urlscan.io logo urlscan.io
SecurityTrails logo

8jzfh6.2ndsty.ru Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://rollins-mkt-prod1.campaign.adobe.com/rln/getImage.jssp?m=ebe0a673-b585-4d5f-8b02-173d6da0ca15&e=boss&l=brandlogo&i=https%3A%2F%2Fbena...
Effective URL: https://8jzfh6.2ndsty.ru/Maugustm@sutterhealth.org
Submission: On June 01 via manual — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is 8jzfh6.2ndsty.ru.
TLS certificate: Issued by GTS CA 2P2 on May 18th 2023. Valid for: 3 months.
This is the only time 8jzfh6.2ndsty.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.215.187.240 16509 (AMAZON-02)
1 2a01:7e00::f0... 63949 (AKAMAI-LI...)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
13 4
Apex Domain
Subdomains		 Transfer
7 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5457
221 KB
4 2ndsty.ru
8jzfh6.2ndsty.ru
64 KB
1 benaquica.com
benaquica.com
508 B
1 adobe.com
rollins-mkt-prod1.campaign.adobe.com — Cisco Umbrella Rank: 583501
460 B
13 4
Domain Requested by
7 challenges.cloudflare.com 8jzfh6.2ndsty.ru
challenges.cloudflare.com
4 8jzfh6.2ndsty.ru 8jzfh6.2ndsty.ru
1 benaquica.com
1 rollins-mkt-prod1.campaign.adobe.com 1 redirects
13 4

This site contains no links.

Subject Issuer Validity Valid
benaquica.com
R3		 2023-04-23 -
2023-07-22		 3 months crt.sh
2ndsty.ru
GTS CA 2P2		 2023-05-18 -
2023-08-16		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://8jzfh6.2ndsty.ru/Maugustm@sutterhealth.org
Frame ID: 5CD83A9785B3C8DF77EBA83381EB7E6F
Requests: 6 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/heard/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: E412E26338D7F8698D95145EAF9A59EE
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading...

Page Statistics

13
Requests

92 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

286 kB
Transfer

560 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://rollins-mkt-prod1.campaign.adobe.com/rln/getImage.jssp?m=ebe0a673-b585-4d5f-8b02-173d6da0ca15&e=boss&l=brandlogo&i=https%3A%2F%2Fbenaquica.com%2Fproject%2FW9%2F0tbotu%2F%2F%2F%2FYXVndXN0bUBzdXR0ZXJoZWFsdGgub3Jn HTTP 302
  • https://benaquica.com/project/W9/0tbotu////YXVndXN0bUBzdXR0ZXJoZWFsdGgub3Jn

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
YXVndXN0bUBzdXR0ZXJoZWFsdGgub3Jn
benaquica.com/project/W9/0tbotu////
Redirect Chain
  • https://rollins-mkt-prod1.campaign.adobe.com/rln/getImage.jssp?m=ebe0a673-b585-4d5f-8b02-173d6da0ca15&e=boss&l=brandlogo&i=https%3A%2F%2Fbenaquica.com%2Fproject%2FW9%2F0tbotu%2F%2F%2F%2FYXVndXN0bUB...
  • https://benaquica.com/project/W9/0tbotu////YXVndXN0bUBzdXR0ZXJoZWFsdGgub3Jn
0
508 B 		Document
General
Check archive.org
Download Go to
Full URL
https://benaquica.com/project/W9/0tbotu////YXVndXN0bUBzdXR0ZXJoZWFsdGgub3Jn
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00::f03c:91ff:fe02:c7c London, United Kingdom, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
DomaiNesia /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
br
content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
content-type
text/html; charset=UTF-8
date
Thu, 01 Jun 2023 03:44:31 GMT
dn-request-id
bfd529abdfeb5e986c057a778c140783
dynamic-cache-status
MISS
referrer-policy
strict-origin-when-cross-origin
refresh
0;url=https://8jzfh6.2ndsty.ru/Maugustm@sutterhealth.org
server
DomaiNesia
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-page-speed
DomaiNesia
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
no-cache
Connection
keep-alive, Keep-Alive
Content-Type
text/plain; charset=iso-8859-1
Content-length
0
Date
Thu, 01 Jun 2023 03:44:30 GMT
Expires
Thu, 01 Jun 2023 03:44:30 GMT
Keep-Alive
timeout=5, max=100
Location
https://benaquica.com/project/W9/0tbotu////YXVndXN0bUBzdXR0ZXJoZWFsdGgub3Jn
Pragma
no-cache
Server
Apache
X-Robots-Tag
noindex
X-UA-Compatible
IE=edge
X-XSS-Protection
1; mode=block
Primary Request Maugustm@sutterhealth.org
8jzfh6.2ndsty.ru/ 		8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8jzfh6.2ndsty.ru/Maugustm@sutterhealth.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3b8c52d69ea904fb71d9c588e047d0f7dec4e088db835e2018a2b9552fb3c68
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://benaquica.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7d047564e8fa9213-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Thu, 01 Jun 2023 03:44:31 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqoM6Bvyh4RvKpTmRjvLBOkGoDcNiA4RAOYE1TtU24W2DIdfV%2FCyqKRROi4ifOAoLVbSda%2Feutzmvdm%2BIS0PSwUmGmgr57Tqmzvvy42YkpMLrCwIiblnotslCWFx0jL9XrtTNBMyDeREUViqFNaO"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
v1
8jzfh6.2ndsty.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ 		148 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://8jzfh6.2ndsty.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7d047564e8fa9213
Requested by
Host: 8jzfh6.2ndsty.ru
URL: https://8jzfh6.2ndsty.ru/Maugustm@sutterhealth.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5927160ee88a58921ec51abdc54b9160a3fa3a1b4ca417bb6431b29df18a9312

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8jzfh6.2ndsty.ru/Maugustm@sutterhealth.org?__cf_chl_rt_tk=EROpZyo6dTvSVh6PdyCdzxLYtUACbBYFNxHj5WB5YPs-1685591071-0-gaNycGzNC9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 03:44:31 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V45kE%2F1XQyBaRanpe4%2FhjlJEYf7bGJ%2BlEUVRwmILVw2vUIBsw8u7vrYIuyQ7OgZ29XkOORSDq8cApEUCLxsm9Ki%2FUEYloJTH5rE%2Fd%2FzcNuy0LMpnx0uLAMUzqGxLepw%2FIPb1IxG8fxrdmYu5iAej"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7d047565492a9213-FRA
alt-svc
h3=":443"; ma=86400
transparent.gif
8jzfh6.2ndsty.ru/cdn-cgi/images/trace/managed/js/ 		42 B
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://8jzfh6.2ndsty.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7d047564e8fa9213
Requested by
Host: 8jzfh6.2ndsty.ru
URL: https://8jzfh6.2ndsty.ru/Maugustm@sutterhealth.org?__cf_chl_rt_tk=EROpZyo6dTvSVh6PdyCdzxLYtUACbBYFNxHj5WB5YPs-1685591071-0-gaNycGzNC9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8jzfh6.2ndsty.ru/Maugustm@sutterhealth.org?__cf_chl_rt_tk=EROpZyo6dTvSVh6PdyCdzxLYtUACbBYFNxHj5WB5YPs-1685591071-0-gaNycGzNC9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 03:44:31 GMT
x-content-type-options
nosniff
last-modified
Thu, 25 May 2023 08:39:03 GMT
server
cloudflare
etag
"646f1ea7-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7d047565492c9213-FRA
content-length
42
expires
Thu, 01 Jun 2023 05:44:31 GMT
api.js
challenges.cloudflare.com/turnstile/v0/b/938e2b5c/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: 8jzfh6.2ndsty.ru
URL: https://8jzfh6.2ndsty.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7d047564e8fa9213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e1e45b1d429b2d703676139932fe97b7ffc7986e6d0221653a7404e4c3032f0

Request headers

Referer
Origin
https://8jzfh6.2ndsty.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 03:44:31 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7d047565a926907c-FRA
alt-svc
h3=":443"; ma=86400
6ac0f6b3a54874b
8jzfh6.2ndsty.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1521128764:1685589808:QoqGab7m5aGmwrw5vsTq1fvbg1IE1JTRpUe00hpA9sg/7d047564e8fa9213/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://8jzfh6.2ndsty.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1521128764:1685589808:QoqGab7m5aGmwrw5vsTq1fvbg1IE1JTRpUe00hpA9sg/7d047564e8fa9213/6ac0f6b3a54874b
Requested by
Host: 8jzfh6.2ndsty.ru
URL: https://8jzfh6.2ndsty.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7d047564e8fa9213
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5da2c2dc35cd36150b9f6ede09ba215300bb152692b44cbede79b053b48ed80

Request headers

Referer
https://8jzfh6.2ndsty.ru/Maugustm@sutterhealth.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
CF-Challenge
6ac0f6b3a54874b
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 01 Jun 2023 03:44:31 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEU1%2FJvabN66q%2BW42oQcYllh6ZhI%2ByBVyUA0TjNeRalke%2F8FLeqersvWADcSY77pJYROM%2BOidKHqFhHujPwbbRgBpsiQhEZCBGxKW9qWdn%2BeQRMm3v7xYqWZT%2ByxtZyLdjVtJYqDY4Tk8RYDtf43"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7d0475663ddc36dd-FRA
alt-svc
h3=":443"; ma=86400
cf-chl-gen
GZ2U2iMv6M32RdYl09GiZnLxBDIYrLwb+2lwkVkYfnHzitxcXI5jRL9h/s3lsJUy$RGTpWobVIAYtjNAhk0EneA==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/heard/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame E412 		24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/heard/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9273ba43b05d1eccf58c4697f1897f5ba60bb0337a9480fcd29e9cdfeea66ee5
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7d0475668c8e1ca9-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 01 Jun 2023 03:44:31 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame E412 		160 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7d0475668c8e1ca9
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/heard/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc721827b070cf0cafea9e7b01ab6227380722eefd8e04af44bd8ed575586ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/heard/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 03:44:31 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7d047566ecc81ca9-FRA
alt-svc
h3=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
1da361e962edcef
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1852454241:1685589928:MMP0h2a-JES0zx0_fNuIG_FuMU00t5GJJbnIAan2f3k/7d0475668c8e1ca9/ Frame E412 		186 KB
140 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1852454241:1685589928:MMP0h2a-JES0zx0_fNuIG_FuMU00t5GJJbnIAan2f3k/7d0475668c8e1ca9/1da361e962edcef
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7d0475668c8e1ca9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76c7abca152b69c6028aa28ad2b0d24b7139e4b27b979a710020404178e7c750

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/heard/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
CF-Challenge
1da361e962edcef
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
StqkKXFWula+iKmwL66V/52S5sVYIogoSgzrgjG739C6INDHjQZTY7Kltjqs41t9ixXcpVV0xnbBL3l6J9UuqFKCu86Y0uaxg6h8rxCbDj72+O3M8oR7HOWhGV/UVgGELsQ7lX/R8uepUz6TAhb37fJ75CkT8Nj1IXPiEmM90LWP7CV8JB344SgPh8lOkRMckel5z7N6E4/2KPthgBYb/ebTJiN8wBmdTTbPF/yka2x5VOuYclBNKSeCiy8c6g02tzbY8BONkvQkgzTix8WjH02i4iH0wbOD/FvwsVjx/SbEgzFMyJVv+H+DfFiMCv5wZdblpmXMdSrRB3vO2IFahf0lzLKKSk2XbxhkmQwBp6n8sHPbW99JdQynGC6JKGlH9eNKCR38OOzMzmcQttC45d6aVtpUHLRFgr+ngqYK0neGk1UuxGc/bhTJ3iOnODHMnYVGHB+vMHtm6I3XC8C05yrZfWS7V99QjTnhuQVmFnQb0z7vSX2LNleHzGqvUIDY$dkr9ILg82QbOfTyWH+QIwQ==
date
Thu, 01 Jun 2023 03:44:32 GMT
content-encoding
br
server
cloudflare
cf-ray
7d047567dd801ca9-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
Ad3TD6a_jWTR8D-
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7d0475668c8e1ca9/1685591071991/ Frame E412 		61 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7d0475668c8e1ca9/1685591071991/Ad3TD6a_jWTR8D-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
febc45a34e526a1438353990b23e48d2452c85900cd5f6ed49e33caf7ca3a2c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/heard/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 03:44:33 GMT
server
cloudflare
cf-ray
7d0475719e351ca9-FRA
alt-svc
h3=":443"; ma=86400
content-type
image/png
OFvBvU7gSVP65wc
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7d0475668c8e1ca9/1685591071992/64896d6e23383a018ac0376105f2aeeabb11820674a9db78913737e74d2aeb1f/ Frame E412 		1 B
629 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7d0475668c8e1ca9/1685591071992/64896d6e23383a018ac0376105f2aeeabb11820674a9db78913737e74d2aeb1f/OFvBvU7gSVP65wc
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7d0475668c8e1ca9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/heard/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Thu, 01 Jun 2023 03:44:33 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gZIltbiM4OgGKwDdhBfKu6rsRggZ0qdt4kTc3500q6x8AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA2QmmahoTCdzzWU_cjTkt9rzQkK7r0JRDfy3Ug31wK-hp3n5Nlkur9cyfSmGhvETNfzP7DjBWLuFe3BGfCvaMn-2I8epeGGFpx57OKWenWkS0ozAVw8pZwpCGNdPD2eeeWcC63BypcwUcZnnJKohILWHt5HcJ6e71kKJNsOrcX9gfLt3ZesHAVwc1uJomYnRcvyLUtAXgg8B8n-H2X664Z3WqgUtqA8ZprXuyXHIjXxHORfViPZWU-y48WLmCWq4SgzW8OJH-fB8OU4naRCAme2w1bQV7r8xfE0uHuhhsMqoI6A_Q-BHk2mkZDHYaScQrq-E1vjk9ZMN1gVzfLYDHgwIDAQAB, max-age=20
server
cloudflare
cf-ray
7d047571be561ca9-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
0b1d6214-3e52-479c-92a2-5853a56353e4
https://challenges.cloudflare.com/ Frame E412 		656 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/0b1d6214-3e52-479c-92a2-5853a56353e4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/heard/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Length
656
Content-Type
text/javascript
1da361e962edcef
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1852454241:1685589928:MMP0h2a-JES0zx0_fNuIG_FuMU00t5GJJbnIAan2f3k/7d0475668c8e1ca9/ Frame E412 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1852454241:1685589928:MMP0h2a-JES0zx0_fNuIG_FuMU00t5GJJbnIAan2f3k/7d0475668c8e1ca9/1da361e962edcef
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7d0475668c8e1ca9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6595d947c20f8b41b310f3114e721e056c407481a8649235e73818a43a0481b0

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/heard/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
CF-Challenge
1da361e962edcef
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
/qkiXyQz/vNzI845SmN14szc6Hu5Obzg3zldolQeYDPojmNmD2gv0BgUBQpViph7$lSHPJGctOHUTWoSmbzDzrg==
date
Thu, 01 Jun 2023 03:44:33 GMT
content-encoding
br
server
cloudflare
cf-ray
7d0475736fea1ca9-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| _cf_chl_opt function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| _cf_chl_turnstile_l function| sendRequest function| tToIleWuPq function| SHA256 object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded

0 Cookies

4 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://8jzfh6.2ndsty.ru/Maugustm@sutterhealth.org
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7d0475668c8e1ca9/1685591071992/64896d6e23383a018ac0376105f2aeeabb11820674a9db78913737e74d2aeb1f/OFvBvU7gSVP65wc
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block