urlscan.io logo urlscan.io
SecurityTrails logo

ct8hs.canksru.ru Open in urlscan Pro
2606:4700:20::681a:76a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://go.onelink.me/107872968?pid=InProduct&c=Global_Internal_YGrowth_AndroidEmailSig__AndroidUsers&af_wl=ym&af_sub1...
Effective URL: https://ct8hs.canksru.ru/Mmrmazza@precisionaero.com
Submission Tags: falconsandbox
Submission: On March 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 15 HTTP transactions. The main IP is 2606:4700:20::681a:76a, located in United States and belongs to CLOUDFLARENET, US. The main domain is ct8hs.canksru.ru.
TLS certificate: Issued by GTS CA 1P5 on March 1st 2023. Valid for: 3 months.
This is the only time ct8hs.canksru.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2.19.126.197 20940 (AKAMAI-ASN1)
1 216.10.251.96 394695 (PUBLIC-DO...)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
15 3
Apex Domain
Subdomains		 Transfer
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5237
128 KB
7 canksru.ru
ct8hs.canksru.ru
120 KB
1 za.com
d4cg76z6tvwi.e5isalate.za.com
766 B
1 onelink.me
go.onelink.me — Cisco Umbrella Rank: 50686
491 B
15 4
Domain Requested by
8 challenges.cloudflare.com 1 redirects ct8hs.canksru.ru
challenges.cloudflare.com
d4cg76z6tvwi.e5isalate.za.com
7 ct8hs.canksru.ru d4cg76z6tvwi.e5isalate.za.com
ct8hs.canksru.ru
1 d4cg76z6tvwi.e5isalate.za.com
1 go.onelink.me 1 redirects
15 4

This site contains no links.

Subject Issuer Validity Valid
*.canksru.ru
GTS CA 1P5		 2023-03-01 -
2023-05-30		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://ct8hs.canksru.ru/Mmrmazza@precisionaero.com
Frame ID: 8A97FEEE62828D6DA4C7B05F4F6DA26B
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/7bk2m/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 48E05C152CCFB775E342EB0B1AB91E41
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading...

Page URL History Show full URLs

  1. http://go.onelink.me/107872968?pid=InProduct&c=Global_Internal_YGrowth_AndroidEmailSig__AndroidUs... HTTP 301
    http://d4cg76z6tvwi.e5isalate.za.com/?qw=mrmazza@precisionaero.com&pid=InProduct&c=Global_Internal_YGrowth_Androi... Page URL
  2. https://ct8hs.canksru.ru/Mmrmazza@precisionaero.com Page URL

Page Statistics

15
Requests

87 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

249 kB
Transfer

560 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://go.onelink.me/107872968?pid=InProduct&c=Global_Internal_YGrowth_AndroidEmailSig__AndroidUsers&af_wl=ym&af_sub1=Internal&af_sub2=Global_YGrowth&af_sub3=EmailSignature&af_web_dp=http%3A%2F%2Fd4cg76z6tVWi.e5isalate.za.com%2F%3Fqw%3Dmrmazza%40precisionaero.com HTTP 301
    http://d4cg76z6tvwi.e5isalate.za.com/?qw=mrmazza@precisionaero.com&pid=InProduct&c=Global_Internal_YGrowth_AndroidEmailSig__AndroidUsers&af_wl=ym&af_sub1=Internal&af_sub2=Global_YGrowth&af_sub3=EmailSignature Page URL
  2. https://ct8hs.canksru.ru/Mmrmazza@precisionaero.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://go.onelink.me/107872968?pid=InProduct&c=Global_Internal_YGrowth_AndroidEmailSig__AndroidUsers&af_wl=ym&af_sub1=Internal&af_sub2=Global_YGrowth&af_sub3=EmailSignature&af_web_dp=http%3A%2F%2Fd4cg76z6tVWi.e5isalate.za.com%2F%3Fqw%3Dmrmazza%40precisionaero.com HTTP 301
  • http://d4cg76z6tvwi.e5isalate.za.com/?qw=mrmazza@precisionaero.com&pid=InProduct&c=Global_Internal_YGrowth_AndroidEmailSig__AndroidUsers&af_wl=ym&af_sub1=Internal&af_sub2=Global_YGrowth&af_sub3=EmailSignature
Request Chain 3
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/db880165/api.js?onload=_cf_chl_turnstile_l&render=explicit

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
d4cg76z6tvwi.e5isalate.za.com/
Redirect Chain
  • http://go.onelink.me/107872968?pid=InProduct&c=Global_Internal_YGrowth_AndroidEmailSig__AndroidUsers&af_wl=ym&af_sub1=Internal&af_sub2=Global_YGrowth&af_sub3=EmailSignature&af_web_dp=http%3A%2F%2Fd...
  • http://d4cg76z6tvwi.e5isalate.za.com/?qw=mrmazza@precisionaero.com&pid=InProduct&c=Global_Internal_YGrowth_AndroidEmailSig__AndroidUsers&af_wl=ym&af_sub1=Internal&af_sub2=Global_YGrowth&af_sub3=Ema...
558 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
http://d4cg76z6tvwi.e5isalate.za.com/?qw=mrmazza@precisionaero.com&pid=InProduct&c=Global_Internal_YGrowth_AndroidEmailSig__AndroidUsers&af_wl=ym&af_sub1=Internal&af_sub2=Global_YGrowth&af_sub3=EmailSignature
Protocol
HTTP/1.1
Server
216.10.251.96 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS
216-10-251-96.webhostbox.net
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Mar 2023 06:27:35 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
Date
Fri, 17 Mar 2023 06:27:33 GMT
Location
http://d4cg76z6tVWi.e5isalate.za.com/?qw=mrmazza@precisionaero.com&pid=InProduct&c=Global_Internal_YGrowth_AndroidEmailSig__AndroidUsers&af_wl=ym&af_sub1=Internal&af_sub2=Global_YGrowth&af_sub3=EmailSignature
Server
http-kit
Strict-Transport-Security
max-age=31536000; includeSubDomains
Primary Request Mmrmazza@precisionaero.com
ct8hs.canksru.ru/ 		7 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ct8hs.canksru.ru/Mmrmazza@precisionaero.com
Requested by
Host: d4cg76z6tvwi.e5isalate.za.com
URL: http://d4cg76z6tvwi.e5isalate.za.com/?qw=mrmazza@precisionaero.com&pid=InProduct&c=Global_Internal_YGrowth_AndroidEmailSig__AndroidUsers&af_wl=ym&af_sub1=Internal&af_sub2=Global_YGrowth&af_sub3=EmailSignature
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:76a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ead2346091c109e722391d7dca765092cdd9785c4e13217cf549d8848e39a6a4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://d4cg76z6tvwi.e5isalate.za.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7a932bc45aa737d8-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 17 Mar 2023 06:27:35 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PzXJ2MsikaDnWpYQsKN6avtVCTqHvYAxPVpQmPYAcco4X7wPhfLO%2FyGf5j%2BIe5SFgnoXmHSFinpZoF2BxgmET2x4wzx%2BlBWbS1MDxWsi5GyVOSi0pGfeZgD%2BeMVbf03GZXwObce1XUe0y3rDhm8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
v1
ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ 		150 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7a932bc45aa737d8
Requested by
Host: ct8hs.canksru.ru
URL: https://ct8hs.canksru.ru/Mmrmazza@precisionaero.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:76a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a719ae18739a8b36b321c5abfc1aaceb15fc5e6ec827b4e6e76339e2de21db4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ct8hs.canksru.ru/Mmrmazza@precisionaero.com?__cf_chl_rt_tk=P21.dC0x2el8oX.7jalmlLnYqAAZNOeeHyxZSXXKn0w-1679034455-0-gaNycGzNCiU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 06:27:35 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSRKdSMDBa015GN2rAmYJ%2FiOcjMrdK0BPypGsLLTLM3qPLeTIDaDwZs5mDneqFCXxXbnvV3JGaYEwoW%2ForuKGe%2F9CdGFvT7ERVSSgX9Bjd43w5tLxT497n51R3QwOdDhrnrAYE8x9po7MZl%2B1c8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7a932bc4bb0737d8-FRA
transparent.gif
ct8hs.canksru.ru/cdn-cgi/images/trace/managed/js/ 		42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct8hs.canksru.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7a932bc45aa737d8
Requested by
Host: ct8hs.canksru.ru
URL: https://ct8hs.canksru.ru/Mmrmazza@precisionaero.com?__cf_chl_rt_tk=P21.dC0x2el8oX.7jalmlLnYqAAZNOeeHyxZSXXKn0w-1679034455-0-gaNycGzNCiU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:76a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ct8hs.canksru.ru/Mmrmazza@precisionaero.com?__cf_chl_rt_tk=P21.dC0x2el8oX.7jalmlLnYqAAZNOeeHyxZSXXKn0w-1679034455-0-gaNycGzNCiU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 06:27:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Mar 2023 22:56:11 GMT
server
cloudflare
etag
"6407c10b-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7a932bc4bb0937d8-FRA
content-length
42
expires
Fri, 17 Mar 2023 08:27:35 GMT
api.js
challenges.cloudflare.com/turnstile/v0/g/db880165/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/g/db880165/api.js?onload=_cf_chl_turnstile_l&render=explicit
14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/db880165/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: ct8hs.canksru.ru
URL: https://ct8hs.canksru.ru/Mmrmazza@precisionaero.com
Protocol
H2
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d395cc53363e6e22c75f73de0d4de7355ed844b65b8f0d149664ec06facd2d8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 06:27:35 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7a932bc55c8735df-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Fri, 17 Mar 2023 06:27:35 GMT
server
cloudflare
vary
accept-encoding
location
/turnstile/v0/g/db880165/api.js?onload=_cf_chl_turnstile_l&render=explicit
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7a932bc53c7435df-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
c2b4a9f433dcff3
ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1064397376:1679033474:HMDtKx_deCTLn6yFp4ARnU8vnvMXSx_0l3uvfOSI8W0/7a932bc45aa737d8/ 		98 KB
55 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1064397376:1679033474:HMDtKx_deCTLn6yFp4ARnU8vnvMXSx_0l3uvfOSI8W0/7a932bc45aa737d8/c2b4a9f433dcff3
Requested by
Host: ct8hs.canksru.ru
URL: https://ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7a932bc45aa737d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:76a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94db9a9595cf06f030be586e810030f31cf75a8d9ad6a95c3c507da6e162b933

Request headers

Referer
https://ct8hs.canksru.ru/Mmrmazza@precisionaero.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge
c2b4a9f433dcff3
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Mar 2023 06:27:35 GMT
content-encoding
br
cf_chl_gen
W38+20CrcvVyB470Eb3SfneWOzG7pRyOyZN7b9KXjYN/8Ykz5syg6jbMMhQK1PxvXw9DhoovG9mEaWcuVolcPEidJBOTS6t5t8BY5k1NJC3YwN5Xqnj1cwSosfZJrb6ZbAw1YM8hebMblVAiUJfkav8m7VLLhtOLgFDZ54/SdUdUHFUW2BKuiiP4OXjVOQk9L57stMhNzLrHGAT0GPmG3y9Lc15/S9jC3Ex/N0Gi+C826VcS0UFhgwg2EN1lCbYWb+Fm9dn1SURvxydtEHapg3dezxt852WRVJzf0ujHBmFs/CQ0c9TXMVYMbqKNmkqs215jQiKp8iXlt7br757baqaPf4ZSJlYneFX+F88qIdk=$8h/jxCbc71DiT/odwcQt/g==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zS3U6lwkpH%2BGViF8680AdkQ78nRtbsnWKG%2Fr28O3Dp5M0QDNmAjDreVxvstPI8GTfi8Ogc7%2FLszgXNQQIhRt4ywwZq5xDotG1o2xedqQFuEu5NOAMMsE67W1Al9Awn9xwDOs%2Bl%2BQy45qupe%2B%2BLM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7a932bc5bc2837d8-FRA
vECFcOJq3qt75xr
ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/g/pat/7a932bc45aa737d8/1679034455963/02ccb034846e05294942f12204e347ab068a2c5cd81c7ce0a2e3f60f040cd2b9/ 		1 B
799 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/g/pat/7a932bc45aa737d8/1679034455963/02ccb034846e05294942f12204e347ab068a2c5cd81c7ce0a2e3f60f040cd2b9/vECFcOJq3qt75xr
Requested by
Host: d4cg76z6tvwi.e5isalate.za.com
URL: http://d4cg76z6tvwi.e5isalate.za.com/?qw=mrmazza@precisionaero.com&pid=InProduct&c=Global_Internal_YGrowth_AndroidEmailSig__AndroidUsers&af_wl=ym&af_sub1=Internal&af_sub2=Global_YGrowth&af_sub3=EmailSignature
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:76a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ct8hs.canksru.ru/Mmrmazza@precisionaero.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 06:27:36 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gAsywNIRuBSlJQvEiBONHqwaKLFzYHHzgouP2DwQM0rkAEGN0OGhzLmNhbmtzcnUucnU=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtK0fk8UgMasGK5V3T5wY7a3bUfa1Tk6cfuSReEDBgmTTk9fqUKZ-Ggt5F9FJ1uwqd0HYxixLl_RWXjBIvYJnQjOCdgocx_dtJX0HUsbnXCfqiYpIeSJFIKo1OEB2qE6Mo-yf5bNei97DT30-L3tp35JZNiva27hJ33lDc2DpBThSZJkQZOEUC0eIGteS9GpzKKOgBXDnY5uLmewDUWxRf75KVl_4xp4DYxyd6UHynCTcPH5J0UDGeGdnEK-l2On9Kao1M5xzKjKwaqHnc1XEcYw_43MSrFs8wlezfFYJE7k6y2acgGfGHmI9KKCy8EuyXzknUdo8saMec8jSdaf0rQIDAQAB, max-age=20
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7a932bc63caf37d8-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWTCXYQu15UhFGv27%2FxVO1cJ0dmFyECWTLCoTIpqWv7WGIi%2BRJKI%2BK6TKmZ4dWoVBzeBH5dCHFPfivD2wEWa9SrVXahoVqm4Yv7mUDkm47q6%2FaRHm5LeZ82aaAITTJJ%2FEKEA%2Fz1TNahaKpu1W3E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
KqlO-489VfMYrVg
ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/g/img/7a932bc45aa737d8/1679034455968/ 		61 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/g/img/7a932bc45aa737d8/1679034455968/KqlO-489VfMYrVg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:76a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32f9c06ff63c2191ce922afe88dd3f7397a9dc49a4779b42c13167bee760cdef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ct8hs.canksru.ru/Mmrmazza@precisionaero.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 06:27:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7a932bce2e2037d8-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7bn1KyQPxCDdwEcCkV8sMwkjA7Qw0EoDrh8qYEqHKgoZi1cVY9CnvfzbcZ06Xdio4ivy%2Fc%2FeJR7qCy9%2BQbaeqtMiWwyrIa%2FkAZVL8s0ThgKkuJKR%2FL%2BCjVTqWstVnko6rCQhKh0xMEOZB1JL1E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
c2b4a9f433dcff3
ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1064397376:1679033474:HMDtKx_deCTLn6yFp4ARnU8vnvMXSx_0l3uvfOSI8W0/7a932bc45aa737d8/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/1064397376:1679033474:HMDtKx_deCTLn6yFp4ARnU8vnvMXSx_0l3uvfOSI8W0/7a932bc45aa737d8/c2b4a9f433dcff3
Requested by
Host: ct8hs.canksru.ru
URL: https://ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7a932bc45aa737d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:76a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90aaa5b7bf6615e02d8714622b53e56853ed6b8a818fbfaf9732cc2760f47133

Request headers

Referer
https://ct8hs.canksru.ru/Mmrmazza@precisionaero.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge
c2b4a9f433dcff3
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Mar 2023 06:27:37 GMT
content-encoding
br
cf_chl_gen
PF03Q4xCzuN67rgaVRTeGLvTFvxFAf5V73vje2R4KT1Sn+Mgy8jf8ZssSOS8+DIL$4ALxTZMPlDHxJlSoVDSVdQ==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3CIx%2FCYSv2RadWmYugi9xUp2IK5CcxBoXwISKUftgwKmo%2BkoHx2Pzquv5%2FbOV4J57J00V4mFy7jxrkzL%2B%2BNmUlZZ1l%2BmUYeI7Qj0BYprTPDpDH2sZBUTf%2FYcz4WCGPDEM38NuoweQBPokSZPjM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7a932bcf6f9037d8-FRA
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/7bk2m/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 48E0 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/7bk2m/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e88d4cc01508dde735cde51b85c43e0bae067d4b38eedc0578e3cda9a07b5a41

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7a932bcfea8dbbb5-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 17 Mar 2023 06:27:37 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 48E0 		150 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7a932bcfea8dbbb5
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/7bk2m/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a397c32e86a7c3cdee5c1e1b39b4a9584ebb3553e71def90c8760cb59dc4e0f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/7bk2m/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 06:27:37 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7a932bd0ec1dbbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
9779d46cbf890a8
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1494655241:1679033349:Aify3wHK30et0ZrU-Htotv0CSs50GkDuvGTb3Bf0hrY/7a932bcfea8dbbb5/ Frame 48E0 		103 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1494655241:1679033349:Aify3wHK30et0ZrU-Htotv0CSs50GkDuvGTb3Bf0hrY/7a932bcfea8dbbb5/9779d46cbf890a8
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7a932bcfea8dbbb5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b9af06b8b42ed59598c9992153f1d7ab2e52fde0eeed72b48c8c76aa71d2a1e

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/7bk2m/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge
9779d46cbf890a8
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Mar 2023 06:27:37 GMT
content-encoding
br
cf_chl_gen
Y/jI46G+e2FrClH4PfnsjLQs/ne+w/YSNa74THVlSfYqC6EqJdLT/wTfCN87uzzJbca1xW+iR1VZoxz63a2VfyUJKQv0AC0zW1whS1fRrNmisOKOAFigS89Rv3aeNLX3AwwBVGU0/8oanIgoayug0h5yp4MdoRiLpQbLFSdDZbQwc+9zyIAwLFVChEeYo2swL3zoF1ohWxAuVeYaXqA71SXznZqB9xEvPY4y7ic61Rwvfat8tf68FkK95pAnRtxC/IEqtnSxCVNvoA0ulh1AuVLFVYBorrxFcM78bginKSJhpygWztZtOo8K1ae/9wJnTFNuV+rgJEvlr5EFhTUwqqzr+VA/c70HcFXXabubpLfOXUa9Aad25keyilo1Z2X5$BgjPBTafXB/11ma57OgNxA==
server
cloudflare
cf-ray
7a932bd1fda8bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
iT3oPkQaf5-FbWy
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a932bcfea8dbbb5/1679034457930/9a83efe3636dc341e2be25f47c9c2d60197b8c3d6601a3820c4d42893bec8e74/ Frame 48E0 		1 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a932bcfea8dbbb5/1679034457930/9a83efe3636dc341e2be25f47c9c2d60197b8c3d6601a3820c4d42893bec8e74/iT3oPkQaf5-FbWy
Requested by
Host: d4cg76z6tvwi.e5isalate.za.com
URL: http://d4cg76z6tvwi.e5isalate.za.com/?qw=mrmazza@precisionaero.com&pid=InProduct&c=Global_Internal_YGrowth_AndroidEmailSig__AndroidUsers&af_wl=ym&af_sub1=Internal&af_sub2=Global_YGrowth&af_sub3=EmailSignature
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/7bk2m/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 06:27:39 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gmoPv42Ntw0HiviX0fJwtYBl7jD1mAaOCDE1CiTvsjnQAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAtK0fk8UgMasGK5V3T5wY7a3bUfa1Tk6cfuSReEDBgmTTk9fqUKZ-Ggt5F9FJ1uwqd0HYxixLl_RWXjBIvYJnQjOCdgocx_dtJX0HUsbnXCfqiYpIeSJFIKo1OEB2qE6Mo-yf5bNei97DT30-L3tp35JZNiva27hJ33lDc2DpBThSZJkQZOEUC0eIGteS9GpzKKOgBXDnY5uLmewDUWxRf75KVl_4xp4DYxyd6UHynCTcPH5J0UDGeGdnEK-l2On9Kao1M5xzKjKwaqHnc1XEcYw_43MSrFs8wlezfFYJE7k6y2acgGfGHmI9KKCy8EuyXzknUdo8saMec8jSdaf0rQIDAQAB, max-age=20
server
cloudflare
cf-ray
7a932bd93953bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
sHJPcdCELQhJTy7
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7a932bcfea8dbbb5/1679034457930/ Frame 48E0 		61 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7a932bcfea8dbbb5/1679034457930/sHJPcdCELQhJTy7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11ed69139b89dbac3bbe3fc1c0f861ae79cd8903923b2c836f532a29c44e472e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/7bk2m/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 06:27:39 GMT
server
cloudflare
cf-ray
7a932bd95997bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
9779d46cbf890a8
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1494655241:1679033349:Aify3wHK30et0ZrU-Htotv0CSs50GkDuvGTb3Bf0hrY/7a932bcfea8dbbb5/ Frame 48E0 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1494655241:1679033349:Aify3wHK30et0ZrU-Htotv0CSs50GkDuvGTb3Bf0hrY/7a932bcfea8dbbb5/9779d46cbf890a8
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7a932bcfea8dbbb5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bba6378cc1899a358ca161b1f7091bc195a933d60f073793ed6659ed692f8202

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/7bk2m/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
CF-Challenge
9779d46cbf890a8
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 17 Mar 2023 06:27:39 GMT
content-encoding
br
cf_chl_gen
g4y9eBCbN3ujdxYBJpa9+nO8ZPYqpWEFFmrHyGZcDrNm33HmZb3tNy0xwWbOPBTe$qDRV6OULMxIDI3RugfBXAg==
server
cloudflare
cf-ray
7a932bd9ea70bbb5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _cf_chl_opt function| sendRequest function| SHA256 function| __cf_md5 function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| _cf_chl_turnstile_l object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded object| _ undefined| _cf_gcr

0 Cookies

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://ct8hs.canksru.ru/Mmrmazza@precisionaero.com
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ct8hs.canksru.ru/cdn-cgi/challenge-platform/h/g/pat/7a932bc45aa737d8/1679034455963/02ccb034846e05294942f12204e347ab068a2c5cd81c7ce0a2e3f60f040cd2b9/vECFcOJq3qt75xr
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7a932bcfea8dbbb5/1679034457930/9a83efe3636dc341e2be25f47c9c2d60197b8c3d6601a3820c4d42893bec8e74/iT3oPkQaf5-FbWy
Message:
Failed to load resource: the server responded with a status of 401 ()