Submitted URL: https://shr.polymail.io/v1/z/b/NjU1MzkxZWI0ZDdi/L3bq99O2bcapnutfHwTczYp0Zb0L8ioQgZYVHGjzRJPxnTOcr0zmbYQBGk-XW3_tU84xOOND...
Effective URL: https://menziesdsitribution.com/
Submission: On November 14 via api from IE — Scanned from DE

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 19 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is menziesdsitribution.com.
TLS certificate: Issued by GTS CA 1P5 on October 26th 2023. Valid for: 3 months.
This is the only time menziesdsitribution.com was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 162.241.124.47 19871 (NETWORK-S...)
12 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
19 4
Apex Domain
Subdomains
Transfer
12 menziesdsitribution.com
menziesdsitribution.com
166 KB
4 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 6439
23 KB
1 sandhillstimes.com
sandhillstimes.com
633 B
1 polymail.io
shr.polymail.io
345 B
19 4
Domain Requested by
12 menziesdsitribution.com sandhillstimes.com
menziesdsitribution.com
4 challenges.cloudflare.com menziesdsitribution.com
challenges.cloudflare.com
1 sandhillstimes.com
1 shr.polymail.io 1 redirects
19 4

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
webmail.sandhillstimes.com
R3
2023-11-12 -
2024-02-10
3 months crt.sh
menziesdsitribution.com
GTS CA 1P5
2023-10-26 -
2024-01-24
3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3
2023-08-18 -
2024-08-17
a year crt.sh

This page contains 3 frames:

Primary Page: https://menziesdsitribution.com/
Frame ID: D20187EC8DECE484525B04A48D12A8A8
Requests: 19 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/molut/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 5860DFE93390CEF4CE911E672B4C87E2
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/cz2um/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: F99714513D05B2F4C3C913A40BF2E3D9
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://shr.polymail.io/v1/z/b/NjU1MzkxZWI0ZDdi/L3bq99O2bcapnutfHwTczYp0Zb0L8ioQgZYVHGjzRJPxnTOcr0zm... HTTP 302
    https://sandhillstimes.com/fress/dress/ Page URL
  2. https://menziesdsitribution.com/ Page URL
  3. https://menziesdsitribution.com/ Page URL

Page Statistics

19
Requests

89 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

189 kB
Transfer

471 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://shr.polymail.io/v1/z/b/NjU1MzkxZWI0ZDdi/L3bq99O2bcapnutfHwTczYp0Zb0L8ioQgZYVHGjzRJPxnTOcr0zmbYQBGk-XW3_tU84xOONDWVh0mtmAXOTzKFIKmTkccsFg21-IFJiGg1FnWshavldFp0vgTbeWfBjtmd5MOlnvHJjJPTtU-0r2q_uoHHvPQF4czVnnsVO4-tV8F0uUYEqIcJSc-0I6QoYID3Zt3yRdGaQp HTTP 302
    https://sandhillstimes.com/fress/dress/ Page URL
  2. https://menziesdsitribution.com/ Page URL
  3. https://menziesdsitribution.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://shr.polymail.io/v1/z/b/NjU1MzkxZWI0ZDdi/L3bq99O2bcapnutfHwTczYp0Zb0L8ioQgZYVHGjzRJPxnTOcr0zmbYQBGk-XW3_tU84xOONDWVh0mtmAXOTzKFIKmTkccsFg21-IFJiGg1FnWshavldFp0vgTbeWfBjtmd5MOlnvHJjJPTtU-0r2q_uoHHvPQF4czVnnsVO4-tV8F0uUYEqIcJSc-0I6QoYID3Zt3yRdGaQp HTTP 302
  • https://sandhillstimes.com/fress/dress/

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
sandhillstimes.com/fress/dress/
Redirect Chain
  • https://shr.polymail.io/v1/z/b/NjU1MzkxZWI0ZDdi/L3bq99O2bcapnutfHwTczYp0Zb0L8ioQgZYVHGjzRJPxnTOcr0zmbYQBGk-XW3_tU84xOONDWVh0mtmAXOTzKFIKmTkccsFg21-IFJiGg1FnWshavldFp0vgTbeWfBjtmd5MOlnvHJjJPTtU-0r2q...
  • https://sandhillstimes.com/fress/dress/
391 B
633 B
Document
General
Full URL
https://sandhillstimes.com/fress/dress/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.241.124.47 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-124-47.webhostbox.net
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
391
Content-Type
text/html
Date
Tue, 14 Nov 2023 16:47:00 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Tue, 14 Nov 2023 08:24:10 GMT
Server
Apache

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8260bbdb3e933679-FRA
content-security-policy
default-src 'none'; form-action 'none'; frame-ancestors 'none'; report-uri https://sentry.io/api/1855807/security/?sentry_key=a247d4d68ed54bc49f30373dd45bf8be;
content-type
text/html; charset=utf-8
date
Tue, 14 Nov 2023 16:47:00 GMT
location
https://sandhillstimes.com/fress/dress/
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
via
1.1 google
x-content-type-options
nosniff
/
menziesdsitribution.com/
6 KB
5 KB
Document
General
Full URL
https://menziesdsitribution.com/
Requested by
Host: sandhillstimes.com
URL: https://sandhillstimes.com/fress/dress/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c48c513146184bd7dc5a2afa14b7e7408f8feb97152e77c30eaf6491c7c3dc0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://sandhillstimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
8260bbdedb6f912b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 14 Nov 2023 16:47:00 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIaCPsBEPW4L%2F1NoHA8sZwrTb99wwLfigGx1oyvcck95Onsz%2Feo3gQSJ%2Bg%2B4VJgQ4BzrGAlOPNT0Pk27hlecs0tGV8%2Bk0Nw1sfTfTnx9L%2BGgM5Iue8%2F1APrLmpu4Va%2BzHM6GWJrMLsWaOURM6h93luJAoQH%2FHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
challenges.css
menziesdsitribution.com/cdn-cgi/styles/
6 KB
3 KB
Stylesheet
General
Full URL
https://menziesdsitribution.com/cdn-cgi/styles/challenges.css
Requested by
Host: menziesdsitribution.com
URL: https://menziesdsitribution.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://menziesdsitribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 16:47:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 08 Nov 2023 16:16:02 GMT
server
cloudflare
etag
W/"654bb442-19c8"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
8260bbdf0baa912b-FRA
expires
Tue, 14 Nov 2023 18:47:00 GMT
v1
menziesdsitribution.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/
169 KB
58 KB
Script
General
Full URL
https://menziesdsitribution.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8260bbdedb6f912b
Requested by
Host: menziesdsitribution.com
URL: https://menziesdsitribution.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a96321a3bd81e92dc2ec2ec41c1b3d0c9562929d6ffccad470f912fce6b54a60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://menziesdsitribution.com/?__cf_chl_rt_tk=QSc7FIqqQVZYD6eGMLf1xit4.GiV8BhvcHnCLNYJWUQ-1699980420-0-gaNycGzNDSU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 16:47:00 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0%2BgR2JH8%2FXSRhDOce%2Baj8oTJ7ag8snTujdC3wrtb3tgQWZ3ROtysbLjY%2B2fMOdak9TlhmoYQmrRAIdKReycXv5ZTOunkqPe7FE9%2FWEv8bljE%2FGvwbyC04ev3qzv7%2FwwO%2FgWylEjz5tBNVR31haDY9cFXdIj%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8260bbdf2bba912b-FRA
alt-svc
h3=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/g/9914b343/
33 KB
11 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit
Requested by
Host: menziesdsitribution.com
URL: https://menziesdsitribution.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8260bbdedb6f912b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7

Request headers

Referer
Origin
https://menziesdsitribution.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 16:47:01 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
8260bbdfaaa13821-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
menziesdsitribution.com/
6 KB
6 KB
Image
General
Full URL
https://menziesdsitribution.com/favicon.ico
Requested by
Host: menziesdsitribution.com
URL: https://menziesdsitribution.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c539fc34888977309f182bc20f740ddab9cad3a213dc3de16401585c48568573
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://menziesdsitribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 16:47:01 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtyZAEgrqN2kTF09t112M4TkhLz1xSg%2F%2BvwfhqyQHdaOqVzOEldmOA%2FSQHKDvB156rFXbR3k44fLRj9sAaFO3RNJLNtL5DGdxGuPGpKbzIRacftBtySYtokmMGQd8zmObMDnC0iniTWa5uzBXJed9QTuZDI1Og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
8260bbdf8c3b912b-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/
586 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
ce3bc2aa-bf3f-4977-9242-ff5f0b2a35a6
https://menziesdsitribution.com/
13 B
0
Other
General
Full URL
blob:https://menziesdsitribution.com/ce3bc2aa-bf3f-4977-9242-ff5f0b2a35a6
Requested by
Host: menziesdsitribution.com
URL: https://menziesdsitribution.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://menziesdsitribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
2f3238aa9a8a098
menziesdsitribution.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1488233344:1699979053:1OSmM9xqFtCX8tPzvzrvm_ZrPAI0SxZHb-qly8D_QcU/8260bbdedb6f912b/
12 KB
10 KB
XHR
General
Full URL
https://menziesdsitribution.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1488233344:1699979053:1OSmM9xqFtCX8tPzvzrvm_ZrPAI0SxZHb-qly8D_QcU/8260bbdedb6f912b/2f3238aa9a8a098
Requested by
Host: menziesdsitribution.com
URL: https://menziesdsitribution.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8260bbdedb6f912b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9774abe5ef9294a020b50bbf30576740802d8a5b110a5ee6bb3f0fb9262b319f

Request headers

Referer
https://menziesdsitribution.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
CF-Challenge
2f3238aa9a8a098
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 14 Nov 2023 16:47:01 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNbQmEPODGkQr4kk%2FW7duRnCDlMV4fAJV8T4WSe3NZlyCj2GrfeeMp793Cb0jKeati0xy1pPLMem7cqwIj1676vcPIcYREJ7cPeqBbYrd%2BEbhKJuhyGYCeLJAeIxPH1qCQBD23%2BNjZqbcSuxlmIaUJfyfYtscQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8260bbe03d17912b-FRA
alt-svc
h3=":443"; ma=86400
cf-chl-gen
f179GQUMu1EB1HnW2c917qiEdZrgSXfPda43c6SlLEEiprv5Vs4OZ8noTsKlvO5P$ZB2hMHrZMPOOrJ8SncKFVA==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/molut/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 5860
0
0
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/molut/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8260bbe09aa79a0c-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 16:47:01 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
2f3238aa9a8a098
menziesdsitribution.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1488233344:1699979053:1OSmM9xqFtCX8tPzvzrvm_ZrPAI0SxZHb-qly8D_QcU/8260bbdedb6f912b/
14 B
600 B
XHR
General
Full URL
https://menziesdsitribution.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1488233344:1699979053:1OSmM9xqFtCX8tPzvzrvm_ZrPAI0SxZHb-qly8D_QcU/8260bbdedb6f912b/2f3238aa9a8a098
Requested by
Host: menziesdsitribution.com
URL: https://menziesdsitribution.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8260bbdedb6f912b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebfec15e28dcaf76b32586752f3766b543b184d59aacb839c09702996f1d3611

Request headers

Referer
https://menziesdsitribution.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
CF-Challenge
2f3238aa9a8a098
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-out
sQ7CRQ5GZH57ko5zvVvnvnlXbWdqe4UM3w9M2ullAFZlpfQAwYh2Y6UlNEvVpkgARXajhhpQ2WD/wNkQedqzrQ==$RpOBG5blaJIqGriztae2Pg==
date
Tue, 14 Nov 2023 16:47:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1D9GToK%2BH%2Bo6kDQYimFp%2FqlXivUyZOSDz1P9y22mgVIZsoa9Y1lpLQk8A23oI88pyiMOrNju5SaIGAjGgM6xw5zvu8lUwRp7%2FeQ6nA0b85aMdeenAE%2BX9P6VunvhHAIe3ZiUZLCZ4BOtGZolTzDZWITsj66lwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8260bbe27d422429-IAD
alt-svc
h3=":443"; ma=86400
Primary Request /
menziesdsitribution.com/
6 KB
5 KB
Document
General
Full URL
https://menziesdsitribution.com/
Requested by
Host: menziesdsitribution.com
URL: https://menziesdsitribution.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8260bbdedb6f912b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42ace83f8b23278b0d3304cf4dcd54c13b96e69e876e8a63bea2ad465bde0b5c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://menziesdsitribution.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
8260bbefc81a2429-IAD
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 14 Nov 2023 16:47:03 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z65eH3bx9wuaalbZ6c5fVKcDJWcM5mDfdtI9aNaJ0uTkBwuhLQUThIkKxtFFt64dGU3xm7XLWkIQycExamh1ib6t0E3XgksRIJpKbul1mgdFSxjxdjjFpjY1IwpQlI6eDONI2F3S7gz8LiKx%2FScVu249hmJt7g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
challenges.css
menziesdsitribution.com/cdn-cgi/styles/
6 KB
3 KB
Stylesheet
General
Full URL
https://menziesdsitribution.com/cdn-cgi/styles/challenges.css
Requested by
Host: menziesdsitribution.com
URL: https://menziesdsitribution.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://menziesdsitribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 16:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 08 Nov 2023 16:16:02 GMT
server
cloudflare
etag
W/"654bb442-19c8"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
8260bbf079232429-IAD
expires
Tue, 14 Nov 2023 18:47:03 GMT
v1
menziesdsitribution.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/
170 KB
58 KB
Script
General
Full URL
https://menziesdsitribution.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8260bbefc81a2429
Requested by
Host: menziesdsitribution.com
URL: https://menziesdsitribution.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f8552cfbb23f7b0298f9e79b6869c03a5a6c4be424602a173829dcaa1e18c5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://menziesdsitribution.com/?__cf_chl_rt_tk=_sLhAiTj47xKiOa1gsjbN76F.6USHKVNjCcCEZ8Wb_U-1699980423-0-gaNycGzNCfs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 16:47:03 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVPFvL26zHDQ1E4BTCd1qeyeQtgx99wsz7tmmPiiV%2FOX1IxeJxaYvYpfdB26ZVlHlxzMYk05WzT%2F93yy0oG1T5p83kPKpEumJ2Sjb25Dv7JiA2cHaFyxCIrkvVVbgRf1I8jRawL%2BGfz63yC%2FhX5eyi3LOkLPbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8260bbf139e92429-IAD
alt-svc
h3=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/g/9914b343/
33 KB
11 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit
Requested by
Host: menziesdsitribution.com
URL: https://menziesdsitribution.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8260bbefc81a2429
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7

Request headers

Referer
Origin
https://menziesdsitribution.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 16:47:04 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
8260bbf2dc973821-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
menziesdsitribution.com/
6 KB
6 KB
Image
General
Full URL
https://menziesdsitribution.com/favicon.ico
Requested by
Host: menziesdsitribution.com
URL: https://menziesdsitribution.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
735961f6a4467c981bca94d14260757310f8883c1a19738b6561990c76025e86
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://menziesdsitribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 16:47:04 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BjCl1j1JvswpReOz2xplTC4YQdJt35WDmDNRKPTtqU2NyRwJhn3zcViFKEcXRIc%2ByP1elfTumFHAz5U2fennSEp0lRUWwVzP1z5GKHl%2FMKfbjyLbi%2BW%2Fuv20ejYcygyX1cJr953FMbpazqS%2F8AiS436d413NTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
8260bbf32c8e2429-IAD
expires
Thu, 01 Jan 1970 00:00:01 GMT
truncated
/
586 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
8da1138e-7dfd-47a2-bf4f-2b87916a6b8b
https://menziesdsitribution.com/
13 B
0
Other
General
Full URL
blob:https://menziesdsitribution.com/8da1138e-7dfd-47a2-bf4f-2b87916a6b8b
Requested by
Host: menziesdsitribution.com
URL: https://menziesdsitribution.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://menziesdsitribution.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
91280bd1e28a117
menziesdsitribution.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1173812170:1699978934:u4czrJDIrzWmh-Q7nOzQjZXgQT1pBry0dkvCj7j4cjg/8260bbefc81a2429/
12 KB
10 KB
XHR
General
Full URL
https://menziesdsitribution.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1173812170:1699978934:u4czrJDIrzWmh-Q7nOzQjZXgQT1pBry0dkvCj7j4cjg/8260bbefc81a2429/91280bd1e28a117
Requested by
Host: menziesdsitribution.com
URL: https://menziesdsitribution.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8260bbefc81a2429
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d4941468e9b3d67f450dfffbd870fbb2cd0f41dbbbc106b6fddad884c967c31

Request headers

Referer
https://menziesdsitribution.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
CF-Challenge
91280bd1e28a117
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 14 Nov 2023 16:47:04 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yzmwzpvn0X%2BUPSOg%2B8ogve1dlYKZ6F1VmWWvg3TwCQC8ViA9JZ6RjVeG4FLHJa6FU%2FO2oXovEJl438CrqvVbDmMtSICBul6cS5nhdKNPLPERqMpQHFfZsqQeKBGfoRpI4Wb3FKAVUWy4UqGshcURjDsu0BH4Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8260bbf3dd7c2429-IAD
alt-svc
h3=":443"; ma=86400
cf-chl-gen
byknvJZDOrUgmBVuDtKGqMkWCkI6GF3mRY3kpKrYpBc9+hnYIwkH0JFPvYpFHlgA$TuIVfvRJX4VI9ztPGiSASg==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/cz2um/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame F997
0
0
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/cz2um/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8260bbf47ab89a0c-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 14 Nov 2023 16:47:04 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
91280bd1e28a117
menziesdsitribution.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1173812170:1699978934:u4czrJDIrzWmh-Q7nOzQjZXgQT1pBry0dkvCj7j4cjg/8260bbefc81a2429/
2 KB
2 KB
XHR
General
Full URL
https://menziesdsitribution.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1173812170:1699978934:u4czrJDIrzWmh-Q7nOzQjZXgQT1pBry0dkvCj7j4cjg/8260bbefc81a2429/91280bd1e28a117
Requested by
Host: menziesdsitribution.com
URL: https://menziesdsitribution.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8260bbefc81a2429
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1acf4c2ba9ae60350966e3d05f49286b9b8784131cdb3a263b3580f09de495f8

Request headers

Referer
https://menziesdsitribution.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
CF-Challenge
91280bd1e28a117
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-out
VRAfZhNOoUnYbELOOqtsq3if6UybKGkFj9ijMIdWwZNfvj1xLeM7rrlmWgqrpafupLN+I545lqm8r7mMI47ZiHV+TyThZNHYcPhJ8MHkRmk=$ZiL1x0bF78euiFt49ocnWQ==
cf-chl-out-s
4dhJVzf2+MfqLEoXX1Ue1NuAJ9UbKkiVoBI9mSYAgOgnnH/5zrYQ40NebETR0BbLDbBefHaCvQAIwGyRUcW8/fSoNH7hJ5zE7+IMmNkSFAxN+n4pqVUx1wxYSCdp3MQmyFBrWxZCgNqT/uJIEZ6hZlHVtnCrB/gogxnZ1GPZ2on//Ssg/sgE8DO0dqjmxVQ2T3Lo00gex6gvCE8kOcKun84V5AVtGK78ZDwrmXewdV+NJDS3zW5pFbtv2GBlf1/8$D/26e+ca69QOpxLnpLf2Mg==
date
Tue, 14 Nov 2023 16:47:04 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWUJky8XXRJQkrw8MFUekfDx09zB9E%2Bk6vUML4r5gUEMB416WF8DSq4LK2VrQBQy94lK1IAdEP5cONUVQgeTKKRQWaReaoHd2ufhWdS0VSZT4RzLvNGru3S7i1142WA3AwvcxpnWZMEWQjdHpx9%2BcptCjtqeTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8260bbf628ec2429-IAD
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| _cf_chl_opt function| IyIbT4 function| FAIg1 boolean| WrwZ6 function| scUG3 function| mgSMVQzBWl function| SgWID6 function| LGYdpr9 function| FdoAsB7 object| nCiPQs6 object| BoUQfS8 object| turnstile boolean| CnXTHZ3 string| LPfb7

1 Cookies

Domain/Path Name / Value
menziesdsitribution.com/ Name: cf_chl_rc_m
Value: 1

9 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://menziesdsitribution.com/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://menziesdsitribution.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://menziesdsitribution.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1488233344:1699979053:1OSmM9xqFtCX8tPzvzrvm_ZrPAI0SxZHb-qly8D_QcU/8260bbdedb6f912b/2f3238aa9a8a098
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://menziesdsitribution.com/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://menziesdsitribution.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()