urlscan.io logo urlscan.io
SecurityTrails logo

kql140fd.knbppmn.ru Open in urlscan Pro
2606:4700:3036::ac43:b9fc  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://secure.adnxs.com/clktrb?id=704169&redir=//varietystreetfood.co.uk%2F.djk%2Fhk%2Fry4mhd%2FYWdhcm5oYW1AY2h1YmIuY29t
Effective URL: https://kql140fd.knbppmn.ru/bV1d6JXvz7/
Submission: On February 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3036::ac43:b9fc, located in United States and belongs to CLOUDFLARENET, US. The main domain is kql140fd.knbppmn.ru.
TLS certificate: Issued by GTS CA 1P5 on January 28th 2024. Valid for: 3 months.
This is the only time kql140fd.knbppmn.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 37.252.173.215 29990 (ASN-APPNEX)
1 162.0.215.93 22612 (NAMECHEAP...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a04:4e42:400... 54113 (FASTLY)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.245.31.89 ()
8 6
2    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    162.0.215.93 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium275-3.web-hosting.com
varietystreetfood.co.uk
3    2606:4700:3036::ac43:b9fc (United States)

ASN13335 (CLOUDFLARENET, US)
kql140fd.knbppmn.ru
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    2606:4700::6811:2b8 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    18.245.31.89 (None, )

ASN- ()
cdn.socket.io
Apex Domain
Subdomains		 Transfer
3 knbppmn.ru
kql140fd.knbppmn.ru
17 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4682
13 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 459
2 KB
1 socket.io
cdn.socket.io
14 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 761
30 KB
1 varietystreetfood.co.uk
varietystreetfood.co.uk
203 B
8 6
Domain Requested by
3 kql140fd.knbppmn.ru kql140fd.knbppmn.ru
2 challenges.cloudflare.com 1 redirects kql140fd.knbppmn.ru
2 secure.adnxs.com 2 redirects
1 cdn.socket.io kql140fd.knbppmn.ru
1 code.jquery.com kql140fd.knbppmn.ru
1 varietystreetfood.co.uk
8 6

This site contains no links.

Subject Issuer Validity Valid
varietystreetfood.co.uk
Sectigo RSA Domain Validation Secure Server CA		 2024-01-25 -
2025-02-24		 a year crt.sh
knbppmn.ru
GTS CA 1P5		 2024-01-28 -
2024-04-27		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
cdn.socket.io
Amazon RSA 2048 M03		 2023-10-22 -
2024-11-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://kql140fd.knbppmn.ru/bV1d6JXvz7/
Frame ID: 2615BAA0CA7B22A8F87029CF263226C0
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading

Detected technologies

Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

75 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

75 kB
Transfer

244 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://secure.adnxs.com/clktrb?id=704169&redir=//varietystreetfood.co.uk%2F.djk%2Fhk%2Fry4mhd%2FYWdhcm5oYW1AY2h1YmIuY29t HTTP 307
  • https://secure.adnxs.com/bounce?%2Fclktrb%3Fid%3D704169%26redir%3D%2F%2Fvarietystreetfood.co.uk%252F.djk%252Fhk%252Fry4mhd%252FYWdhcm5oYW1AY2h1YmIuY29t HTTP 302
  • https://varietystreetfood.co.uk/.djk/hk/ry4mhd/YWdhcm5oYW1AY2h1YmIuY29t
Request Chain 3
  • https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/a990e557/api.js?render=explicit

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
YWdhcm5oYW1AY2h1YmIuY29t
varietystreetfood.co.uk/.djk/hk/ry4mhd/
Redirect Chain
  • https://secure.adnxs.com/clktrb?id=704169&redir=//varietystreetfood.co.uk%2F.djk%2Fhk%2Fry4mhd%2FYWdhcm5oYW1AY2h1YmIuY29t
  • https://secure.adnxs.com/bounce?%2Fclktrb%3Fid%3D704169%26redir%3D%2F%2Fvarietystreetfood.co.uk%252F.djk%252Fhk%252Fry4mhd%252FYWdhcm5oYW1AY2h1YmIuY29t
  • https://varietystreetfood.co.uk/.djk/hk/ry4mhd/YWdhcm5oYW1AY2h1YmIuY29t
0
203 B 		Document
General
Check archive.org
Download Go to
Full URL
https://varietystreetfood.co.uk/.djk/hk/ry4mhd/YWdhcm5oYW1AY2h1YmIuY29t
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.215.93 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium275-3.web-hosting.com
Software
LiteSpeed / PHP/8.0.30
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 09 Feb 2024 14:48:23 GMT
refresh
0;url=https://kql140fd.knbppmn.ru/bV1d6JXvz7/#agarnham@chubb.com
server
LiteSpeed
x-powered-by
PHP/8.0.30
x-turbo-charged-by
LiteSpeed

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
f632a92b-e161-4bb4-9167-54904ec7a70f
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 09 Feb 2024 14:48:22 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
//varietystreetfood.co.uk/.djk/hk/ry4mhd/YWdhcm5oYW1AY2h1YmIuY29t
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
37.58.57.5; 37.58.57.5; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Primary Request /
kql140fd.knbppmn.ru/bV1d6JXvz7/ 		1013 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kql140fd.knbppmn.ru/bV1d6JXvz7/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b9fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc576beb1ffb906dbf4509ac1c315242d67515f641f04a79de048df77a2ee8bd

Request headers

Referer
https://varietystreetfood.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
852ce9ceab113a86-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 09 Feb 2024 14:48:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVoZRJ%2F3fcLJM%2BZ%2BNT0iR9QY4WV8FPeewWeP6Bi3SUK3xiSwp3T4PL38uWlyxiduUtCVCSJvOpRpWmu7ot4Y6xWUIYkuaMWhLMc2t7%2BeObKISgINWiwGZ%2BhvuYOq7sUmwXwV4%2FbchmGvxwDlkYCuFNcK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
myscr835420.js
kql140fd.knbppmn.ru/bV1d6JXvz7/ 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kql140fd.knbppmn.ru/bV1d6JXvz7/myscr835420.js
Requested by
Host: kql140fd.knbppmn.ru
URL: https://kql140fd.knbppmn.ru/bV1d6JXvz7/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b9fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a0d8d6d11b7ae81daf21b8f57942d51a4f85b117f0cac8a81845b6a028562b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kql140fd.knbppmn.ru/bV1d6JXvz7/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:48:27 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 07 Feb 2024 23:27:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrdGCVqu76HD4wTr5BrgZQZCj8bJ1IjGwKRBBp5f%2F%2FV0yoe3%2FpI1nv04Q%2BTFe2l261WrvCfk8QCpcYOyEmRN9Zliwd1wmUfInPvdh4G%2Bkk%2BPNwRFb%2B%2FYeGKtW39G8VS7LaSC3uZQ02P3HZB7GoxevGN0"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
852ce9cfcd193a86-FRA
alt-svc
h3=":443"; ma=86400
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: kql140fd.knbppmn.ru
URL: https://kql140fd.knbppmn.ru/bV1d6JXvz7/myscr835420.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://kql140fd.knbppmn.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 09 Feb 2024 14:48:27 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
6887490
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230038-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1707490107.073989,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
4, 1771956
api.js
challenges.cloudflare.com/turnstile/v0/b/a990e557/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/b/a990e557/api.js?render=explicit
38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/a990e557/api.js?render=explicit
Requested by
Host: kql140fd.knbppmn.ru
URL: https://kql140fd.knbppmn.ru/bV1d6JXvz7/
Protocol
H2
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb567040abfba5705ef438233da6ca0df44fc81ceacffe1b5d8e1f3ffabc33fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kql140fd.knbppmn.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:48:27 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
852ce9d15c00928d-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 09 Feb 2024 14:48:27 GMT
server
cloudflare
vary
accept-encoding
location
/turnstile/v0/b/a990e557/api.js?render=explicit
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
852ce9d12bcc928d-FRA
alt-svc
h3=":443"; ma=86400
pages-head-top-web.min.js
kql140fd.knbppmn.ru/web6/assets/js/ 		604 B
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kql140fd.knbppmn.ru/web6/assets/js/pages-head-top-web.min.js?cb=1707490080000
Requested by
Host: kql140fd.knbppmn.ru
URL: https://kql140fd.knbppmn.ru/bV1d6JXvz7/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b9fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe263d6fb4996f7a47af852d2fe3b925dbd1d9be3cdb599c9fb9ad0d60489b78
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kql140fd.knbppmn.ru/bV1d6JXvz7/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 14:48:27 GMT
content-security-policy
frame-ancestors 'none'
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 08 Feb 2024 16:24:11 GMT
server
cloudflare
etag
W/"25c-610e13dd7ccc3-gzip"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDyLEA8Ia58ECoJkjnBs9mycZngEwNYCofWTy8i8kH0F%2B4gUDcfirdEqSIm6qIKxl99fcKaijgZy0FB9MEVJUS07F%2F8P7a%2BqOvFV8sHs1L4ibS5yFXZTsymXL57k"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
852ce9d1b98c1959-FRA
socket.io.min.js
cdn.socket.io/4.6.0/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.socket.io/4.6.0/socket.io.min.js
Requested by
Host: kql140fd.knbppmn.ru
URL: https://kql140fd.knbppmn.ru/web6/assets/js/pages-head-top-web.min.js?cb=1707490080000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.89 -, , ASN (),
Reverse DNS
Software
Vercel /
Resource Hash
0401de33701f1cad16ecf952899d23990b6437d0a5b7335524edf6bdfb932542
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://kql140fd.knbppmn.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 15:42:00 GMT
content-encoding
gzip
via
1.1 edfa50bbeda89838b4ee2ce6eaea1b04.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000
x-amz-cf-pop
FRA56-P8
age
3162207
x-cache
Hit from cloudfront
content-disposition
inline; filename="socket.io.min.js"
server
Vercel
x-vercel-id
fra1::989fl-1704555720340-2c9912881e4a
etag
W/"80f5b8c6a9eeac15de93e5a112036a06"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
KR5ukDZYjxpIgoJmsiEsQNKxW_v28f8tQE3SNPkL4ZNSsg_ZiOy2gQ==
pages-head-web.min.js
kql140fd.knbppmn.ru/web6/assets/js/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kql140fd.knbppmn.ru
URL
https://kql140fd.knbppmn.ru/web6/assets/js/pages-head-web.min.js?cb=36

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| capnum number| appnum string| emailcheck string| ccturnhtml string| ccelehtml string| cchtml string| bchtml boolean| rde boolean| uab string| bltdip string| bltdref string| bltdua string| bltddata string| bltdsid function| ILwJqNaNIf string| OJlwRIEPCB object| erp string| em object| parser object| doc object| linkElement string| hrefValue number| tmp function| $ function| jQuery object| turnstile number| catchbusterdynamic object| scriptElementheadtop

3 Cookies

Domain/Path Name / Value
.adnxs.com/ Name: XANDR_PANID
Value: QlPMPBNsjJgZc-_J3YqY27L3WlNR2Mjmy4Lx6mFCKWl-qmEysTG8fo1L1e9UlhVeE2HpFmHVipVo5O7h4J7ECdBHk26eOaDjfuDvCJe4EN4.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 6274781014159455729

3 Console Messages

Source Level URL
Text
javascript warning URL: https://kql140fd.knbppmn.ru/bV1d6JXvz7/myscr835420.js(Line 4480)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://kql140fd.knbppmn.ru/bV1d6JXvz7/myscr835420.js(Line 4480)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://kql140fd.knbppmn.ru/bV1d6JXvz7/myscr835420.js(Line 4480)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.