urlscan.io logo urlscan.io
SecurityTrails logo

6jtlydnwuk64679b2fb6a40.axlstg.ru Open in urlscan Pro
2606:4700:3030::ac43:d790  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://casa.tiscali.it/promo/?u=https%3A%2F%2Fdiscountvideocommercials.com%2Fwp-includes%2Fnow%2Fauth%2F82ihob%2F%2F%2F...
Effective URL: https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mjohn.manning@avanos.com
Submission: On May 22 via manual from IN — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3030::ac43:d790, located in United States and belongs to CLOUDFLARENET, US. The main domain is 6jtlydnwuk64679b2fb6a40.axlstg.ru.
TLS certificate: Issued by GTS CA 1P5 on May 10th 2023. Valid for: 3 months.
This is the only time 6jtlydnwuk64679b2fb6a40.axlstg.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 213.205.32.18 8612 (TISCALI-)
1 192.129.175.112 54290 (HOSTWINDS)
7 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
13 4
Apex Domain
Subdomains		 Transfer
7 axlstg.ru
6jtlydnwuk64679b2fb6a40.axlstg.ru
211 KB
4 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 6358
197 KB
1 discountvideocommercials.com
discountvideocommercials.com
284 B
1 tiscali.it
casa.tiscali.it
1 KB
13 4
Domain Requested by
7 6jtlydnwuk64679b2fb6a40.axlstg.ru 6jtlydnwuk64679b2fb6a40.axlstg.ru
4 challenges.cloudflare.com 6jtlydnwuk64679b2fb6a40.axlstg.ru
challenges.cloudflare.com
1 discountvideocommercials.com
1 casa.tiscali.it 1 redirects
13 4

This site contains no links.

Subject Issuer Validity Valid
discountvideocommercials.com
R3		 2023-05-17 -
2023-08-15		 3 months crt.sh
axlstg.ru
GTS CA 1P5		 2023-05-10 -
2023-08-08		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mjohn.manning@avanos.com
Frame ID: 448F714CF92428F72DD77D94C52AA5A8
Requests: 10 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ilx6i/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 6E145CDF6AD0BBF3DE3CC1987802BD07
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading...

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

13
Requests

92 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

407 kB
Transfer

717 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://casa.tiscali.it/promo/?u=https%3A%2F%2Fdiscountvideocommercials.com%2Fwp-includes%2Fnow%2Fauth%2F82ihob%2F%2F%2F%2Fam9obi5tYW5uaW5nQGF2YW5vcy5jb20= HTTP 302
  • https://discountvideocommercials.com/wp-includes/now/auth/82ihob////am9obi5tYW5uaW5nQGF2YW5vcy5jb20=

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
am9obi5tYW5uaW5nQGF2YW5vcy5jb20=
discountvideocommercials.com/wp-includes/now/auth/82ihob////
Redirect Chain
  • https://casa.tiscali.it/promo/?u=https%3A%2F%2Fdiscountvideocommercials.com%2Fwp-includes%2Fnow%2Fauth%2F82ihob%2F%2F%2F%2Fam9obi5tYW5uaW5nQGF2YW5vcy5jb20=
  • https://discountvideocommercials.com/wp-includes/now/auth/82ihob////am9obi5tYW5uaW5nQGF2YW5vcy5jb20=
0
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://discountvideocommercials.com/wp-includes/now/auth/82ihob////am9obi5tYW5uaW5nQGF2YW5vcy5jb20=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.129.175.112 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
discountvideocommercials.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 May 2023 20:21:03 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
refresh
0;url=https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mjohn.manning@avanos.com

Redirect headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
20
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 May 2023 20:21:03 GMT
Keep-Alive
timeout=3, max=100
Location
https://discountvideocommercials.com/wp-includes/now/auth/82ihob////am9obi5tYW5uaW5nQGF2YW5vcy5jb20=
Server
Apache
Vary
Accept-Encoding
Primary Request Mjohn.manning@avanos.com
6jtlydnwuk64679b2fb6a40.axlstg.ru/ 		8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mjohn.manning@avanos.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e849a07baefa00589298041736452a79ef9315cae9adf53bd10a7a5503d181b9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://discountvideocommercials.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7cb7c36fc81f0e07-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Mon, 22 May 2023 20:21:04 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1fU4MkeeUMjko3xNf0U66N%2Bgslny%2FNnWJEZXkwDGyaSpJRTbXhZRoNSn9RuK5yxE2zsIx5UweZEONpyg%2B2YuUOObHWsub0iD4cZHg0WZMJ2XPZqkRJMgNZ0KebISwcD1ny9ww7KxdAk%2BK8GN1SqcrrbTl5%2F5G8t4t58IZpFZGE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
v1
6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ 		149 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7cb7c36fc81f0e07
Requested by
Host: 6jtlydnwuk64679b2fb6a40.axlstg.ru
URL: https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mjohn.manning@avanos.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf73f7c559950c7be160660c13ad8b5586bedf454fb59aab567d1aa58d6bd953

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mjohn.manning@avanos.com?__cf_chl_rt_tk=PXpFBrM8zbaaTzg7ssHShxvS_L.5wO2tlfx60Dyz4dg-1684786864-0-gaNycGzNDCU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:04 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o88LuEV2F7JqYQVnFtPyPNDJ3jEC3d2vQigaYPl8JyjXQ8P0rsUOQZJFku6PUyVfDKH9mbQWaHLu0Eb2UJqceogEtI9TyPv2LsN72ONyaYvBN9ilw6iJ6l3%2FwFa5Sosat7qmKjsD4gc%2BU3Ykb3EAcTmamGwLsK2%2FkMM%2FxVgbqIw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7cb7c3711a6c0e07-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
transparent.gif
6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/images/trace/managed/js/ 		42 B
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cb7c36fc81f0e07
Requested by
Host: 6jtlydnwuk64679b2fb6a40.axlstg.ru
URL: https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mjohn.manning@avanos.com?__cf_chl_rt_tk=PXpFBrM8zbaaTzg7ssHShxvS_L.5wO2tlfx60Dyz4dg-1684786864-0-gaNycGzNDCU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:d790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mjohn.manning@avanos.com?__cf_chl_rt_tk=PXpFBrM8zbaaTzg7ssHShxvS_L.5wO2tlfx60Dyz4dg-1684786864-0-gaNycGzNDCU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 18 May 2023 12:46:56 GMT
server
cloudflare
etag
"64661e40-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7cb7c3711a700e07-MXP
content-length
42
expires
Mon, 22 May 2023 22:21:04 GMT
api.js
challenges.cloudflare.com/turnstile/v0/g/7fe8adc8/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/7fe8adc8/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: 6jtlydnwuk64679b2fb6a40.axlstg.ru
URL: https://6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7cb7c36fc81f0e07
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51957b7f445f96a4f027db0a264c33904aaa9cd1ef944148008e41d54d4f8f0c

Request headers

Referer
Origin
https://6jtlydnwuk64679b2fb6a40.axlstg.ru
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:05 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7cb7c3751d8abac1-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
b94f898f0db74dd
6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/114915206:1684783556:hoWmiOuifMyM2gQ1ryTU26OitB2kdaudkKEdt8IKZnU/7cb7c36fc81f0e07/ 		191 KB
143 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/114915206:1684783556:hoWmiOuifMyM2gQ1ryTU26OitB2kdaudkKEdt8IKZnU/7cb7c36fc81f0e07/b94f898f0db74dd
Requested by
Host: 6jtlydnwuk64679b2fb6a40.axlstg.ru
URL: https://6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7cb7c36fc81f0e07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d36811b1e684f6a4486e5104e278903db0505cf6a15c75ce435358719178f05a

Request headers

Referer
https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mjohn.manning@avanos.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
CF-Challenge
b94f898f0db74dd
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 22 May 2023 20:21:05 GMT
content-encoding
br
cf_chl_gen
7t+RoOfm6pd1E4vAgdrS9WRJuCeSnGIRQ67BdTzms30hDioaw5omOSYC7Ot5qC45x71evjpGHF/Smiua0uOaNKPC0tmoc/6eg3IbjxZBoRzfh2QcbJY30+2f3HA53A2xMkNbrFf49bVwQGLLKrkLRqkC03xdQyQgISejluvtOs/RVS9c8+Z1Zv4vdxYHaYIr8FFTRI482COoep3UMrrdhsuTczWhs8NcrDZ+QtAVGBH6z0NeOSHGV4Gcjq/5S/9nFqL4g5Sj2a0e3YXVY0gPwJ9wuc2kjpHTtWZo9JW6BsC0xS4dqC4Bf0Fu8QHsqzFlHeCTi0aloJELQJ8OfbSJ/Uxd4aXAJc96mIH4OxLedEkESUudHPZsS+ASjvKjxP9JhrVFccrBs7qgilb3EVn+gvHTggCl5kkBsPdTnlGkGqOU3OBrDXh0L4ctk3qRkceldGe19UjpKYzDOJkbJf1YpAy7z7nEf0Op/KKOyF7upeK6KEWqUqGPgv6hj5Qf/RKV$qfaMJvkrPeHgYtLFF3g9Bg==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3rSV6RG2OAmtQechuJ9K8ek30FI6R3KD4CW5atNO6K2Ucrdd0%2BMtwGD338pD1hAWqPctHMwBlUQmIUScL4f%2FFIu9CfNYVh6TswvxhEC4SnT%2Fl740UX9ljN5hIILaSXyaVdYd2GaM7%2FL5mWhk3QJaseYKWu1sJI9NlHbBcHXhu8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7cb7c373cbd3bb0b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
a2puJEBSzIetRPP
6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/challenge-platform/h/g/pat/7cb7c36fc81f0e07/1684786865264/8f03d07edb86a285ae779a1e3f02d5c672fe572a2ab7f4bd134bc0b1c62db1c6/ 		1 B
963 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/challenge-platform/h/g/pat/7cb7c36fc81f0e07/1684786865264/8f03d07edb86a285ae779a1e3f02d5c672fe572a2ab7f4bd134bc0b1c62db1c6/a2puJEBSzIetRPP
Requested by
Host: 6jtlydnwuk64679b2fb6a40.axlstg.ru
URL: https://6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7cb7c36fc81f0e07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mjohn.manning@avanos.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:07 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gjwPQftuGooWud5oePwLVxnL-Vyoqt_S9E0vAscYtscYAITZqdGx5ZG53dWs2NDY3OWIyZmI2YTQwLmF4bHN0Zy5ydQ==, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAySgKXvR721O-HwSCp6BF8TeuHicxXGVHXJN4EB8npTqPvHY_3JsFIv19McA1L_Hls3UzYxU0XpOgHKAk34hMPkndSXxOerIbkadB_CcGCGM3mS-MrXbJiPIuFgBG1c4mu9avO3K1PWqsKlOpNbqr3V0u4BiLmYsxv7KoBsqjvx76B8USG1V2-VBOhuDmcIwSxzaawL3Rm_dqQHqe805K_T89EWQFXwEL50CjRQCJvBgvj77mAuVESaB4GPQeDcPqKSlZ4wfa6jcuT9Va-g7stXB7YRLo2TZxdG5n_1yP6-jhXLmQ7q5ijd4DKvWX_BNTIc_g3efHdgEFkfHiizu1qwIDAQAB, max-age=20
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBocufaUcWLoTXE89dSxE03JymBlq2WdDREVW4ZneHNvq9xgyGBilEkr%2FwXhQYmQyYq5uzz4OH%2Bzm2C4xKzlJdDyVQLKLVBgLT9rWDenerm9PVEMM1EssuhvIy0GBefXGNGaGo8DciJTEaBnBIxQjXf8djuOovUIQWGpQEnUh3c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7cb7c3801f81bb0b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
1ac697fd-1e94-43ae-a18c-47a78cd203d8
https://6jtlydnwuk64679b2fb6a40.axlstg.ru/ 		220 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://6jtlydnwuk64679b2fb6a40.axlstg.ru/1ac697fd-1e94-43ae-a18c-47a78cd203d8
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6b64601f895bed389aa525bed33990514b3ea089b51569aaf245f9479caeac8

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mjohn.manning@avanos.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
220
Content-Type
application/javascript
d88scEhofM2M4zo
6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/challenge-platform/h/g/img/7cb7c36fc81f0e07/1684786865276/ 		61 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/challenge-platform/h/g/img/7cb7c36fc81f0e07/1684786865276/d88scEhofM2M4zo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44b5032ec69fa63d74459feadad33a425bab9be5b3398a656c8e9512562b08ce

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mjohn.manning@avanos.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7cb7c3821a8cbb0b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B6sbgmMEfHiMwmizuWvZvSMONNlzYI7PWVcakCfpZOYLaazycp%2FR3Jh9ggMb5StrATcvPSKjkUXCf2hewLPRuteZGNe75ubUFlSwSFrxxuhn396K%2BWF0FT%2BVcmwiytbBzJKkrBF1QaV20P6YG39ifmcJvvKzOTKJ7sTEU8mKePs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
b94f898f0db74dd
6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/114915206:1684783556:hoWmiOuifMyM2gQ1ryTU26OitB2kdaudkKEdt8IKZnU/7cb7c36fc81f0e07/ 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/114915206:1684783556:hoWmiOuifMyM2gQ1ryTU26OitB2kdaudkKEdt8IKZnU/7cb7c36fc81f0e07/b94f898f0db74dd
Requested by
Host: 6jtlydnwuk64679b2fb6a40.axlstg.ru
URL: https://6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7cb7c36fc81f0e07
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:d790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba802927dcd51191c85374c5b7d07a582f79f0f17567435c2b8a8fe263bca5da

Request headers

Referer
https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mjohn.manning@avanos.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
CF-Challenge
b94f898f0db74dd
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 22 May 2023 20:21:08 GMT
content-encoding
br
cf_chl_gen
0RR0Ryi8m6l5ZO+p9JnG3qQEXTv7nP+lhiHZF5qXftsC5zyksuZraROyidzqczfL$LeXuYXBuGbkUg3yulvsZ+Q==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72%2BEV0IiY%2BGecYbjY7AoY0R%2F4j9vBRFZYzvPgxP7uYHIMn235rvLBp%2F%2Fp%2BKj61YgN3ZgI7xFScv917FEIdjq8R1mR%2FAZb5ItLHJ5YFF5PNYJePM7oMl8I2%2FWSYweiMSX8wpbzGtNbmYv1pzvXuCvpA6TIiAtlVUJ7paEReEZxSw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7cb7c3851f40bb0b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ilx6i/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 6E14 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ilx6i/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/7fe8adc8/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e702bf316172c3a629315ef21e46e30b3b9ba8a689acb0fa1e0703198f22838

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7cb7c38818105995-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 22 May 2023 20:21:08 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 6E14 		151 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7cb7c38818105995
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ilx6i/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
816e74066194afeb07a99eeffc991e29467ae1636f72f1f6fc0a8994075e2ae0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ilx6i/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 22 May 2023 20:21:08 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7cb7c388c9365995-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
c7783b5f8c53e1f
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1393982415:1684783695:7696HG0GQ7rjlAOBLDnPb5fbIep1vafn2LY1OS0A3g4/7cb7c38818105995/ Frame 6E14 		173 KB
129 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1393982415:1684783695:7696HG0GQ7rjlAOBLDnPb5fbIep1vafn2LY1OS0A3g4/7cb7c38818105995/c7783b5f8c53e1f
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7cb7c38818105995
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
569393ffd8b6bd1342e8d8e34c093766eb0e15db67bf0ea2521f6fa1191f113d

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ilx6i/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
CF-Challenge
c7783b5f8c53e1f
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 22 May 2023 20:21:08 GMT
content-encoding
br
cf_chl_gen
Jur6quCw93JGQu78gyVrkFO3ob48sRjRopUwdW6OFqzhdTJAjG+7aM89euhg+K5+0dl4VS84VgD1A8epUj6PTSrV7oJb3kBEQvC4cUv42AX4povtmYLDPt5CS8B7sTsS7b196IbrVHsYzWOvomUpT6Pf+ot/XHE+nFhFMK/ds4u86mV7n8xBwB+t7Kh82E64kOnM36s7s24lC6Fo2zfJS29fNTdUSovlbzoFSSEs8ZCROwVQvKydUm0aOhU/5un+AOpIvS+Nsz7mUMaxb08P1+owF2IAlr6tGNt6aHrb/vvaZrB0f+8PVn29ZvnfWgJAN6J4duKJP4p8SrnqtXULpK9UPFzNv431BK5JBp6z9iAh3vmXV/gV39OVVIS4DKJFSGK4MGnqFjn0PUTiUl4I/HOCjcJA9M3mz6/QRckVUcJxay25FGd/Ru+2S7LA9xqg4g1o7UJoTLJG64/WG7lmh9y6Sfb65qYv0+78FEcGukg=$NI1EpZmO2txzg0M35k7eBw==
server
cloudflare
cf-ray
7cb7c38a2b9b5995-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _cf_chl_opt function| sendRequest function| SHA256 function| _cf_chl_turnstile_l function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded undefined| _cf_gcr

0 Cookies

4 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://6jtlydnwuk64679b2fb6a40.axlstg.ru/Mjohn.manning@avanos.com
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://6jtlydnwuk64679b2fb6a40.axlstg.ru/cdn-cgi/challenge-platform/h/g/pat/7cb7c36fc81f0e07/1684786865264/8f03d07edb86a285ae779a1e3f02d5c672fe572a2ab7f4bd134bc0b1c62db1c6/a2puJEBSzIetRPP
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.