kztjqemanr64186b028639a.filesfsa.ru Open in urlscan Pro
2606:4700:e6::ac40:c824 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://kztjqemanr64186b028639a.filesfsa.ru/
Submission: On March 22 via manual (March 22nd 2023, 3:25:08 pm UTC) from CA — Scanned from CA

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 14 HTTP transactions. The main IP is 2606:4700:e6::ac40:c824, located in United States and belongs to CLOUDFLARENET, US. The main domain is kztjqemanr64186b028639a.filesfsa.ru.

This is the only time kztjqemanr64186b028639a.filesfsa.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:e6:... 2606:4700:e6::ac40:c824	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	2606:4700::68... 2606:4700::6812:7b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	3

8 2606:4700:e6::ac40:c824 (United States)

ASN13335 (CLOUDFLARENET, US)

kztjqemanr64186b028639a.filesfsa.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:7b9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	filesfsa.ru kztjqemanr64186b028639a.filesfsa.ru	134 KB
7	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 5237	128 KB
14	2

	Domain	Requested by
8	kztjqemanr64186b028639a.filesfsa.ru	kztjqemanr64186b028639a.filesfsa.ru
7	challenges.cloudflare.com	1 redirects kztjqemanr64186b028639a.filesfsa.ru challenges.cloudflare.com
14	2

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://kztjqemanr64186b028639a.filesfsa.ru/
Frame ID: 91E31CEF3347F5727F2FF001FD1C90E0
Requests: 12 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/dnun9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 4963CA10FD5BC014A372CEC02E7F9E74
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page Statistics

14
Requests

36 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

262 kB
Transfer

599 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=m
Title: Cloudflare

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/db880165/api.js?onload=_cf_chl_turnstile_l&render=explicit

14 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 403
Forbidden Primary Request / Show response
kztjqemanr64186b028639a.filesfsa.ru/ 7 KB
5 KB 219ms
35ms Document
text/html 2606:4700:e6::ac40:c824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://kztjqemanr64186b028639a.filesfsa.ru/

Protocol

HTTP/1.1

Server

2606:4700:e6::ac40:c824 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f736fdc91f112ed7df1f88b4681e0eef786fce55ef663d9eb60c85adfb8657c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

CF-RAY: 7abf71ee2acf4332-EWR
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Date: Wed, 22 Mar 2023 15:25:03 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rV6BdOPqKKBiS3rhcaIndIjNuYfXUUh9pF%2BaxOdjEYZA6aH%2Bq3nF72Q9FFYsBus5ua4Hus5lxKhH01vMKugdfSTOIf4GTdpGHWr5masmn57yX2Uj0PkI19msVM8Hom5NsqumTRSOul2WcqvLAkDuB%2FqUFbUJPxJntqTAWxXFZGcdbA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK challenges.css
kztjqemanr64186b028639a.filesfsa.ru/cdn-cgi/styles/ 6 KB
3 KB 63ms
37ms Stylesheet
text/css 2606:4700:e6::ac40:c824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://kztjqemanr64186b028639a.filesfsa.ru/cdn-cgi/styles/challenges.css

Requested by

Host: kztjqemanr64186b028639a.filesfsa.ru
URL: http://kztjqemanr64186b028639a.filesfsa.ru/

Protocol

HTTP/1.1

Server

2606:4700:e6::ac40:c824 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kztjqemanr64186b028639a.filesfsa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 22 Mar 2023 15:25:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 17 Mar 2023 11:52:04 GMT
Server: cloudflare
ETag: W/"64145464-19c8"
Transfer-Encoding: chunked
X-Frame-Options: DENY
Content-Type: text/css
Vary: Accept-Encoding
Cache-Control: max-age=7200, public
Connection: keep-alive
CF-RAY: 7abf71eecbdf43ac-EWR
Expires: Wed, 22 Mar 2023 17:25:03 GMT

GET
H/1.1 403
Forbidden favicon.ico
kztjqemanr64186b028639a.filesfsa.ru/ 4 KB
4 KB 64ms
34ms Image
text/html 2606:4700:e6::ac40:c824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://kztjqemanr64186b028639a.filesfsa.ru/favicon.ico

Requested by

Host: kztjqemanr64186b028639a.filesfsa.ru
URL: http://kztjqemanr64186b028639a.filesfsa.ru/

Protocol

HTTP/1.1

Server

2606:4700:e6::ac40:c824 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee4356bed2f4855dc8ac299146e38ccaf21022b08557a48ae0b297b5462f0cf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kztjqemanr64186b028639a.filesfsa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 22 Mar 2023 15:25:03 GMT
Content-Encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Cross-Origin-Embedder-Policy: require-corp
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: same-origin
Connection: close
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Referrer-Policy: same-origin
Server: cloudflare
Cross-Origin-Opener-Policy: same-origin
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhT9I8aLkV4EwtiudoxBVeZcgwoz7e4D%2F92730WE7OxUnu8H7GtO4rU%2BpIhuyGB1%2BOfoJnvJgPJ9QYefe1KYhc4%2Bzc0RUEEQCmirWMIMcI%2Fvq3Bxfd4Cv5aGej7zbAMknKWvLVXs7iw%2FfItnMo0No4eJ%2B1IOW8lL%2FmP9eMD448bCIg%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
CF-RAY: 7abf71eecf4a4273-EWR
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK v1 Show response
kztjqemanr64186b028639a.filesfsa.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ 141 KB
52 KB 44ms
31ms Script
application/javascript 2606:4700:e6::ac40:c824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://kztjqemanr64186b028639a.filesfsa.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7abf71ee2acf4332
Requested by: Host: kztjqemanr64186b028639a.filesfsa.ru
URL: http://kztjqemanr64186b028639a.filesfsa.ru/
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d952197dea227b2249be4e6b62c6ffe7696c6543a9dcfeb19c9e2ffe31f2a03

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kztjqemanr64186b028639a.filesfsa.ru/?__cf_chl_rt_tk=2xtMuyIUwFQh20TLBLlsQQeWltEPSDX.nPZl9CHjkd0-1679498703-0-gaNycGzNBSU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 22 Mar 2023 15:25:03 GMT
Content-Encoding: gzip
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxWS1rQGOnUD7wiBWTFjbX184L23vbkRLeXslHynyVlg%2Fb5ApthBF1mtASionDsjCeGHPZjH7pkl6COB6qVPSJpVFpaVLfvYe925vYkfD3D06At2gMAkcJGKQEnf9N8DMqApfbUrGFHzflVZnXqUPPYUYi2gTp3bdfQOwB8rOosEYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
Connection: keep-alive
CF-RAY: 7abf71ef3c6a43ac-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK transparent.gif
kztjqemanr64186b028639a.filesfsa.ru/cdn-cgi/images/trace/managed/js/ 42 B
477 B 53ms
26ms Image
image/gif 2606:4700:e6::ac40:c824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://kztjqemanr64186b028639a.filesfsa.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7abf71ee2acf4332

Requested by

Host: kztjqemanr64186b028639a.filesfsa.ru
URL: http://kztjqemanr64186b028639a.filesfsa.ru/?__cf_chl_rt_tk=2xtMuyIUwFQh20TLBLlsQQeWltEPSDX.nPZl9CHjkd0-1679498703-0-gaNycGzNBSU

Protocol

HTTP/1.1

Server

2606:4700:e6::ac40:c824 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kztjqemanr64186b028639a.filesfsa.ru/?__cf_chl_rt_tk=2xtMuyIUwFQh20TLBLlsQQeWltEPSDX.nPZl9CHjkd0-1679498703-0-gaNycGzNBSU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 22 Mar 2023 15:25:03 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 17 Mar 2023 11:52:04 GMT
Server: cloudflare
ETag: "64145464-2a"
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=7200, public
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7abf71ef49044396-EWR
Content-Length: 42
Expires: Wed, 22 Mar 2023 17:25:03 GMT

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/db880165/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
https://challenges.cloudflare.com/turnstile/v0/g/db880165/api.js?onload=_cf_chl_turnstile_l&render=explicit

14 KB
5 KB

45ms
44ms

Script
application/javascript

2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/db880165/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by: Host: kztjqemanr64186b028639a.filesfsa.ru
URL: http://kztjqemanr64186b028639a.filesfsa.ru/
Protocol: H2
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d395cc53363e6e22c75f73de0d4de7355ed844b65b8f0d149664ec06facd2d8e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:25:03 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7abf71f08b544bc5-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Wed, 22 Mar 2023 15:25:03 GMT
server: cloudflare
vary: accept-encoding
location: /turnstile/v0/g/db880165/api.js?onload=_cf_chl_turnstile_l&render=explicit
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7abf71f04b004bc5-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK f4fec64ee96c66f Show response
kztjqemanr64186b028639a.filesfsa.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/723089286:1679495719:ZwGi2V805nTiO1haSpLNnU8HI8a6IMGbWKcHhzk_Lao/7abf71ee2acf4332/ 133 KB
64 KB 60ms
60ms XHR
text/plain 2606:4700:e6::ac40:c824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://kztjqemanr64186b028639a.filesfsa.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/723089286:1679495719:ZwGi2V805nTiO1haSpLNnU8HI8a6IMGbWKcHhzk_Lao/7abf71ee2acf4332/f4fec64ee96c66f
Requested by: Host: kztjqemanr64186b028639a.filesfsa.ru
URL: http://kztjqemanr64186b028639a.filesfsa.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7abf71ee2acf4332
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b8d67a60572c5f25d72c17eacd6be2a20e33e44d603e49f56bbb155ec6326b4

Request headers

Referer: http://kztjqemanr64186b028639a.filesfsa.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: f4fec64ee96c66f
Content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 22 Mar 2023 15:25:03 GMT
Content-Encoding: gzip
cf_chl_gen: /oUgfVfmSEkMhUIxzuaBm7/7ReU1yP9F03+vL3A2xPK4FATo2SwjK6KV7sSTDSlvFwFH27cIXCnyERh9x4UZZ39NJ8VPZg8DDfuSyxpG38mQOJQlc3bhwDKpmghq9+ASFJNuTwbzVUbWD18RsUOrCejFnYCpRyzJ5Lx2NXEmRUc5zs6saLuYJ+EDrn+0ktm2ac3xDXlX6eEf3ivQPqO90+GaI/K7QzDIPJEimbZacj+yWB1h+yaleAg9ipyWkDlSd80viMPDwPhIraYYyp61Gun9qIw+pbT8GWokft48BcPDZ62r2RfacFMATd9viK7Zcbv2aU5Z0oSh8uv+PwULX0Ee+y0dqMsr1brg5vxgfv1zd82EAwUCUJAumEIm1VRKNvAExOqXabgj6fTZuSa9MBw9SQ4bdL3Gn2nR4rsF0PM=$BEb2N74mzk1z9z/0tKqSQw==
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIRhXLCHfFb6UKCr2jpPA%2BtaMVZ1BBPrDz4Va9INe3DRViGnIPuPX02Uh6oK%2BoCoWWdBqgHvAHRhEO1EPHKgG44xdLfdqFYxzS1yIbUPpLM4e7nVK7ciqj0nLbeX26N1TICPSBPNAEnsi2GlG9LtaSyp%2BB6Vtdyp84zTe3HW%2BzdiEw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
CF-RAY: 7abf71f08dea43ac-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK TDMUTgvQf96qMIk
kztjqemanr64186b028639a.filesfsa.ru/cdn-cgi/challenge-platform/h/g/img/7abf71ee2acf4332/1679498703457/ 61 B
690 B 31ms
30ms Image
image/png 2606:4700:e6::ac40:c824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://kztjqemanr64186b028639a.filesfsa.ru/cdn-cgi/challenge-platform/h/g/img/7abf71ee2acf4332/1679498703457/TDMUTgvQf96qMIk
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf7088c972553445564cb261c97c05693657491ae574c1c9ea43a176d24c0e99

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kztjqemanr64186b028639a.filesfsa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 22 Mar 2023 15:25:04 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLvAb9kAYqs3pmu1hNRGzb%2FSqV9I%2BT0iFNvnuI%2FBLcn2ydTvEZ55AoyAUjbtO4cAICzVGk1%2BvS%2BMXao8Qf70Ht6BR2oRTd1RBpsRRMqtu3Vcc71lEsyrvTzp3KBwgWy6q1VV2VEm5F%2FA782YTMLrUS5UinbQDwE%2FXMEzVV6wcPpu%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Connection: keep-alive
CF-RAY: 7abf71f94faf43ac-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK f4fec64ee96c66f Show response
kztjqemanr64186b028639a.filesfsa.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/723089286:1679495719:ZwGi2V805nTiO1haSpLNnU8HI8a6IMGbWKcHhzk_Lao/7abf71ee2acf4332/ 5 KB
4 KB 67ms
67ms XHR
text/plain 2606:4700:e6::ac40:c824
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://kztjqemanr64186b028639a.filesfsa.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/723089286:1679495719:ZwGi2V805nTiO1haSpLNnU8HI8a6IMGbWKcHhzk_Lao/7abf71ee2acf4332/f4fec64ee96c66f
Requested by: Host: kztjqemanr64186b028639a.filesfsa.ru
URL: http://kztjqemanr64186b028639a.filesfsa.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7abf71ee2acf4332
Protocol: HTTP/1.1
Server: 2606:4700:e6::ac40:c824 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89567bad402219265764969937a72567029a9112bd4327cfdfa6a920ca55c17

Request headers

Referer: http://kztjqemanr64186b028639a.filesfsa.ru/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: f4fec64ee96c66f
Content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 22 Mar 2023 15:25:05 GMT
Content-Encoding: gzip
cf_chl_gen: yBPrIGe+CljAVNFJy+qz7GMR8EEaSMPSkK46j9ATevmclw6UQODkzciISKfncANv$W1jnlAj9Qn4FrXIGBj1bkQ==
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rlS92EkpTvy5hGnntatR81ETLs7SAwObXjXK4QdX%2FQFRAsaDLhH6EThNiOo8I%2BIdfu4WrpmEKf5v8MWKltPZCJSN4GDp4%2BjzbYpwdhIcfhOriZejutT0BnAaEWpL62dkpgtWWZ6J2QGJ09tIYYjCCU77K9d2AZS37QJfuPyVml3g8g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
CF-RAY: 7abf71fd5c4043ac-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/dnun9/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 4963 21 KB
7 KB 53ms
28ms Document
text/html 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/dnun9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae78151e7b8622a00aec6472bd3ebc30c779056fdc3fa4f4bf6e2a66c100b461

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7abf71ffe9aa4bb9-YUL
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 15:25:05 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
DATA 200
OK truncated
/ 187 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://kztjqemanr64186b028639a.filesfsa.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 4963 154 KB
56 KB 49ms
48ms Script
application/javascript 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7abf71ffe9aa4bb9
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/dnun9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7b63595f04442f211297a629f0245040bb13bb4c6ba9b4f6d912329a1a3e86f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/dnun9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:25:06 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7abf7200bae34bb9-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

POST
H3 200 f542b8e3df82ca0 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1844389614:1679497852:puRYmw9udm70hRLp87lH7fzSaUG0iAv_dk-eR7KhGMM/7abf71ffe9aa4bb9/ Frame 4963 101 KB
51 KB 97ms
96ms XHR
text/plain 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1844389614:1679497852:puRYmw9udm70hRLp87lH7fzSaUG0iAv_dk-eR7KhGMM/7abf71ffe9aa4bb9/f542b8e3df82ca0
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7abf71ffe9aa4bb9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d0238dc25ae8be7c9fe1cb1aa8943e85c173785e9efb8d2188f80dc2c5b4cc

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/dnun9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: f542b8e3df82ca0
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 22 Mar 2023 15:25:06 GMT
content-encoding: br
cf_chl_gen: Lz4VlomWqna+91VpobWux6xZgUyoNBnPPnAzbjH2o5g3qYlqLsKibSmpZWl1r0Zj4++Vlwn7ATnbuvzbcluSQEQXDT9MrCw9bWioa+ILGj8Q7lRTyBcoIpSDis/owOhDjcTUYESv/D25gCZaGG0MrGxqKEBG9tu2/orc/V1q1w/IDPAmb682NjsIei2MLb2XqfjG370Y78QTDPT+hcOruMDJw662lZOxZAbmi9tAVqB+JxOn6lEENOxNwsj9jXKNiBR4RD6C+mmdkV7YHES355PHv6iZCU/AiSWUtS6HkgsCRJGFuYZskQIQmItx8dmYwdq8RYx4t8hi8ul1uyTZa4+id6dDfh+4VE1RgNLPWZ4EKqHbCmKo2xQvfjh5A/BbzKV0bDku2rMRZZXigrF2+V1xgU8gEPUFbEwiAQZzIizaGMdxvqEMILaOo+3HoOFitIdSmWZZMBfmNV0fgkhkMA==$igYhyc2V8iuVo1lIzR4LdA==
server: cloudflare
cf-ray: 7abf72021d3a4bb9-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 2fiITPVBmiMQs6h
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7abf71ffe9aa4bb9/1679498706277/ Frame 4963 61 B
166 B 21ms
19ms Image
image/png 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7abf71ffe9aa4bb9/1679498706277/2fiITPVBmiMQs6h
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c7a06de88e21c3fb03525905c103f46382e919a54090b66dd69362ff2b07021

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/dnun9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:25:06 GMT
server: cloudflare
cf-ray: 7abf720498ec4bb9-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/png

POST
H3 200 f542b8e3df82ca0 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1844389614:1679497852:puRYmw9udm70hRLp87lH7fzSaUG0iAv_dk-eR7KhGMM/7abf71ffe9aa4bb9/ Frame 4963 11 KB
9 KB 79ms
77ms XHR
text/plain 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1844389614:1679497852:puRYmw9udm70hRLp87lH7fzSaUG0iAv_dk-eR7KhGMM/7abf71ffe9aa4bb9/f542b8e3df82ca0
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7abf71ffe9aa4bb9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53f47fcbeb2e3b1c234af2de3f18fdee110831a224a0029fa8cebbdb1a7f2687

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/dnun9/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge: f542b8e3df82ca0
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 22 Mar 2023 15:25:07 GMT
content-encoding: br
cf_chl_gen: SYOvEW5R+LmPf7wDnp3y37YVSAJFOHgzdsWk95itNzUi1cYSTxQHIPKvZBERhSnV$TTENskBOwHjjeKzh053CNA==
server: cloudflare
cf-ray: 7abf720b2b5e4bb9-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: http://kztjqemanr64186b028639a.filesfsa.ru/ Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	error	URL: http://kztjqemanr64186b028639a.filesfsa.ru/ Message: The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
network	error	URL: http://kztjqemanr64186b028639a.filesfsa.ru/favicon.ico Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
kztjqemanr64186b028639a.filesfsa.ru
2606:4700::6812:7b9
2606:4700:e6::ac40:c824
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
2ee4356bed2f4855dc8ac299146e38ccaf21022b08557a48ae0b297b5462f0cf
4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578
53f47fcbeb2e3b1c234af2de3f18fdee110831a224a0029fa8cebbdb1a7f2687
54d0238dc25ae8be7c9fe1cb1aa8943e85c173785e9efb8d2188f80dc2c5b4cc
5d952197dea227b2249be4e6b62c6ffe7696c6543a9dcfeb19c9e2ffe31f2a03
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6b8d67a60572c5f25d72c17eacd6be2a20e33e44d603e49f56bbb155ec6326b4
6f736fdc91f112ed7df1f88b4681e0eef786fce55ef663d9eb60c85adfb8657c
9c7a06de88e21c3fb03525905c103f46382e919a54090b66dd69362ff2b07021
a7b63595f04442f211297a629f0245040bb13bb4c6ba9b4f6d912329a1a3e86f
a89567bad402219265764969937a72567029a9112bd4327cfdfa6a920ca55c17
ae78151e7b8622a00aec6472bd3ebc30c779056fdc3fa4f4bf6e2a66c100b461
cf7088c972553445564cb261c97c05693657491ae574c1c9ea43a176d24c0e99
d395cc53363e6e22c75f73de0d4de7355ed844b65b8f0d149664ec06facd2d8e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

kztjqemanr64186b028639a.filesfsa.ru Open in urlscan Pro 2606:4700:e6::ac40:c824 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

14 Requests

36 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

262 kBTransfer

599 kBSize

0 Cookies

1 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

0 Cookies

5 Console Messages

Security Headers

Indicators

kztjqemanr64186b028639a.filesfsa.ru Open in urlscan Pro
2606:4700:e6::ac40:c824 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

36 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

262 kB
Transfer

599 kB
Size

0
Cookies

14 HTTP transactions
3 data transactions