ct8hs.canksru.ru
Open in
urlscan Pro
2606:4700:20::ac43:4b52
Public Scan
Effective URL: https://ct8hs.canksru.ru/Mundefined
Submission: On March 11 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on March 1st 2023. Valid for: 3 months.
This is the only time ct8hs.canksru.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 13.125.189.152 13.125.189.152 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 45.8.124.5 45.8.124.5 | 35112 (GBNGROUP-AS) (GBNGROUP-AS) | |
7 | 2606:4700:20:... 2606:4700:20::ac43:4b52 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 8 | 2606:4700::68... 2606:4700::6812:6b9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
17 | 4 |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-125-189-152.ap-northeast-2.compute.amazonaws.com
ums.koreanair.com |
ASN35112 (GBNGROUP-AS, SC)
PTR: free.gbnhost.com
b5vdb0xmyw7q.ases.za.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
cloudflare.com
1 redirects
challenges.cloudflare.com — Cisco Umbrella Rank: 5237 |
141 KB |
7 |
canksru.ru
ct8hs.canksru.ru |
118 KB |
2 |
koreanair.com
ums.koreanair.com |
4 KB |
1 |
za.com
b5vdb0xmyw7q.ases.za.com |
790 B |
17 | 4 |
Domain | Requested by | |
---|---|---|
8 | challenges.cloudflare.com |
1 redirects
ct8hs.canksru.ru
challenges.cloudflare.com ums.koreanair.com |
7 | ct8hs.canksru.ru |
b5vdb0xmyw7q.ases.za.com
ct8hs.canksru.ru ums.koreanair.com |
2 | ums.koreanair.com |
ums.koreanair.com
|
1 | b5vdb0xmyw7q.ases.za.com |
ums.koreanair.com
|
17 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.koreanair.com Amazon RSA 2048 M02 |
2023-02-07 - 2024-02-02 |
a year | crt.sh |
*.canksru.ru GTS CA 1P5 |
2023-03-01 - 2023-05-30 |
3 months | crt.sh |
challenges.cloudflare.com Cloudflare Inc ECC CA-3 |
2022-09-18 - 2023-09-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://ct8hs.canksru.ru/Mundefined
Frame ID: BDE447816658AEE01CEE59775B895F64
Requests: 11 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/o4r1q/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: CD5237068540EBE9DBF4D79F7BFDE4F8
Requests: 6 HTTP requests in this frame
Screenshot
Page Title
Loading...Page URL History Show full URLs
- https://ums.koreanair.com/Check.html?redirectUrl=9JRD01MTMy&U1RZUEU9TUFTUw=TElTVF9UQUJMRT1FTVNfTUFTU19... Page URL
- http://b5vdb0xmyw7q.ases.za.com/ Page URL
- https://ct8hs.canksru.ru/Mundefined Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://ums.koreanair.com/Check.html?redirectUrl=9JRD01MTMy&U1RZUEU9TUFTUw=TElTVF9UQUJMRT1FTVNfTUFTU19TRU5EX0xJU1Q=3E9TVF9JRD0yMDE5MDkyMzAwMDAy&VEM9MjAxOTEwMjM=0lORD1D&Q0lEPTAwMg=URL=http://B5VdB0Xmyw7q.ases.za.com/ Page URL
- http://b5vdb0xmyw7q.ases.za.com/ Page URL
- https://ct8hs.canksru.ru/Mundefined Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
- https://challenges.cloudflare.com/turnstile/v0/g/af326ed3/api.js?onload=_cf_chl_turnstile_l&render=explicit
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Check.html
ums.koreanair.com/ |
2 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
no_img.gif
ums.koreanair.com/img/ |
811 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
b5vdb0xmyw7q.ases.za.com/ |
582 B 790 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
Mundefined
ct8hs.canksru.ru/ |
7 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ |
144 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transparent.gif
ct8hs.canksru.ru/cdn-cgi/images/trace/managed/js/ |
42 B 219 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
challenges.cloudflare.com/turnstile/v0/g/af326ed3/ Redirect Chain
|
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
16ade40e9952ba9
ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1268021260:1678498701:RSVTuD8jev1KAu5e2ScRcDxMonQ7GmqH4cGTZJkfYuM/7a60336ebc929079/ |
93 KB 55 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TLV_T__t98G0swn
ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/g/pat/7a60336ebc929079/1678499996187/e5e58de1648f29e9e2ce74dadc3ae6581210b31a718198788a6fb8ba29fcb860/ |
1 B 769 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d6iiHcgIgLWcn80
ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/g/img/7a60336ebc929079/1678499996189/ |
61 B 340 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
16ade40e9952ba9
ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1268021260:1678498701:RSVTuD8jev1KAu5e2ScRcDxMonQ7GmqH4cGTZJkfYuM/7a60336ebc929079/ |
5 KB 4 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/o4r1q/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame CD52 |
21 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame CD52 |
156 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
76e806513020fe2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/437040997:1678498607:pAM5GMQ6RiPmZQeQTZbO777elv-Xqnu-wQi0gEaf6Jg/7a60337a6d0e9072/ Frame CD52 |
132 KB 62 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2PwctsTRasHt6Jc
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7a60337a6d0e9072/1678499998164/ Frame CD52 |
61 B 166 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
n0_PiqQsr4FGyj8
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a60337a6d0e9072/1678499998167/e04b9271e80fcd00711a5059eafad5fa092c75b735fa5b62b837eccfd0d673a6/ Frame CD52 |
1 B 645 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
76e806513020fe2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/437040997:1678498607:pAM5GMQ6RiPmZQeQTZbO777elv-Xqnu-wQi0gEaf6Jg/7a60337a6d0e9072/ Frame CD52 |
11 KB 9 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| _cf_chl_opt function| __cf_md5 function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| SHA256 function| _cf_chl_turnstile_l function| sendRequest object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded object| _ undefined| _cf_gcr2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ums.koreanair.com/ | Name: AWSALB Value: eF3Ga03WTsceN/FfvKQvJiFMgSVjzNT3sfZfe1XwYZn05kVvoWS/iM/gLJjBImUJWmoTQ8JPVbV0G3KjYGqWI48biWpm9c5kUppvSGdvW5HE08BF+HUBOrOnUX+C |
|
ums.koreanair.com/ | Name: AWSALBCORS Value: eF3Ga03WTsceN/FfvKQvJiFMgSVjzNT3sfZfe1XwYZn05kVvoWS/iM/gLJjBImUJWmoTQ8JPVbV0G3KjYGqWI48biWpm9c5kUppvSGdvW5HE08BF+HUBOrOnUX+C |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
b5vdb0xmyw7q.ases.za.com
challenges.cloudflare.com
ct8hs.canksru.ru
ums.koreanair.com
13.125.189.152
2606:4700:20::ac43:4b52
2606:4700::6812:6b9
45.8.124.5
0584b97302a26a6e24227ed3e5f202423d1d58d8786bcea07c66b633b26bb9bb
0a8fd792db45f6d5c2f3bb383b931fbdc61b483d2d9be455d62e11a4357f93e5
0d0f7726cb39be1be4d85a214dc34a5c0ae4ec911debcc44417acb43ac79745c
37ead9644e975b18d2f90ab33236aef1f6246bc39f19f420cc48bf574f75c8dd
3948f26093d491b601dca59b90922a2a04570b2fa478b9bf5fb91f9ba71265c2
39e1fd90198e994de08c2cf9c4a82008a4e191b440fc02c07e3ccda1e0708cb1
613b612053d8ddff9e31aedd075faa01a8cb9e5f5498dacb849fefe1e8676e8e
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7167b820eba7bb765328a36bd2bfd411f0dd789f485f5c99490355eb4c5fbb7f
7539ed04b5ec1a5726e3c32bb8d3e2494953d98fa58f75a5211ab38d9bee37ca
9ae031714f963a15f6a2a0d967c0e57d0d33b2e7a6dde216f081814a4a441a3a
dd9e3b3a111f03e00de451069ae592f121915a0c50b6e1feaad998a0fc8271fe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f031cd219115ce8cd453a7cc8179e2f7cbf4ad46702260b55787fa96b108d681