maschilltd.com - urlscan.io

Summary

This website contacted 3 IPs in 4 countries across 4 domains to perform 5 HTTP transactions. The main IP is 107.167.90.213, located in Phoenix, United States and belongs to IOFLOOD, US. The main domain is maschilltd.com.
TLS certificate: Issued by R11 on July 25th 2024. Valid for: 3 months.

This is the only time maschilltd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	107.167.90.213 107.167.90.213	53755 (IOFLOOD) (IOFLOOD)
1 3	104.18.94.41 104.18.94.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2404:6800:400... 2404:6800:400a:813::2001	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:801::2004	15169 (GOOGLE) (GOOGLE)
5	3

2 107.167.90.213 (Phoenix, United States)

ASN53755 (IOFLOOD, US)
PTR: server47880.cleannameservers.com

maschilltd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.94.41 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:400a:813::2001 (Osaka, Japan) 1 redirects

ASN15169 (GOOGLE, US)

s2.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:801::2004 (Australia)

ASN15169 (GOOGLE, US)

t0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 3877	15 KB
2	maschilltd.com maschilltd.com	2 KB
1	gstatic.com t0.gstatic.com	856 B
1	googleusercontent.com 1 redirects s2.googleusercontent.com — Cisco Umbrella Rank: 40687	621 B
5	4

	Domain	Requested by
3	challenges.cloudflare.com	1 redirects maschilltd.com challenges.cloudflare.com
2	maschilltd.com	maschilltd.com
1	t0.gstatic.com
1	s2.googleusercontent.com	1 redirects
5	4

This site contains no links.

Subject Issuer	Validity	Valid
*.maschilltd.com R11	`2024-07-25` - `2024-10-23`	3 months	crt.sh
challenges.cloudflare.com E5	`2024-07-17` - `2024-10-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://maschilltd.com/tabs/?classic=VKoaj3UwvqGfVW5gVKosmKkwHZt0jW5hv20
Frame ID: A93922ACC9F97AF75192CABB37258F78
Requests: 4 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/44kh5/0x4AAAAAAAgwGAR2hfHjt0iH/auto/fbE/normal/auto/
Frame ID: 312842CC7FE0422EAD9EB5B8C83E5095
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jti VPN

Page Statistics

5
Requests

60 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

4
Countries

17 kB
Transfer

46 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js

Request Chain 3

https://s2.googleusercontent.com/s2/favicons?domain=jti.com HTTP 301
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jti.com&size=16

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
maschilltd.com/tabs/ 1 KB
864 B 1056ms
143ms Document
text/html 107.167.90.213
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://maschilltd.com/tabs/?classic=VKoaj3UwvqGfVW5gVKosmKkwHZt0jW5hv20
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.167.90.213 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: server47880.cleannameservers.com
Software: Apache /
Resource Hash: e93b9f0fdc2ae479a8af536512601c8043fbf22c5d4c300f97117a5f4474527d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 563
Content-Type: text/html; charset=UTF-8
Date: Wed, 21 Aug 2024 06:49:56 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H3

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js
https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js

44 KB
15 KB

15ms
15ms

Script
application/javascript

104.18.94.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js
Requested by: Host: maschilltd.com
URL: https://maschilltd.com/tabs/?classic=VKoaj3UwvqGfVW5gVKosmKkwHZt0jW5hv20
Protocol: H3
Server: 104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7eda47b0c02c44bdaa43a5b14857f1257ddbd620b0397c32aa3ae8baf769ab55

Request headers

Referer: https://maschilltd.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 06:49:56 GMT
content-encoding: br
last-modified: Thu, 15 Aug 2024 16:28:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
cross-origin-resource-policy: cross-origin
cf-ray: 8b68afa2999c1ed0-NRT
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 21 Aug 2024 06:49:56 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
location: /turnstile/v0/b/6790c32b9fc9/api.js
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy: cross-origin
cf-ray: 8b68afa279831ed0-NRT
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK style.css
maschilltd.com/tabs/ 1 KB
739 B 122ms
121ms Stylesheet
text/css 107.167.90.213
IOFLOOD

General

Check archive.org

Show headers Download Go to

Full URL: https://maschilltd.com/tabs/style.css
Requested by: Host: maschilltd.com
URL: https://maschilltd.com/tabs/?classic=VKoaj3UwvqGfVW5gVKosmKkwHZt0jW5hv20
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.167.90.213 Phoenix, United States, ASN53755 (IOFLOOD, US),
Reverse DNS: server47880.cleannameservers.com
Software: Apache /
Resource Hash: c43fc6fa3c17c86dee38871c90cb2e4cf4a37f56084524b9383156f5e7aab932

Request headers

Referer: https://maschilltd.com/tabs/?classic=VKoaj3UwvqGfVW5gVKosmKkwHZt0jW5hv20
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 21 Aug 2024 06:49:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Aug 2024 09:39:38 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 441

GET
H3 200 /
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/44kh5/0x4AAAAAAAgwGAR2hfHjt0iH/auto/fbE/normal/auto/ Frame 3128 0
0 36ms
33ms Document
text/html 104.18.94.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/44kh5/0x4AAAAAAAgwGAR2hfHjt0iH/auto/fbE/normal/auto/

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: https://maschilltd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8b68afa35f1a2053-NRT
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 21 Aug 2024 06:49:57 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H2

200

faviconV2
t0.gstatic.com/
Redirect Chain

https://s2.googleusercontent.com/s2/favicons?domain=jti.com
https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jti.com&size=16

307 B
856 B

133ms
46ms

Other
image/png

2404:6800:4004:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jti.com&size=16

Protocol

H2

Server

2404:6800:4004:801::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b8e46b9bde6ea0436e36fc3beffc4a26c7ae288eeec071bf6971b2acec804f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://maschilltd.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 06:49:57 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 307
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 08:35:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.jti.com/sites/default/files/favicon_0_0_0.ico
expires: Wed, 28 Aug 2024 06:49:57 GMT

Redirect headers

date: Wed, 21 Aug 2024 06:49:57 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jti.com&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 327
x-xss-protection: 0
expires: Wed, 21 Aug 2024 07:19:57 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| turnstile function| TurnstileSuccess

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			maschilltd.com/tabs	1969-12-31 23:59:59	Name: omni Value: VKoaj3UwvqGfVW5gVKosmKkwHZt0jW5hv20

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
maschilltd.com
s2.googleusercontent.com
t0.gstatic.com
104.18.94.41
107.167.90.213
2404:6800:4004:801::2004
2404:6800:400a:813::2001
45b8e46b9bde6ea0436e36fc3beffc4a26c7ae288eeec071bf6971b2acec804f
7eda47b0c02c44bdaa43a5b14857f1257ddbd620b0397c32aa3ae8baf769ab55
c43fc6fa3c17c86dee38871c90cb2e4cf4a37f56084524b9383156f5e7aab932
e93b9f0fdc2ae479a8af536512601c8043fbf22c5d4c300f97117a5f4474527d

maschilltd.com Open in urlscan Pro 107.167.90.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

60 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

3 IPs

4 Countries

17 kBTransfer

46 kBSize

1 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

maschilltd.com Open in urlscan Pro
107.167.90.213 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

60 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

4
Countries

17 kB
Transfer

46 kB
Size

1
Cookies

5 HTTP transactions
0 data transactions