urlscan.io logo urlscan.io
SecurityTrails logo

c3bpcnm-do.2j1.ru Open in urlscan Pro
141.95.99.203  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ct.turing.com/?ti=4960924ba4c69efd03c372997c2d036729638ebf43b383fee342d03520e85426d66d7d78443e64350d7e5a806973...
Effective URL: https://c3bpcnm-do.2j1.ru/aGdvbHM/
Submission Tags: falconsandbox
Submission: On June 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 25 HTTP transactions. The main IP is 141.95.99.203, located in France and belongs to OVH, FR. The main domain is c3bpcnm-do.2j1.ru.
TLS certificate: Issued by R3 on June 26th 2023. Valid for: 3 months.
This is the only time c3bpcnm-do.2j1.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 45.223.59.119 19551 (INCAPSULA)
1 69.49.245.172 19871 (NETWORK-S...)
2 34.120.88.34 396982 (GOOGLE-CL...)
1 141.95.99.203 16276 (OVH)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
25 8
7    45.223.59.119 (United States)

ASN19551 (INCAPSULA, US)
ct.turing.com
1    69.49.245.172 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 69-49-245-172.webhostbox.net
yrjcollective.com
2    34.120.88.34 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 34.88.120.34.bc.googleusercontent.com
logging-server.turing.com
1    141.95.99.203 (France)

ASN16276 (OVH, FR)
PTR: s614.fra6.mysecurecloudhost.com
c3bpcnm-do.2j1.ru
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
8    2606:4700::6811:2b8 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
9 turing.com
ct.turing.com
mail.turing.com Failed
logging-server.turing.com — Cisco Umbrella Rank: 727084
140 KB
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5263
240 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368
25 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 749
30 KB
1 2j1.ru
c3bpcnm-do.2j1.ru
2 KB
1 yrjcollective.com
yrjcollective.com
268 B
25 6
Domain Requested by
8 challenges.cloudflare.com 1 redirects c3bpcnm-do.2j1.ru
challenges.cloudflare.com
7 ct.turing.com ct.turing.com
2 logging-server.turing.com ct.turing.com
1 cdn.jsdelivr.net ct.turing.com
1 code.jquery.com ct.turing.com
1 c3bpcnm-do.2j1.ru
1 yrjcollective.com ct.turing.com
0 mail.turing.com Failed ct.turing.com
25 8

This site contains no links.

Subject Issuer Validity Valid
imperva.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-06-27 -
2023-12-24		 6 months crt.sh
cpanel.yrjcollective.com
R3		 2023-06-25 -
2023-09-23		 3 months crt.sh
*.turing.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-18 -
2023-11-18		 a year crt.sh
www.c3bpcnm-do.2j1.ru
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://c3bpcnm-do.2j1.ru/aGdvbHM/
Frame ID: E26BFF5014F9EFFA42330FBE2EA9633B
Requests: 16 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/trf6u/0x4AAAAAAAGjs9Bg4cLWjCYz/auto/normal
Frame ID: 3E258763587D0E1164B4DEF5CA7090B2
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ct.turing.com/?ti=4960924ba4c69efd03c372997c2d036729638ebf43b383fee342d03520e85426d66d7d78... Page URL
  2. https://c3bpcnm-do.2j1.ru/aGdvbHM/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

25
Requests

76 %
HTTPS

43 %
IPv6

6
Domains

8
Subdomains

8
IPs

3
Countries

437 kB
Transfer

1200 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ct.turing.com/?ti=4960924ba4c69efd03c372997c2d036729638ebf43b383fee342d03520e85426d66d7d78443e64350d7e5a80697319f95afd5de3f7a6b78aee0c4e0dd1150ab4bcb09e449f6967dc64b20e110d5c5a0a115acf0a2df9b191990a5065636197edb04ea0d0b8dcea341d52e2079d8c7bb52fd563e97db797&rd=https%3A%2F%2Fyrjcollective.com%2Fparaga%2FouTwW%2FbWFybGVuZS5zY2hyZWlmZWxzQG5haGFuLmNvbQ%3D%3D Page URL
  2. https://c3bpcnm-do.2j1.ru/aGdvbHM/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/19b997cb/api.js

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ct.turing.com/ 		942 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.turing.com/?ti=4960924ba4c69efd03c372997c2d036729638ebf43b383fee342d03520e85426d66d7d78443e64350d7e5a80697319f95afd5de3f7a6b78aee0c4e0dd1150ab4bcb09e449f6967dc64b20e110d5c5a0a115acf0a2df9b191990a5065636197edb04ea0d0b8dcea341d52e2079d8c7bb52fd563e97db797&rd=https%3A%2F%2Fyrjcollective.com%2Fparaga%2FouTwW%2FbWFybGVuZS5zY2hyZWlmZWxzQG5haGFuLmNvbQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.59.119 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
UploadServer /
Resource Hash
88abb003ee15624512eeec824e837d71c41e2037d2091b198e828f7650e1beda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2770
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-type
text/html
date
Wed, 28 Jun 2023 13:06:11 GMT
etag
"4c43468b87c1001d88f88a5de775fbff"
last-modified
Thu, 11 May 2023 12:34:35 GMT
server
UploadServer
x-cdn
Imperva
x-goog-generation
1683808475439233
x-goog-hash
crc32c=N7OZ+g== md5=TENGi4fBAB2I+Ipd53X7/w==
x-goog-meta-goog-reserved-file-mtime
1683808466
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
729
x-guploader-uploadid
ADPycduBn5-fE4VO7MdF8ggar3LgKsZxDzinmHizvisY1ky7NkzP0VzOtyzSW4kVhnsp5ONhy2Cm8S-s-3-KT1ebE7vF6w
x-iinfo
5-18567284-18567294 NNNN CT(0 4 0) RT(1687960340581 11) q(0 1 1 53) r(1 1) U24
yers-tiedgemes-Arme-selfe-a-Day-Macb-Shall-Widdl
ct.turing.com/ 		209 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.turing.com/yers-tiedgemes-Arme-selfe-a-Day-Macb-Shall-Widdl
Requested by
Host: ct.turing.com
URL: https://ct.turing.com/?ti=4960924ba4c69efd03c372997c2d036729638ebf43b383fee342d03520e85426d66d7d78443e64350d7e5a80697319f95afd5de3f7a6b78aee0c4e0dd1150ab4bcb09e449f6967dc64b20e110d5c5a0a115acf0a2df9b191990a5065636197edb04ea0d0b8dcea341d52e2079d8c7bb52fd563e97db797&rd=https%3A%2F%2Fyrjcollective.com%2Fparaga%2FouTwW%2FbWFybGVuZS5zY2hyZWlmZWxzQG5haGFuLmNvbQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.59.119 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
bon /
Resource Hash
e3f6c8813c4be2a502de272005d5beef71a23743f61edfd3cd9dd7b37c87f260

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ct.turing.com/?ti=4960924ba4c69efd03c372997c2d036729638ebf43b383fee342d03520e85426d66d7d78443e64350d7e5a80697319f95afd5de3f7a6b78aee0c4e0dd1150ab4bcb09e449f6967dc64b20e110d5c5a0a115acf0a2df9b191990a5065636197edb04ea0d0b8dcea341d52e2079d8c7bb52fd563e97db797&rd=https%3A%2F%2Fyrjcollective.com%2Fparaga%2FouTwW%2FbWFybGVuZS5zY2hyZWlmZWxzQG5haGFuLmNvbQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 13:52:20 GMT
content-encoding
gzip
server
bon
x-cdn
Imperva
content-type
text/javascript
access-control-allow-origin
*
x-iinfo
5-18567284-18567296 NNNN CT(5 11 0) RT(1687960340581 96) q(0 0 0 -1) r(0 1)
cache-control
max-age=0
server-timing
bon, total;dur=13.526573
content-length
68514
main.013c44c458e6d0da5b13.js
ct.turing.com/ 		150 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.turing.com/main.013c44c458e6d0da5b13.js
Requested by
Host: ct.turing.com
URL: https://ct.turing.com/?ti=4960924ba4c69efd03c372997c2d036729638ebf43b383fee342d03520e85426d66d7d78443e64350d7e5a80697319f95afd5de3f7a6b78aee0c4e0dd1150ab4bcb09e449f6967dc64b20e110d5c5a0a115acf0a2df9b191990a5065636197edb04ea0d0b8dcea341d52e2079d8c7bb52fd563e97db797&rd=https%3A%2F%2Fyrjcollective.com%2Fparaga%2FouTwW%2FbWFybGVuZS5zY2hyZWlmZWxzQG5haGFuLmNvbQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.59.119 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
UploadServer /
Resource Hash
8122903b79d84100ccec113aa2709c771699b68cd2f0ece9063a2f0d0bba12df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ct.turing.com/?ti=4960924ba4c69efd03c372997c2d036729638ebf43b383fee342d03520e85426d66d7d78443e64350d7e5a80697319f95afd5de3f7a6b78aee0c4e0dd1150ab4bcb09e449f6967dc64b20e110d5c5a0a115acf0a2df9b191990a5065636197edb04ea0d0b8dcea341d52e2079d8c7bb52fd563e97db797&rd=https%3A%2F%2Fyrjcollective.com%2Fparaga%2FouTwW%2FbWFybGVuZS5zY2hyZWlmZWxzQG5haGFuLmNvbQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 13:03:51 GMT
content-encoding
br
x-cdn
Imperva
x-goog-meta-goog-reserved-file-mtime
1683808466
age
2910
x-guploader-uploadid
ADPycdtntUTEPNF4hdhtKyZNhi7CJfeLk8g1v2U4xCU5LBPpPmm2ZXA4oHQiNM0HWbR2OEdxr09UIG3Bf4mBmVX_6FexwL6rCnHa
x-goog-storage-class
STANDARD
x-iinfo
5-18567284-18567299 NNNN CT(10 9 0) RT(1687960340581 101) q(0 0 1 -1) r(1 1) U24
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47253
last-modified
Thu, 11 May 2023 12:34:35 GMT
server
UploadServer
etag
W/"51864cbf642cef61c0eacdba6cd899f6"
vary
Accept-Encoding
x-goog-generation
1683808475826181
x-goog-hash
crc32c=MsdItA==, md5=UYZMv2Qs72HA6s26bNiZ9g==
content-type
application/javascript
cache-control
public,max-age=3600
x-goog-stored-content-length
153933
accept-ranges
none
main.013c44c458e6d0da5b13.css
ct.turing.com/ 		669 B
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ct.turing.com/main.013c44c458e6d0da5b13.css
Requested by
Host: ct.turing.com
URL: https://ct.turing.com/?ti=4960924ba4c69efd03c372997c2d036729638ebf43b383fee342d03520e85426d66d7d78443e64350d7e5a80697319f95afd5de3f7a6b78aee0c4e0dd1150ab4bcb09e449f6967dc64b20e110d5c5a0a115acf0a2df9b191990a5065636197edb04ea0d0b8dcea341d52e2079d8c7bb52fd563e97db797&rd=https%3A%2F%2Fyrjcollective.com%2Fparaga%2FouTwW%2FbWFybGVuZS5zY2hyZWlmZWxzQG5haGFuLmNvbQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.59.119 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5bea97352ebb1f24a716891a46ab47a20ea529f957dd6ba100c1e46b8976c478

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ct.turing.com/?ti=4960924ba4c69efd03c372997c2d036729638ebf43b383fee342d03520e85426d66d7d78443e64350d7e5a80697319f95afd5de3f7a6b78aee0c4e0dd1150ab4bcb09e449f6967dc64b20e110d5c5a0a115acf0a2df9b191990a5065636197edb04ea0d0b8dcea341d52e2079d8c7bb52fd563e97db797&rd=https%3A%2F%2Fyrjcollective.com%2Fparaga%2FouTwW%2FbWFybGVuZS5zY2hyZWlmZWxzQG5haGFuLmNvbQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 13:17:51 GMT
x-cdn
Imperva
x-goog-meta-goog-reserved-file-mtime
1683808466
age
2070
x-guploader-uploadid
ADPycdsnKg1d1ZeU0IF3By2iEhDN1RX-TD_X5VEWRAgHO7GZoRa2bbzJwVJ4U3Suy4F24HvWhSsmCwvXUKEWZQ36fWGwfUQmI-qO
x-goog-storage-class
STANDARD
x-iinfo
5-18567284-18567294 PNNN RT(1687960340581 97) q(0 0 0 -1) r(0 0) U24
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
669
last-modified
Thu, 11 May 2023 12:34:35 GMT
server
UploadServer
etag
"a9378920a02242888934bc0f07a3abad"
x-goog-generation
1683808475672560
x-goog-hash
crc32c=q7es5A==, md5=qTeJIKAiQoiJNLwPB6OrrQ==
content-type
text/css
cache-control
public,max-age=3600
x-goog-stored-content-length
669
accept-ranges
bytes
_Incapsula_Resource
ct.turing.com/ 		148 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.turing.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1040007673
Requested by
Host: ct.turing.com
URL: https://ct.turing.com/?ti=4960924ba4c69efd03c372997c2d036729638ebf43b383fee342d03520e85426d66d7d78443e64350d7e5a80697319f95afd5de3f7a6b78aee0c4e0dd1150ab4bcb09e449f6967dc64b20e110d5c5a0a115acf0a2df9b191990a5065636197edb04ea0d0b8dcea341d52e2079d8c7bb52fd563e97db797&rd=https%3A%2F%2Fyrjcollective.com%2Fparaga%2FouTwW%2FbWFybGVuZS5zY2hyZWlmZWxzQG5haGFuLmNvbQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.59.119 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ca91ea11a76ca49ab46c8cee17c0e3ebec0ebb50fe676b2c9fc6c8126ad34b0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ct.turing.com/?ti=4960924ba4c69efd03c372997c2d036729638ebf43b383fee342d03520e85426d66d7d78443e64350d7e5a80697319f95afd5de3f7a6b78aee0c4e0dd1150ab4bcb09e449f6967dc64b20e110d5c5a0a115acf0a2df9b191990a5065636197edb04ea0d0b8dcea341d52e2079d8c7bb52fd563e97db797&rd=https%3A%2F%2Fyrjcollective.com%2Fparaga%2FouTwW%2FbWFybGVuZS5zY2hyZWlmZWxzQG5haGFuLmNvbQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
21227
content-type
application/javascript
_Incapsula_Resource
ct.turing.com/ 		1 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.turing.com/_Incapsula_Resource?SWKMTFSR=1&e=0.6331845517933918
Requested by
Host: ct.turing.com
URL: https://ct.turing.com/?ti=4960924ba4c69efd03c372997c2d036729638ebf43b383fee342d03520e85426d66d7d78443e64350d7e5a80697319f95afd5de3f7a6b78aee0c4e0dd1150ab4bcb09e449f6967dc64b20e110d5c5a0a115acf0a2df9b191990a5065636197edb04ea0d0b8dcea341d52e2079d8c7bb52fd563e97db797&rd=https%3A%2F%2Fyrjcollective.com%2Fparaga%2FouTwW%2FbWFybGVuZS5zY2hyZWlmZWxzQG5haGFuLmNvbQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.59.119 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ct.turing.com/?ti=4960924ba4c69efd03c372997c2d036729638ebf43b383fee342d03520e85426d66d7d78443e64350d7e5a80697319f95afd5de3f7a6b78aee0c4e0dd1150ab4bcb09e449f6967dc64b20e110d5c5a0a115acf0a2df9b191990a5065636197edb04ea0d0b8dcea341d52e2079d8c7bb52fd563e97db797&rd=https%3A%2F%2Fyrjcollective.com%2Fparaga%2FouTwW%2FbWFybGVuZS5zY2hyZWlmZWxzQG5haGFuLmNvbQ%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
email-clicked
mail.turing.com/api/logging/ 		0
0
analytics
mail.turing.com/api/ 		0
0
bWFybGVuZS5zY2hyZWlmZWxzQG5haGFuLmNvbQ==
yrjcollective.com/paraga/ouTwW/ 		0
268 B 		Document
General
Check archive.org
Download Go to
Full URL
https://yrjcollective.com/paraga/ouTwW/bWFybGVuZS5zY2hyZWlmZWxzQG5haGFuLmNvbQ==
Requested by
Host: ct.turing.com
URL: https://ct.turing.com/main.013c44c458e6d0da5b13.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
69.49.245.172 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
69-49-245-172.webhostbox.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ct.turing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Jun 2023 13:52:20 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
refresh
0;url= https://c3bpcnm-do.2j1.ru/aGdvbHM/#marlene.schreifels@nahan.com
log
logging-server.turing.com/ 		285 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://logging-server.turing.com/log
Requested by
Host: ct.turing.com
URL: https://ct.turing.com/main.013c44c458e6d0da5b13.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.88.34 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.88.120.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

visitor-token
accept-language
de-DE,de;q=0.9
Authorization
Basic Y2xpZW50VXNlcjpRb2shMjMzISEjM2Fs
x-seq
0
x-client-logging-version
6.12.0
Content-Type
application/json
Accept
application/json, text/plain, */*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Referer
https://ct.turing.com/
x-is-bot
false
x-log-name
PAGEVIEWS
x-product-name
EMAIL_COMMUNICATION_SYSTEM

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Wed, 28 Jun 2023 13:52:21 GMT
via
1.1 google
x-permitted-cross-domain-policies
none
cross-origin-embedder-policy
require-corp
x-dns-prefetch-control
off
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
285
x-xss-protection
0
referrer-policy
no-referrer
cross-origin-opener-policy
same-origin
etag
W/"11d-wj+pgyKs4eBaB4GoLBq0GgC6M4c"
expect-ct
max-age=0
vary
Origin
x-frame-options
SAMEORIGIN
x-download-options
noopen
access-control-allow-origin
https://ct.turing.com
origin-agent-cluster
?1
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
x-ls-version
4.3.1
log
logging-server.turing.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://logging-server.turing.com/log
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.88.34 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.88.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,visitor-token,x-client-logging-version,x-is-bot,x-log-name,x-product-name,x-seq
Access-Control-Request-Method
POST
Origin
https://ct.turing.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,visitor-token,x-client-logging-version,x-is-bot,x-log-name,x-product-name,x-seq
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://ct.turing.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 28 Jun 2023 13:52:21 GMT
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-powered-by
Express
yers-tiedgemes-Arme-selfe-a-Day-Macb-Shall-Widdl
ct.turing.com/ 		742 B
997 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.turing.com/yers-tiedgemes-Arme-selfe-a-Day-Macb-Shall-Widdl?d=ct.turing.com
Requested by
Host: ct.turing.com
URL: https://ct.turing.com/yers-tiedgemes-Arme-selfe-a-Day-Macb-Shall-Widdl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.59.119 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
bon /
Resource Hash

Request headers

Accept
application/json; charset=utf-8
Referer
https://ct.turing.com/?ti=4960924ba4c69efd03c372997c2d036729638ebf43b383fee342d03520e85426d66d7d78443e64350d7e5a80697319f95afd5de3f7a6b78aee0c4e0dd1150ab4bcb09e449f6967dc64b20e110d5c5a0a115acf0a2df9b191990a5065636197edb04ea0d0b8dcea341d52e2079d8c7bb52fd563e97db797&rd=https%3A%2F%2Fyrjcollective.com%2Fparaga%2FouTwW%2FbWFybGVuZS5zY2hyZWlmZWxzQG5haGFuLmNvbQ%3D%3D
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain; charset=utf-8

Response headers

date
Wed, 28 Jun 2023 13:52:20 GMT
server
bon
x-cdn
Imperva
content-type
application/json
access-control-allow-origin
*
x-iinfo
5-18567284-18567296 PNNN RT(1687960340581 554) q(0 0 0 -1) r(0 0) U6
cache-control
no-cache, no-store
server-timing
bon, total;dur=11.495426
content-length
742
Primary Request /
c3bpcnm-do.2j1.ru/aGdvbHM/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c3bpcnm-do.2j1.ru/aGdvbHM/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.99.203 , France, ASN16276 (OVH, FR),
Reverse DNS
s614.fra6.mysecurecloudhost.com
Software
LiteSpeed / PHP/8.2.5
Resource Hash
7bc6aa3a129592ae741b79a4cbab753e1957f223b52ccc0509bffa6e7f1840d6

Request headers

Referer
https://yrjcollective.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
1494
content-type
text/html; charset=UTF-8
date
Wed, 28 Jun 2023 13:52:22 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding,User-Agent
x-powered-by
PHP/8.2.5
truncated
/ 		130 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a98649102d9e19c527bd2375d765bb48ecb26e6a567fab6a5922bc2df6b2eeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
text/javascript
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: ct.turing.com
URL: https://ct.turing.com/?ti=4960924ba4c69efd03c372997c2d036729638ebf43b383fee342d03520e85426d66d7d78443e64350d7e5a80697319f95afd5de3f7a6b78aee0c4e0dd1150ab4bcb09e449f6967dc64b20e110d5c5a0a115acf0a2df9b191990a5065636197edb04ea0d0b8dcea341d52e2079d8c7bb52fd563e97db797&rd=https%3A%2F%2Fyrjcollective.com%2Fparaga%2FouTwW%2FbWFybGVuZS5zY2hyZWlmZWxzQG5haGFuLmNvbQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://c3bpcnm-do.2j1.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 28 Jun 2023 13:52:22 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1687960342.dop160.fr8.t,1687960342.cds219.fr8.hn,1687960342.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
api.js
challenges.cloudflare.com/turnstile/v0/g/19b997cb/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/g/19b997cb/api.js
19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/19b997cb/api.js
Requested by
Host: c3bpcnm-do.2j1.ru
URL: https://c3bpcnm-do.2j1.ru/aGdvbHM/
Protocol
H2
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7a5045877238b1271059b2175e224d73844f717d25ee6bb0bd4751d21490075

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3bpcnm-do.2j1.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 13:52:22 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7de668ef3ae803a0-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 28 Jun 2023 13:52:22 GMT
server
cloudflare
vary
accept-encoding
location
/turnstile/v0/g/19b997cb/api.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7de668ef1acf03a0-FRA
alt-svc
h3=":443"; ma=86400
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
Requested by
Host: ct.turing.com
URL: https://ct.turing.com/?ti=4960924ba4c69efd03c372997c2d036729638ebf43b383fee342d03520e85426d66d7d78443e64350d7e5a80697319f95afd5de3f7a6b78aee0c4e0dd1150ab4bcb09e449f6967dc64b20e110d5c5a0a115acf0a2df9b191990a5065636197edb04ea0d0b8dcea341d52e2079d8c7bb52fd563e97db797&rd=https%3A%2F%2Fyrjcollective.com%2Fparaga%2FouTwW%2FbWFybGVuZS5zY2hyZWlmZWxzQG5haGFuLmNvbQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c3bpcnm-do.2j1.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Jun 2023 13:52:22 GMT
x-content-type-options
nosniff
content-encoding
br
age
1483584
x-jsd-version
5.0.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25360
x-served-by
cache-fra-eddf8230116-FRA
x-jsd-version-type
version
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/trf6u/0x4AAAAAAAGjs9Bg4cLWjCYz/auto/ Frame 3E25 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/trf6u/0x4AAAAAAAGjs9Bg4cLWjCYz/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eea8e6f4f01ea363c5a052f57b9ec12e1834591baf46824c5334093b3ab153e
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://c3bpcnm-do.2j1.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7de668ef78199a1d-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 13:52:22 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 3E25 		177 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7de668ef78199a1d
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/trf6u/0x4AAAAAAAGjs9Bg4cLWjCYz/auto/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
465571733d41f17c0464d26df321fb1d48c9c8fc7826a6c55e8245c9a7ddad13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/trf6u/0x4AAAAAAAGjs9Bg4cLWjCYz/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 13:52:23 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7de668f0394e9a1d-FRA
alt-svc
h3=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
a646e735-2602-4a03-b872-82c3b16bc068
https://challenges.cloudflare.com/ Frame 3E25 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/a646e735-2602-4a03-b872-82c3b16bc068
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/trf6u/0x4AAAAAAAGjs9Bg4cLWjCYz/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
fcf0eb942e114dc
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/915637280:1687957658:idfD7e3CVnQHp2qma0Tnmn_LYn_KK-G2Cidlftdtl1k/7de668ef78199a1d/ Frame 3E25 		214 KB
154 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/915637280:1687957658:idfD7e3CVnQHp2qma0Tnmn_LYn_KK-G2Cidlftdtl1k/7de668ef78199a1d/fcf0eb942e114dc
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7de668ef78199a1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1241d2baaea1c6f74fce3756bb4bd21ad5183cb0b034390516d1a5df94f0f746

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/trf6u/0x4AAAAAAAGjs9Bg4cLWjCYz/auto/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge
fcf0eb942e114dc
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
ZVWNGHlmucDxiSNY+nlGhrHGkiNrEoXmgKp8JD7i7u5ix8YUo9DXcCKbUZphyVoXcsygmRswyBbXiv0Vbbf9LHZRttXNP8hVQsaQrErIaw7fXmJjlAtnw8AwQem4BnyfUvnk3wV2rwGFyNorX88aSFZ+T/4EldBDC8vtHWbdPhzt6TPLBp+DeP53HCHaUCnw31a5DlTyfL98Y5ESOBeVXxI475fnubafiacsvrnPE0GLkrZP2sH/kT7w+9hYHKtZ+Wyk0vGE/BwmFz40OX6PAD7z8kx4QOs2zfhvYPimRI82kJKBwrrMw39UzsCZT5XHT9RJ59TjFnmz9XI0gjHlYEwY+hGVCqq8iRhYrwI9aNc7ZQGzUlVk5y1DBWNJ9Jil3zaKQ0PFzXflYIlf24gEm8pSLgUanJOXTLRRqfoxsmB8LLh3TcYsWAkyX5WBBu1NeoHmPF390IRSUdPlfgEoYsYlDJVubVWevdxjFaQJrG/2QvrlyvDK8SZfMflh58GwT5AqfA9/wwTbLBq+LpUr+A==$QuOLlL+wHhoxAroFGyp5vw==
date
Wed, 28 Jun 2023 13:52:23 GMT
content-encoding
br
server
cloudflare
cf-ray
7de668f12a819a1d-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
050b3558-5c58-47ce-bf68-f8a96e561d3c
https://challenges.cloudflare.com/ Frame 3E25 		99 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/050b3558-5c58-47ce-bf68-f8a96e561d3c
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/trf6u/0x4AAAAAAAGjs9Bg4cLWjCYz/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
99
Content-Type
text/javascript
GFDG4CThIi4a4Cr
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7de668ef78199a1d/1687960343242/ Frame 3E25 		61 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7de668ef78199a1d/1687960343242/GFDG4CThIi4a4Cr
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f02ae098f7595f1550a8c8d4b7f8a7aa54840c0f4d05ebeae08df07d4adbde27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/trf6u/0x4AAAAAAAGjs9Bg4cLWjCYz/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 13:52:25 GMT
server
cloudflare
cf-ray
7de668fc4f159a1d-FRA
alt-svc
h3=":443"; ma=86400
content-type
image/png
1c183ea8-6efc-420f-9ad7-e4dcb855b35e
https://challenges.cloudflare.com/ Frame 3E25 		539 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/1c183ea8-6efc-420f-9ad7-e4dcb855b35e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08c91791d18c8b35509f8951ba53b3868ebc91a142f78fb1294aadad03f537c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/trf6u/0x4AAAAAAAGjs9Bg4cLWjCYz/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
539
Content-Type
text/javascript
xjxYaeu6NZZjAy-
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7de668ef78199a1d/1687960343245/67c211d5ab17a928088b3c3a4ea53268be7498bd284e9714098ef02301a753c4/ Frame 3E25 		1 B
628 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7de668ef78199a1d/1687960343245/67c211d5ab17a928088b3c3a4ea53268be7498bd284e9714098ef02301a753c4/xjxYaeu6NZZjAy-
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7de668ef78199a1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/trf6u/0x4AAAAAAAGjs9Bg4cLWjCYz/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 13:52:25 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gZ8IR1asXqSgIizw6TqUyaL50mL0oTpcUCY7wIwGnU8QAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA0bRUcGKklfQeNNxvLFfJ4GD9tdPPxSZwJ3XYP4G2zG8DKRLBpv9Kj6N67az3XmlVlx2R0rqjt4_1YNpJnMYvq8Tp2DUxYs4U3kFA6Rbb5cTRT5nIFp10SdDKx5oEUlr5_2lhwjOJ7UX343zafxxxRigli14tfc_MdARtiZxdmy5Dm9rRf5nwlBmsWaAX3v0Uhsdw1FWqbl23kbspqAsOrzkVf57FQWXyec-WMgVpWqs6qqDPPZHzvx68neq0a7QsWfGKjfhMa9dgQCoTvz166RVORThwNko0-5Z2XOaYQhFc0ojy9K4Ht4LY-qcayfQ4DfX7RfkQ4SUsGK-uOfhA7wIDAQAB, max-age=20
server
cloudflare
cf-ray
7de668fd489e9a1d-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
fcf0eb942e114dc
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/915637280:1687957658:idfD7e3CVnQHp2qma0Tnmn_LYn_KK-G2Cidlftdtl1k/7de668ef78199a1d/ Frame 3E25 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/915637280:1687957658:idfD7e3CVnQHp2qma0Tnmn_LYn_KK-G2Cidlftdtl1k/7de668ef78199a1d/fcf0eb942e114dc
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7de668ef78199a1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb91859da6ae7dc7e680772e6fea28b5a3c857ccb9673430a83be999ee5e644

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/trf6u/0x4AAAAAAAGjs9Bg4cLWjCYz/auto/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge
fcf0eb942e114dc
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
WeQ0MIz9QKVGPftLNfB3XtEAWEbkyAfvX3gEiC1e53TFgLmKWrEfMKtyRkdNoqKP$1OaH9zl2BhESNmZ9SJpokQ==
date
Wed, 28 Jun 2023 13:52:25 GMT
content-encoding
br
server
cloudflare
cf-ray
7de668fde9659a1d-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mail.turing.com
URL
https://mail.turing.com/api/logging/email-clicked?ti=eyJpc19hdXRvbWF0aW9uX3Rvb2wiOmZhbHNlLCJvcmlnaW5hbF91cmwiOiJodHRwczovL3lyamNvbGxlY3RpdmUuY29tL3BhcmFnYS9vdVR3Vy9iV0Z5YkdWdVpTNXpZMmh5WldsbVpXeHpRRzVoYUdGdUxtTnZiUT09IiwiaXNfYmVhY29uX3N1cHBvcnRlZCI6dHJ1ZSwiZGV2aWNlV2lkdGgiOjE2MDAsImRldmljZUhlaWdodCI6MTIwMCwiYnJvd3NlcldpZHRoIjoxNjAwLCJicm93c2VySGVpZ2h0IjoxMjAwLCJsYW5ndWFnZSI6ImVuLVVTIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTk4IFNhZmFyaS81MzcuMzYiLCJ1cmwiOiJodHRwczovL2N0LnR1cmluZy5jb20vP3RpPTQ5NjA5MjRiYTRjNjllZmQwM2MzNzI5OTdjMmQwMzY3Mjk2MzhlYmY0M2IzODNmZWUzNDJkMDM1MjBlODU0MjZkNjZkN2Q3ODQ0M2U2NDM1MGQ3ZTVhODA2OTczMTlmOTVhZmQ1ZGUzZjdhNmI3OGFlZTBjNGUwZGQxMTUwYWI0YmNiMDllNDQ5ZjY5NjdkYzY0YjIwZTExMGQ1YzVhMGExMTVhY2YwYTJkZjliMTkxOTkwYTUwNjU2MzYxOTdlZGIwNGVhMGQwYjhkY2VhMzQxZDUyZTIwNzlkOGM3YmI1MmZkNTYzZTk3ZGI3OTcmcmQ9aHR0cHMlM0ElMkYlMkZ5cmpjb2xsZWN0aXZlLmNvbSUyRnBhcmFnYSUyRm91VHdXJTJGYldGeWJHVnVaUzV6WTJoeVpXbG1aV3h6UUc1aGFHRnVMbU52YlElM0QlM0QifQ==
Domain
mail.turing.com
URL
https://mail.turing.com/api/analytics?ti=4960924ba4c69efd03c372997c2d036729638ebf43b383fee342d03520e85426d66d7d78443e64350d7e5a80697319f95afd5de3f7a6b78aee0c4e0dd1150ab4bcb09e449f6967dc64b20e110d5c5a0a115acf0a2df9b191990a5065636197edb04ea0d0b8dcea341d52e2079d8c7bb52fd563e97db797&rd=https%3A%2F%2Fyrjcollective.com%2Fparaga%2FouTwW%2FbWFybGVuZS5zY2hyZWlmZWxzQG5haGFuLmNvbQ%3D%3D

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend string| nox function| $ function| jQuery function| x object| turnstile

7 Cookies

Domain/Path Name / Value
.turing.com/ Name: visid_incap_2912814
Value: UR2qDobCTfCliXlY9bkIJhQ7nGQAAAAAQUIPAAAAAAA1hzpWB91GMMgYsMXMv3OK
.turing.com/ Name: nlbi_2912814
Value: 8N4NW0r9yjFX6uIAoaY+eQAAAAAKs13c14wejkayiKJv1liZ
.turing.com/ Name: incap_ses_876_2912814
Value: Ue7Cf9GRq3dRDWwHQC4oDBQ7nGQAAAAAIMcm9fVo5f3+j4DifnNOmg==
.turing.com/ Name: nlbi_2912814_2147483392
Value: ZA2RBXBwFhYZcEARoaY+eQAAAABDLdOe2jyyQRVcPP/ApKNh
ct.turing.com/ Name: reese84
Value: 3:eXtjHQfnyL0Ar2nQmcIC2A==:Up/rVdwPXDOGal9o9B9sxu5IdbzJb4eHhEojVhKpn2R/CTS+uhGVUAqyfuSAaQYLIACIUQ3oihO4tBs6haRYe18H46HjnzsDNyt0WPumTH6rKjlXZO8uCihtoS8cy97LwYM8E+U6PlTT/X4xwP1n1dZLxM5tu5Fxy4mbGxoGyThmuXnLteeysKIfWVwghLhD3kCmtii4cH3N8jHQSVGS1OVKOfRaZGQ88HeRMpt1f/jr9Pht8sUCelnhqxJ2bw1CPmbGG9UPMI1/oz8oi9bRQWmAT8ijQXo5gZqSUg9o5ac1kl/2GmZUaQ9afWAre2O6KYR/mlw+pN8mk832VfrjWd9Xhg6+Sb7vs+Mo0+Ux64CycvbWDNW0GCbjrSTdERYlbJzN67Z1sQNJkaeCecd/fVi1MApSwTNReDk7/TOd03J30P2F8hSvwnoJnlMN/YJ9cVw+tAGFcZ/Ey35JMo7JyFywyVUY7AY1inQZIO3vLZX8SPxNe02oK5xQr2Haw6fpBpZIorMJdoZUoOZciKQ4TNuAu6q4uUzbwPxOPLBldGb6aTkC87F/DTn5BVINAQl5dDCGUeD5yJ/YGJUBhcvMCThg0PxejKV3X83gGMTSyow=:pSoCEnjTNZlHpu7dc4/r7ZcvS5+mMV7C/3zJNNHbsZM=
.turing.com/ Name: visitor_token
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ2aXNpdG9ySWQiOiJhNjYzODNkYy0zNWJlLTRmMzQtOGQ5My0wZTcxYTU5ZGJmNDciLCJzZXNzaW9uSWQiOiI1NmFiMDY4Ny0zMTkyLTQ0ZjQtODg4Ny1hMTBhMzFkYmQ5OTgiLCJzZXNzaW9uRXhwIjoxNjg3OTYyMTQxLCJpYXQiOjE2ODc5NjAzNDF9.uTaRVPdDADtXOHRKOK5oypHQ80JdD4f1n1JmJFWMcMc
c3bpcnm-do.2j1.ru/ Name: PHPSESSID
Value: pnl9il4u88qq6n3em28ff8jchr

4 Console Messages

Source Level URL
Text
javascript warning URL: data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoImh0bWwiKS5nZXRBdHRyaWJ1dGUoInZhbHVlIikpKSkpO25veD0iWkEwaEpUQW9TMTRFeXlTMG1FaEUiOw==
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoImh0bWwiKS5nZXRBdHRyaWJ1dGUoInZhbHVlIikpKSkpO25veD0iWkEwaEpUQW9TMTRFeXlTMG1FaEUiOw==
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7de668ef78199a1d/1687960343245/67c211d5ab17a928088b3c3a4ea53268be7498bd284e9714098ef02301a753c4/xjxYaeu6NZZjAy-
Message:
Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c3bpcnm-do.2j1.ru
cdn.jsdelivr.net
challenges.cloudflare.com
code.jquery.com
ct.turing.com
logging-server.turing.com
mail.turing.com
yrjcollective.com
mail.turing.com
141.95.99.203
2001:4de0:ac18::1:a:3b
2606:4700::6811:2b8
2a04:4e42:200::485
34.120.88.34
45.223.59.119
69.49.245.172
08c91791d18c8b35509f8951ba53b3868ebc91a142f78fb1294aadad03f537c8
0a98649102d9e19c527bd2375d765bb48ecb26e6a567fab6a5922bc2df6b2eeb
1241d2baaea1c6f74fce3756bb4bd21ad5183cb0b034390516d1a5df94f0f746
3eb91859da6ae7dc7e680772e6fea28b5a3c857ccb9673430a83be999ee5e644
465571733d41f17c0464d26df321fb1d48c9c8fc7826a6c55e8245c9a7ddad13
5bea97352ebb1f24a716891a46ab47a20ea529f957dd6ba100c1e46b8976c478
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7bc6aa3a129592ae741b79a4cbab753e1957f223b52ccc0509bffa6e7f1840d6
8122903b79d84100ccec113aa2709c771699b68cd2f0ece9063a2f0d0bba12df
88abb003ee15624512eeec824e837d71c41e2037d2091b198e828f7650e1beda
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194
8eea8e6f4f01ea363c5a052f57b9ec12e1834591baf46824c5334093b3ab153e
a7a5045877238b1271059b2175e224d73844f717d25ee6bb0bd4751d21490075
ca91ea11a76ca49ab46c8cee17c0e3ebec0ebb50fe676b2c9fc6c8126ad34b0f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f6c8813c4be2a502de272005d5beef71a23743f61edfd3cd9dd7b37c87f260
f02ae098f7595f1550a8c8d4b7f8a7aa54840c0f4d05ebeae08df07d4adbde27
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e