6jtlydnwuk64679b2fb6a40.axlstg.ru Open in urlscan Pro
2606:4700:3037::6815:10c0 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://casa.tiscali.it/promo/?u=https%3A%2F%2Fdiscountvideocommercials.com%2Fwp-includes%2Fnow%2Fauth%2F82ihob%2F%2F%2F...
Effective URL:
https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mlemkes@ndu.edu
Submission: On May 22 via manual (May 22nd 2023, 6:52:47 pm UTC) from US — Scanned from IT

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3037::6815:10c0, located in United States and belongs to CLOUDFLARENET, US. The main domain is 6jtlydnwuk64679b2fb6a40.axlstg.ru.
TLS certificate: Issued by GTS CA 1P5 on May 10th 2023. Valid for: 3 months.

This is the only time 6jtlydnwuk64679b2fb6a40.axlstg.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	213.205.32.18 213.205.32.18	8612 (TISCALI-) (TISCALI-)
1	192.129.175.112 192.129.175.112	54290 (HOSTWINDS) (HOSTWINDS)
4	2606:4700:303... 2606:4700:3037::6815:10c0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6812:6b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	3

1 213.205.32.18 (Iglesias, Italy) 1 redirects

ASN8612 (TISCALI-, IT)
PTR: abbonati.tiscali.it

casa.tiscali.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.129.175.112 (United States)

ASN54290 (HOSTWINDS, US)
PTR: discountvideocommercials.com

discountvideocommercials.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::6815:10c0 (United States)

ASN13335 (CLOUDFLARENET, US)

6jtlydnwuk64679b2fb6a40.axlstg.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:6b9 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 6358	181 KB
4	axlstg.ru 6jtlydnwuk64679b2fb6a40.axlstg.ru	65 KB
1	discountvideocommercials.com discountvideocommercials.com	275 B
1	tiscali.it 1 redirects casa.tiscali.it	1 KB
11	4

	Domain	Requested by
6	challenges.cloudflare.com	6jtlydnwuk64679b2fb6a40.axlstg.ru challenges.cloudflare.com
4	6jtlydnwuk64679b2fb6a40.axlstg.ru	6jtlydnwuk64679b2fb6a40.axlstg.ru
1	discountvideocommercials.com
1	casa.tiscali.it	1 redirects
11	4

This site contains no links.

Subject Issuer	Validity	Valid
discountvideocommercials.com R3	`2023-05-17` - `2023-08-15`	3 months	crt.sh
axlstg.ru GTS CA 1P5	`2023-05-10` - `2023-08-08`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mlemkes@ndu.edu
Frame ID: 3FA8A8CB056E133E758B95A76CB5A4EF
Requests: 6 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vn5e7/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 9B6B47F62BFF303F3D21FCCB1800D913
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loading...

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

11
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

246 kB
Transfer

504 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://casa.tiscali.it/promo/?u=https%3A%2F%2Fdiscountvideocommercials.com%2Fwp-includes%2Fnow%2Fauth%2F82ihob%2F%2F%2F%2FbGVta2VzQG5kdS5lZHU= HTTP 302
https://discountvideocommercials.com/wp-includes/now/auth/82ihob////bGVta2VzQG5kdS5lZHU=

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

bGVta2VzQG5kdS5lZHU= Show response
discountvideocommercials.com/wp-includes/now/auth/82ihob////
Redirect Chain

https://casa.tiscali.it/promo/?u=https%3A%2F%2Fdiscountvideocommercials.com%2Fwp-includes%2Fnow%2Fauth%2F82ihob%2F%2F%2F%2FbGVta2VzQG5kdS5lZHU=
https://discountvideocommercials.com/wp-includes/now/auth/82ihob////bGVta2VzQG5kdS5lZHU=

0
275 B

1378ms
273ms

Document
text/html

192.129.175.112
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://discountvideocommercials.com/wp-includes/now/auth/82ihob////bGVta2VzQG5kdS5lZHU=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.129.175.112 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: discountvideocommercials.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 May 2023 18:52:42 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked
refresh: 0;url=https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mlemkes@ndu.edu

Redirect headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 20
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 May 2023 18:52:41 GMT
Keep-Alive: timeout=3, max=100
Location: https://discountvideocommercials.com/wp-includes/now/auth/82ihob////bGVta2VzQG5kdS5lZHU=
Server: Apache
Vary: Accept-Encoding

GET
H2 403 Primary Request Mlemkes@ndu.edu Show response
6jtlydnwuk64679b2fb6a40.axlstg.ru/ 8 KB
5 KB 411ms
134ms Document
text/html 2606:4700:3037::6815:10c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mlemkes@ndu.edu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:10c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4cb3b63fd4348d4ada9286a4df496c79e6cd44aad7132bfaa5cd99911782a50

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://discountvideocommercials.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 7cb7420159a60dfa-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Mon, 22 May 2023 18:52:43 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5NpPcbgxwQj7P8LpnO62GqpG5afcRcli3J%2BIVluM2GMfUnHUAKGDvCeqh0i59T2o8fHnuzxppJo%2FQQy8kn0Py7O9Dzlr4L%2FPqNgJ87rEwMC0mkWl0dtaoO5t9Dhcqs6a8DKPCdFlhpxsT3t%2BiDKa9KLzlBmo7GaeYv2KlogesM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 v1 Show response
6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ 149 KB
53 KB 130ms
129ms Script
application/javascript 2606:4700:3037::6815:10c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cb7420159a60dfa
Requested by: Host: 6jtlydnwuk64679b2fb6a40.axlstg.ru
URL: https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mlemkes@ndu.edu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:10c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc28e61ba21e769aeaafb63e5ef95997155d9f307aa3514412c3d7f9cb985020

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mlemkes@ndu.edu?__cf_chl_rt_tk=bUPFcORVfQbDSq6gAcvhiYjKtBWp9Z.jBIeANeh5Irc-1684781563-0-gaNycGzNC_s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:52:43 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vtczu8WYdwYUIxcSW7pOetZtyUZqV%2Bd9T2G%2BGd0MUtb1xFN%2F3eLvsmhSOafVh7ayu97ioLKwYzPhLZvSZ%2BjOFjk4bSN9PBT2pU5uNYZRu0tq7AC06EvdPkj7lovlEG6byS0WChqL0DplNtxASJK83uqwUbokhRYFgoUTw1Y43WM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 7cb742026b5e0dfa-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 transparent.gif
6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/images/trace/managed/js/ 42 B
220 B 122ms
121ms Image
image/gif 2606:4700:3037::6815:10c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cb7420159a60dfa

Requested by

Host: 6jtlydnwuk64679b2fb6a40.axlstg.ru
URL: https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mlemkes@ndu.edu?__cf_chl_rt_tk=bUPFcORVfQbDSq6gAcvhiYjKtBWp9Z.jBIeANeh5Irc-1684781563-0-gaNycGzNC_s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:10c0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mlemkes@ndu.edu?__cf_chl_rt_tk=bUPFcORVfQbDSq6gAcvhiYjKtBWp9Z.jBIeANeh5Irc-1684781563-0-gaNycGzNC_s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:52:43 GMT
x-content-type-options: nosniff
last-modified: Fri, 19 May 2023 14:44:50 GMT
server: cloudflare
etag: "64678b62-2a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 7cb742026b5f0dfa-MXP
content-length: 42
expires: Mon, 22 May 2023 20:52:43 GMT

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/c2c970c2/ 15 KB
5 KB 77ms
41ms Script
application/javascript 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/c2c970c2/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by: Host: 6jtlydnwuk64679b2fb6a40.axlstg.ru
URL: https://6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cb7420159a60dfa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa767595b0dcf9c5a522b52dc28ffbc1d9481d44246c60e6cb563609bbc3b91c

Request headers

Referer
Origin: https://6jtlydnwuk64679b2fb6a40.axlstg.ru
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:52:43 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7cb74203a82e0d5f-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 00249917231cf89 Show response
6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/246974118:1684778876:G5rgM9y4LPsOLQQYcN3HSpQZVDC-YA4sIVjdW-0eR9A/7cb7420159a60dfa/ 7 KB
6 KB 131ms
131ms XHR
text/plain 2606:4700:3037::6815:10c0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/246974118:1684778876:G5rgM9y4LPsOLQQYcN3HSpQZVDC-YA4sIVjdW-0eR9A/7cb7420159a60dfa/00249917231cf89
Requested by: Host: 6jtlydnwuk64679b2fb6a40.axlstg.ru
URL: https://6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cb7420159a60dfa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:10c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59492b08643ad914ed948c4580ad26c90e9e8e16be13bc185a9b7221a4a46d37

Request headers

Referer: https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mlemkes@ndu.edu
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
CF-Challenge: 00249917231cf89
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 May 2023 18:52:43 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3J6lE8%2BpoWgB0%2B3UHFTtTxvx34AM0ysPT4MSp0soAUo6OOSJX6N3QJAQyihZL7qsHsiAiB16faKYnjhm2u0rbMSNcqD7WTdDsevlq0CvGKXIJ59QFuFB7L%2FRtYdwmZ0%2FH1m%2BepU7gOP2hTUmUbWFtGA4KtzIKKPPMCAcSRNQiQU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7cb74204bc4a0e2b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-chl-gen: 4Hd7xzRUchmkc3bcjhJ4qJhDrNrOfDac8w47EJoL8/6ONWD71oCo7tJ9HhGfWT2V$+w45Dmq0LfdHrr7iT1sezQ==

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vn5e7/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 9B6B 22 KB
7 KB 266ms
145ms Document
text/html 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vn5e7/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/c2c970c2/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 438333ae9e92c57ce0ea2418f27c2679526b3689df747e12046a3a8dfe3e4c3d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7cb742067a9259e9-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 22 May 2023 18:52:43 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 9B6B 155 KB
56 KB 127ms
126ms Script
application/javascript 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cb742067a9259e9
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vn5e7/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b08706e2fadf4245c0169755b4c6935a36b732b28fcc63607d2377f27c8ed924

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vn5e7/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:52:44 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7cb742078c5159e9-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

POST
H3 200 f95246189573eb7 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/714214528:1684778993:-4BYi41r4S-UWWcb4l93YLdAuJ4GS4GF9Ofkravhcjc/7cb742067a9259e9/ Frame 9B6B 147 KB
111 KB 198ms
197ms XHR
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/714214528:1684778993:-4BYi41r4S-UWWcb4l93YLdAuJ4GS4GF9Ofkravhcjc/7cb742067a9259e9/f95246189573eb7
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cb742067a9259e9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01122246c9347257c2ee0a80c09c738b97c71c50ee2178a644423ab7d571f1c0

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vn5e7/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
CF-Challenge: f95246189573eb7
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: 8jvhcNNnIPkO3SN/YrouZFc6fG7OZOOWc733lbUIUW0Rw7UXgo3BgOjPYve+yosnNmPqRR9RMRDux949qhoY7IpJdIYbWU5T88CefaIxL8ODT5qb0fSABrjk/bdfEfWmkGyDaEnOAVx2fdCg4XrDfMtgSN//ZkRtiNo8c8gYO3nM/AVqCUhmDq2kq+Y7BuMqaStYaMVDRZQu02GnLh1fJGhpATtZ1uAg4ExmHMtoI23jDAe1xr9768qxexe4arz3y0z3oosroMSxbpUaLGJQAoctTcRXsFQLTUZXreunsG8zFGWWvHkd9AcNrONGxNp9u8QxWqYr4du8ote1iArQUclbTHe7c0HMWAMLnyVqk9mxZgk71OH+Yj2/lxfLFViAWNbZuvBy50sNCAJpBQ6FydGmgF3bPI1/NL8nWHKNEoA=$INo4R90ETwLliSrlmQVr0w==
date: Mon, 22 May 2023 18:52:44 GMT
content-encoding: br
server: cloudflare
cf-ray: 7cb7420a699259e9-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 401 dyHAI40Nnv_jouI Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7cb742067a9259e9/1684781564559/dec658aaa05c3e6aa4e1a1e4ce7bca16485ac779e2c204f6a8c1b4434b49842e/ Frame 9B6B 1 B
649 B 148ms
148ms Fetch
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7cb742067a9259e9/1684781564559/dec658aaa05c3e6aa4e1a1e4ce7bca16485ac779e2c204f6a8c1b4434b49842e/dyHAI40Nnv_jouI
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cb742067a9259e9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vn5e7/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:52:45 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g3sZYqqBcPmqk4aHkznvKFkhax3niwgT2qMG0Q0tJhC4AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAySgKXvR721O-HwSCp6BF8TeuHicxXGVHXJN4EB8npTqPvHY_3JsFIv19McA1L_Hls3UzYxU0XpOgHKAk34hMPkndSXxOerIbkadB_CcGCGM3mS-MrXbJiPIuFgBG1c4mu9avO3K1PWqsKlOpNbqr3V0u4BiLmYsxv7KoBsqjvx76B8USG1V2-VBOhuDmcIwSxzaawL3Rm_dqQHqe805K_T89EWQFXwEL50CjRQCJvBgvj77mAuVESaB4GPQeDcPqKSlZ4wfa6jcuT9Va-g7stXB7YRLo2TZxdG5n_1yP6-jhXLmQ7q5ijd4DKvWX_BNTIc_g3efHdgEFkfHiizu1qwIDAQAB, max-age=20
server: cloudflare
cf-ray: 7cb7420d7f1f59e9-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 _XwPJeLLGvku-9e
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7cb742067a9259e9/1684781564563/ Frame 9B6B 61 B
166 B 113ms
112ms Image
image/png 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7cb742067a9259e9/1684781564563/_XwPJeLLGvku-9e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd8af29e0201c6262d3fbd40d0e77d6c5fe9d12246fa4bbe94ecee2a57c6487a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vn5e7/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 22 May 2023 18:52:46 GMT
server: cloudflare
cf-ray: 7cb742145a7959e9-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/png

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mlemkes@ndu.edu Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7cb742067a9259e9/1684781564559/dec658aaa05c3e6aa4e1a1e4ce7bca16485ac779e2c204f6a8c1b4434b49842e/dyHAI40Nnv_jouI Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6jtlydnwuk64679b2fb6a40.axlstg.ru
casa.tiscali.it
challenges.cloudflare.com
discountvideocommercials.com
192.129.175.112
213.205.32.18
2606:4700:3037::6815:10c0
2606:4700::6812:6b9
01122246c9347257c2ee0a80c09c738b97c71c50ee2178a644423ab7d571f1c0
438333ae9e92c57ce0ea2418f27c2679526b3689df747e12046a3a8dfe3e4c3d
59492b08643ad914ed948c4580ad26c90e9e8e16be13bc185a9b7221a4a46d37
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
aa767595b0dcf9c5a522b52dc28ffbc1d9481d44246c60e6cb563609bbc3b91c
b08706e2fadf4245c0169755b4c6935a36b732b28fcc63607d2377f27c8ed924
cc28e61ba21e769aeaafb63e5ef95997155d9f307aa3514412c3d7f9cb985020
cd8af29e0201c6262d3fbd40d0e77d6c5fe9d12246fa4bbe94ecee2a57c6487a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4cb3b63fd4348d4ada9286a4df496c79e6cd44aad7132bfaa5cd99911782a50

6jtlydnwuk64679b2fb6a40.axlstg.ru Open in urlscan Pro 2606:4700:3037::6815:10c0 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

246 kBTransfer

504 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

6jtlydnwuk64679b2fb6a40.axlstg.ru Open in urlscan Pro
2606:4700:3037::6815:10c0 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

246 kB
Transfer

504 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions