/b7337fa3ad04b7c85ae4ff8653b1dc0c19f6daac6ba63953c93d86dc664427bd/ChsYbj4eGrOXM-8 Message: Failed to load resource: the server responded with a status of 401 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7a7fe0d1489d1c51/1678832157183/a108e5e309ecbee27f38d52f8410ee1100621ca79a2fbc26ca2cd0edea3325d8/SXZ5hYc9z55gjB1 Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0u7dhr6.ngampr.ru
challenges.cloudflare.com
104.18.7.185
104.26.5.173
13d79a605c258239c7c93474b56466329bfcf45651937a4471ae1798bfe248fe
3987d36c0215af10ae03c644e5d8cb500b98e238e2be5cd06002287e198dab70
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
8f9792ea1a4d6735ebd69bcb0937549322245f31fcb87165e77c6c567f7fac04
ad90a5d023a801a5233ec92330130b6488d1ba721574f7ca298ff3979e1abbed
b211ca1c9aca31f68cdd1b16949cfbd8e8def77d41c9ef63875329d979bc0842
c1ecd4348783df0931af1e6e57bb8e3fd1347cf48309f1580c9b9579ee97fd0f
e3a36e1c579912b7c396d3ef6799c5fe49bfcade8feeb961c33fee3d354e4a87
e8e03c4ee5b405d908bb054d7c225c597806c1fcd78366c9d3d2dfaa1cfed3a7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e0851cfb8063de0b313d8cd982c7929e99a8b7ff8bad50e6cb8b9fce9e6db4
f440d49ca6a7cad4b8324e3141bf399d2370afdcff21e8a5cae18ddaa0787b1b

0u7dhr6.ngampr.ru Open in urlscan Pro 104.26.5.173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

13 Requests

92 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

226 kBTransfer

514 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

0 Cookies

5 Console Messages

Security Headers

Indicators

0u7dhr6.ngampr.ru Open in urlscan Pro
104.26.5.173 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

226 kB
Transfer

514 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions