urlscan.io logo urlscan.io
SecurityTrails logo

53beff18.34277800203c50a21cf06992.workers.dev Open in urlscan Pro
2606:4700:3035::6815:190c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://url.us.m.mimecastprotect.com/s/nkHXCxkmlkT10JOpoU7dxcm?domain=linkprotect.cudasvc.com
Effective URL: https://53beff18.34277800203c50a21cf06992.workers.dev/?email=sheppard@penntrust.com
Submission: On July 12 via manual from IN — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 7 domains to perform 6 HTTP transactions. The main IP is 2606:4700:3035::6815:190c, located in United States and belongs to CLOUDFLARENET, US. The main domain is 53beff18.34277800203c50a21cf06992.workers.dev.
TLS certificate: Issued by WE1 on July 12th 2024. Valid for: 3 months.
This is the only time 53beff18.34277800203c50a21cf06992.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 205.139.111.117 30031 (MIMECAST-)
1 1 35.174.195.89 14618 (AMAZON-AES)
1 1 2600:9000:24f... 16509 (AMAZON-02)
1 199.231.93.78 29757 (WEBLINE19)
1 2 145.239.35.74 16276 (OVH)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 3 104.17.2.184 13335 (CLOUDFLAR...)
6 4
2    205.139.111.117 (United States)

ASN30031 (MIMECAST-, US)
PTR: us-api.mimecast.com
url.us.m.mimecastprotect.com
1    35.174.195.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-195-89.compute-1.amazonaws.com
linkprotect.cudasvc.com
1    2600:9000:24f4:3800:9:ec94:b800:93a1 (United States)

ASN16509 (AMAZON-02, US)
trk.klclick3.com
1    199.231.93.78 (United States)

ASN29757 (WEBLINE19, US)
PTR: lonestarconsultinginc.com
lonestarconsultinginc.com
2    145.239.35.74 (Grenoble, France)

ASN16276 (OVH, FR)
PTR: service.franceservers.org
www.ifuna.org
2    2606:4700:3035::6815:190c (United States)

ASN13335 (CLOUDFLARENET, US)
53beff18.34277800203c50a21cf06992.workers.dev
3    104.17.2.184 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4229
15 KB
2 workers.dev
53beff18.34277800203c50a21cf06992.workers.dev
6 KB
2 ifuna.org
www.ifuna.org
12 KB
2 mimecastprotect.com
url.us.m.mimecastprotect.com — Cisco Umbrella Rank: 10533
5 KB
1 lonestarconsultinginc.com
lonestarconsultinginc.com
31 KB
1 klclick3.com
trk.klclick3.com — Cisco Umbrella Rank: 45915
465 B
1 cudasvc.com
linkprotect.cudasvc.com — Cisco Umbrella Rank: 9146
2 KB
6 7
Domain Requested by
3 challenges.cloudflare.com 1 redirects 53beff18.34277800203c50a21cf06992.workers.dev
challenges.cloudflare.com
2 53beff18.34277800203c50a21cf06992.workers.dev www.ifuna.org
2 www.ifuna.org 1 redirects lonestarconsultinginc.com
2 url.us.m.mimecastprotect.com 2 redirects
1 lonestarconsultinginc.com
1 trk.klclick3.com 1 redirects
1 linkprotect.cudasvc.com 1 redirects
6 7

This site contains no links.

Subject Issuer Validity Valid
lonestarconsultinginc.com
cPanel, Inc. Certification Authority		 2024-05-25 -
2024-08-23		 3 months crt.sh
www.study.ifuna.org
R10		 2024-06-18 -
2024-09-16		 3 months crt.sh
34277800203c50a21cf06992.workers.dev
WE1		 2024-07-12 -
2024-10-10		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://53beff18.34277800203c50a21cf06992.workers.dev/?email=sheppard@penntrust.com
Frame ID: 5ABC815D42DC5EA4A1E5053E79F8485A
Requests: 5 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m3qj0/0x4AAAAAAAe8EPAEXpfthv_Z/auto/fbE/normal/auto/
Frame ID: 8DFEC9DADE7C90CE35F6665727B34917
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://url.us.m.mimecastprotect.com/s/nkHXCxkmlkT10JOpoU7dxcm?domain=linkprotect.cudasvc.com HTTP 307
    https://url.us.m.mimecastprotect.com/r/dbiDHaWlnkbIr-7HtuTvXUfRopJVhW-yft6h1Au-06bcxvGMsodsqdAE9KQdHvFrtljl_EP81G... HTTP 307
    https://linkprotect.cudasvc.com/url?a=trk.klclick3.com%2fls%2fclick%3fupn%3du001.dtwVv1Ru50yD1xohsam-2FjKNGo... HTTP 302
    http://trk.klclick3.com/ls/click?upn=u001.dtwVv1Ru50yD1xohsam-2FjKNGoL0STJFjHtGd93vEL2zaahEP1uFFEZmj... HTTP 307
    https://trk.klclick3.com/ls/click?upn=u001.dtwVv1Ru50yD1xohsam-2FjKNGoL0STJFjHtGd93vEL2zaahEP1uFFEZmj... HTTP 302
    https://lonestarconsultinginc.com/sync/?_kx=tppKePnOXO2XhnuftvBU1fThXRdQa6-KpecS0GEWRPw.YeGNPs Page URL
  2. https://www.ifuna.org/Sync HTTP 301
    https://www.ifuna.org/Sync/ Page URL
  3. https://53beff18.34277800203c50a21cf06992.workers.dev/?email=sheppard@penntrust.com Page URL

Page Statistics

6
Requests

83 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

4
IPs

3
Countries

61 kB
Transfer

116 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://url.us.m.mimecastprotect.com/s/nkHXCxkmlkT10JOpoU7dxcm?domain=linkprotect.cudasvc.com HTTP 307
    https://url.us.m.mimecastprotect.com/r/dbiDHaWlnkbIr-7HtuTvXUfRopJVhW-yft6h1Au-06bcxvGMsodsqdAE9KQdHvFrtljl_EP81GgZIPU_6oMBAnYc04d-QUtV_9XecuEp4bg8X-JZk3PX_84oDlHAHEOCxKtmBuUrfYioKFgkR5OG1qQzB-DRbSMEAzxrGE_AZwuTOl4Naz2FNUF-aDCCvzshKJkjpAuK1nx_2de_StPeI3ASsKYibyNfAyiML2JKRZZTkqT7s15axuoEROkmk8C6KI-Bmq2yc980QrbNGuo_avojmQeCOQM7OiPh8xvEemp-FxJT0Tm9KGh28LL-WuoI2slWqAwFifK0FdixWt4DuWX5kmBng9YVyvm50i-hW_XchkygRjCuGSi4eHYPgTR_dI-u-I0tW7CpSG-hlTqwpuOrMK0Bw42q-JKW9VJJ0i9tVChJiQ0UySDBh97k7iTbBZnZ8Ll7MR2reykUYSBqN0TP6uV-TPHccMfvSv-GB97JDczW5sLVottsN-DNIfH3NcyUvnatR5_47-OM6RojJqcE5oE4R5YzE17hJ7GQkiG2rLymfpCH-x6TxzKOMCL3zsMTUP6YcglM3T646lNfnT8UetneBRLjdx85m_xRiU0U6ZBZwHhl6mU2GEdjXHPkyqjnj5Nud6XW-SDE3vQL1Ljz6p4dhZ4ighY0Vc9lNbGgXIQi6pruNuYRdNnAWC2Gbthdd7Wd7AcyVZDOtIEzXVp9UO8EPNStQNJIHKd76hlkP6U8W8RvWNpA3aPDdT6Y7JiSuGzwJfFhejx3yWStsQd20ChSeHEw5QjUMpHRYPmrip8nkjvGcaoYKp7xVGQjr8AYxCiGYa_NTn9pzWINuRSl6aCw7Xfn0F7DCnPYeQbaStTcQTslOgdg4oQDjSNMHXUOsEC55cUtjnQz5ybnGiCsHAzKKQ3xEgV3dYkrCC141VopnenCL5UACsCQr8xTM06-X3UmyUAEuQvJCWpNwmA3W_QoC6tpvKjZCguO_DvVEE7QQC_5bO_Rs1NhzecKkAtMLHZcos-6rjXEb-wZRRjx7sN8LessGywnynvYEy1a-zO1-H7OfI_JoMtCRkcYJo4fjPgYRsxGn3vq9JLN2SuxlbGzftDSnj9koqKIIsYlJSSxCy0vd3YnBSH_kyzRek6L7QTEJLCSt9vROc4IpZkBG3rHiWVrpes6H3TiOW9x17ifHE2-XciMS6j-7PFg42ynJUQ7LwJDV69OcAvo6fO4hTT8-iRaEaCThlXD6X0LG3SJPJRr1eyeWj1UTr4eWDpVGXgB-BGY2XHGlULeK3ToqfYhBZyD4w_dtVCZTmUz6pItQkE1lrbM2YtLW7CK7Nni2UlgsBFYO48MuGqGiyj0hx3TT5n0RbzZqT5Nnz8JP-SOx5hxe5uguDXJnbqqx1zlhOfmzgskPJ9zG3UNZ66UKUoZAhcJwsh2HGeE1xetG-MH3h_bTJgxpC7oluDWwftTffgZMl2Foy5BhxR07p671lgy0FgS9JNvXgMjYS6kQ_cU7MTKG1DwZrJ36MrEr65udiCo4w3u6MrLOYPCkV15iuBv2s6xNLO6-94Qr26oK294MgviYiCW4A_s51U8PPGZXNfQyaksQo3kGMd4NpkDwnoEsUijhciGCLjfFdKosse3AD8L39_HhXwRQUGEW-nwMAwuAnsCq6XFsggq0ub-SQxzIIWynB11REGfMmHDeHyAYqqxgZve0eIy6m8I-aOdu2ftQ_wifjpBlYuJ7JnGoPQPtw-9_zS06T1kvFsItVeMwenCAGKNFsJwas96-eznXr53T0wpg7cZvBFEdlyZ_gbQTGnXao5KRKmJlAMEzckmUYpSd76fgY_b_RQI8n3Dc_KlnodzCbp_Fi4DZJm6ywhmWuX-bUHczxycVlkqM4CLHH1Ye6QHx8M842WIA-9kSjbYgX58tKCB-o4SbEo3wj4ppWEDqVBokT4s0pOrRQjMVOyJmCogKajwsnBVf5IWj8VD-Y_2Cz0ghU2l3HwvHp1d6x3oS0siIxoWuVDL2rPpRTrwypHyk3-e9jibRSCQk7pLqtejJ5SQsuQ56MK6EYf4n_hM_EwE21XYAoOKsZCsy66G1TDkgJ5_cnRtxcbzA2VjsVvvY982LNdhIZU1xSyF-Mooe2wr7XiGCWGQR_A4RdxSLCVOaJmxgaDOfy7LzzeGakB7TJxBPUPCyALTQ0YQfiiMrX07UlBs_MDluMO9pA0tq09UtAN49C5vu5mhYo0hn1XxzaDM1Hx7E--uiJLoR3PkIXfceRZGkPgAXES7ko7mLvka25HYCgnkALDn4mA7WdJY1-WZoMGEkLtF-yuRLdUw9ZYsYzYVSqcW8-ShtrkC7WQPerbfTWmWEaICLQX4DldDGM3MtyKdtb7vabQ_3P4SOMqyW76_-AeoZkGNZ7YGB8chXLVzM-qNZwWGt7DQUm-USu2gmS43HqP3xNN3f7_2Sr0uS_hVdr3LsvZVW1IemfmQjG9qcPrAUoPNwHWSLN-nCM_I4Ysg73BZc5drVd4unTyb-VrTWCgjTSGqNNfLHQbWsdStL7AHmwmNIZrqeel0XhMWRNjPJUetizQc30QcAh2GvQqbU5NPjcU78y21oMVfM-Wb6Zel58g19xE6X42Nytj8EFlmIGFo7XR09PflorD3KRguFIDIC3DxPXqh5r34kh_l6iJpW3eNuJEbbB_I9Win7mzRHD-gMRIiSM-9eMQGMjPNfCHHQclh-mJgxwbsAIzgquESt5dntvJaDsinEIXmI8vX11XgoF3ASkH7rqeiCkYg6zUJrSwx4k9VEGRzEDjZ8xXVd_kIJUfP6soqTf3CWTVWXH19FCCjYpJuFOdLFfxSNeo6agK-nYloNJJkw9XNC7848cbBwAkfX3PQhECmNTUqlI4_q1s4Tx6JI0yat8FCqOwk1Sk0VjRushNfhi9B9Ii2pGVE3JyjSXO-VOmGunVohurmjHqHPgjucrWzA281dy560-qJLI_lLXatnH2Q0UH7N02LxCmuDmlJJK03on2KqClRIJk7p7pNCzlKl0wGS6t9XGqiFLztuGzBRISnvUsyjpW_BHsM_zCj-H5MZe8H95-Ou8qCfp8I_IPSGYYN5rRrY7xj1EnKyP90bgqWp9lqrZziDIuE_ivpWK7wV44pLO_sid0i05i2xJTA2HXUO-odWs5HO7Ah6AlBd5CwonAtim8YcXzZ89gefeZ94J4ZCIiuJTfo_BFB4jl4ibcA9hEi0Mx0iQZ4J-nPzKKZ4p1drQ1ipCKitBfvMwjYMDGmw5xhrX383BFMUaGOt2zwMsUzJ3FMMgsQvSvbO1ZSQbis_hbcNvZPOjo7nHmfxjjL0i_1Z_nQ6QTkZGDlLyrb8IvFxiIQVVq-nmYxGAmD9I6C65GPP2KksvsSaNnuuu2oQX0ZkvEuOEOxgwKBZ1Hfq1ErTuPNcYPDDWJt-Mlh3zpebR9vOfni7tt59BMR4C8GT46-I8k6JM3mmH7r0zaKXHfq3gMxBjAR5W0YnDbvPUwH6icS8SJdmPEXAA2K5A4R2vb2xdV4yHzvaggAfXKh3u_UMz20l2LI44ryVLx4PrdtPHQZQHohABvdd9Nb_V4JitGl72H1jWr3dS3tm1OtDQTDfjhG5ut4I7fM0iiCJ891F0se0bgtQH4Nf8WyUgs397ESdkdgKJSDve94RFnQylAzzw-YwBWg-6JfIPQJohRFdM-uVfqkqLlZ79pryh5dISoXZF3ldN9dlqrHxHdEHxea0RzU75PTdkfpeyCDxLgJzLwAst5QjVSrKIIO5SFMaKWiZuH7asDPFmpLnj_ToE_gdmtRUJFt9X4zT3So_Ev1LoNGa7TRd7HeZnXRJbsryxwgpwvv0AgM7zfCyoyQonAg4PeR7xT-J2X5RNKqv9Dqo2i_SeSqZ7TWF4eqZN0DTgLdT07doAzarVgIA952zNwG_jY7SoFZlgGmiO2pOF-eVOucF3W6t-V4ecZ_Q14K3678ilTlezw1COZi7uR81CqKXONm3KvcgDRfuRbsJ3x8s34MPEyYm60ebe90Q4nlq-A5UyZoMQYYH9BfBtNZvEwWroEl8MtDOchDGfge4-5IY4oNB6cRpAbIDBR8svJJ9VCw-WxrtA3DFfiVPixUdgWYdX0cVA0ANy_LqYIlZ9IFo8swcUmn9KrRSx5FWW6IUg HTTP 307
    https://linkprotect.cudasvc.com/url?a=trk.klclick3.com%2fls%2fclick%3fupn%3du001.dtwVv1Ru50yD1xohsam-2FjKNGoL0STJFjHtGd93vEL2zaahEP1uFFEZmjUugdDdAQBnyaWc-2Bj6n4B2xc-2FDOE2upDfrCmCcTMj01aiKJBfSe93Ov-2BXgDjklyEzObUVIbpo64vo1mcFPuuO-2BXrNipAijg-3D-3DIOc7_5XISM4t410aTfJfADooI-2FCdwNBrNlqWfOwGnQovgfhjqqODihHqe8FZba-2Fyt4jQKFmAiTUZoNLBLcD8u5Za-2Bz0d2FoAGP9lvxEHQjlqyF91sjyoIAPF5dRrfHhjLFHwcEbAc0rW2ISfwpEE-2B4rG6BJydHPeyOVTMF42mIBQaJzgFPZcQZqhgLo-2FGdGTrlzcg2oEICLE-2BnM-2Bx9QMopvKfBuIrUaTLes91hCgP3hyec5J-2F3Mj5jOs8cywXi6hGHgaF65X9bXFfkV9QEOwX5g4qF3aFoqhzLjguIdcJ-2FLjBgD0hKwkK58SITs-2FTpeMzQAD1fcK1IC8k7ug1Jxsp-2BhRuh14RjkB4lPbUNnsDzRsMKyDaDQ-2Fp5uN4qogepmysSarnWGjyJGclQhKEEoisPkW8dC9gXlgibjpwzE12Mh8o0cpmgUB7RKp-2Bl7YDTm15qnDseeyPH4Dfj68Bnf2wcaa36w-3D-3D&c=E,1,MSOB6uWJ5UBxbOd4DEzEOyyoag2OWkTJmnt8krYuv54UibC__pbV5fx_xX2GwyS2JYOTPOf7z7My2v88k7Vd6ApG3VSFdniMcp1fo2lVwQIo4jD0jwTijNDu8So,&typo=1= HTTP 302
    http://trk.klclick3.com/ls/click?upn=u001.dtwVv1Ru50yD1xohsam-2FjKNGoL0STJFjHtGd93vEL2zaahEP1uFFEZmjUugdDdAQBnyaWc-2Bj6n4B2xc-2FDOE2upDfrCmCcTMj01aiKJBfSe93Ov-2BXgDjklyEzObUVIbpo64vo1mcFPuuO-2BXrNipAijg-3D-3DIOc7_5XISM4t410aTfJfADooI-2FCdwNBrNlqWfOwGnQovgfhjqqODihHqe8FZba-2Fyt4jQKFmAiTUZoNLBLcD8u5Za-2Bz0d2FoAGP9lvxEHQjlqyF91sjyoIAPF5dRrfHhjLFHwcEbAc0rW2ISfwpEE-2B4rG6BJydHPeyOVTMF42mIBQaJzgFPZcQZqhgLo-2FGdGTrlzcg2oEICLE-2BnM-2Bx9QMopvKfBuIrUaTLes91hCgP3hyec5J-2F3Mj5jOs8cywXi6hGHgaF65X9bXFfkV9QEOwX5g4qF3aFoqhzLjguIdcJ-2FLjBgD0hKwkK58SITs-2FTpeMzQAD1fcK1IC8k7ug1Jxsp-2BhRuh14RjkB4lPbUNnsDzRsMKyDaDQ-2Fp5uN4qogepmysSarnWGjyJGclQhKEEoisPkW8dC9gXlgibjpwzE12Mh8o0cpmgUB7RKp-2Bl7YDTm15qnDseeyPH4Dfj68Bnf2wcaa36w-3D-3D HTTP 307
    https://trk.klclick3.com/ls/click?upn=u001.dtwVv1Ru50yD1xohsam-2FjKNGoL0STJFjHtGd93vEL2zaahEP1uFFEZmjUugdDdAQBnyaWc-2Bj6n4B2xc-2FDOE2upDfrCmCcTMj01aiKJBfSe93Ov-2BXgDjklyEzObUVIbpo64vo1mcFPuuO-2BXrNipAijg-3D-3DIOc7_5XISM4t410aTfJfADooI-2FCdwNBrNlqWfOwGnQovgfhjqqODihHqe8FZba-2Fyt4jQKFmAiTUZoNLBLcD8u5Za-2Bz0d2FoAGP9lvxEHQjlqyF91sjyoIAPF5dRrfHhjLFHwcEbAc0rW2ISfwpEE-2B4rG6BJydHPeyOVTMF42mIBQaJzgFPZcQZqhgLo-2FGdGTrlzcg2oEICLE-2BnM-2Bx9QMopvKfBuIrUaTLes91hCgP3hyec5J-2F3Mj5jOs8cywXi6hGHgaF65X9bXFfkV9QEOwX5g4qF3aFoqhzLjguIdcJ-2FLjBgD0hKwkK58SITs-2FTpeMzQAD1fcK1IC8k7ug1Jxsp-2BhRuh14RjkB4lPbUNnsDzRsMKyDaDQ-2Fp5uN4qogepmysSarnWGjyJGclQhKEEoisPkW8dC9gXlgibjpwzE12Mh8o0cpmgUB7RKp-2Bl7YDTm15qnDseeyPH4Dfj68Bnf2wcaa36w-3D-3D HTTP 302
    https://lonestarconsultinginc.com/sync/?_kx=tppKePnOXO2XhnuftvBU1fThXRdQa6-KpecS0GEWRPw.YeGNPs Page URL
  2. https://www.ifuna.org/Sync HTTP 301
    https://www.ifuna.org/Sync/ Page URL
  3. https://53beff18.34277800203c50a21cf06992.workers.dev/?email=sheppard@penntrust.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://url.us.m.mimecastprotect.com/s/nkHXCxkmlkT10JOpoU7dxcm?domain=linkprotect.cudasvc.com HTTP 307
  • https://url.us.m.mimecastprotect.com/r/dbiDHaWlnkbIr-7HtuTvXUfRopJVhW-yft6h1Au-06bcxvGMsodsqdAE9KQdHvFrtljl_EP81GgZIPU_6oMBAnYc04d-QUtV_9XecuEp4bg8X-JZk3PX_84oDlHAHEOCxKtmBuUrfYioKFgkR5OG1qQzB-DRbSMEAzxrGE_AZwuTOl4Naz2FNUF-aDCCvzshKJkjpAuK1nx_2de_StPeI3ASsKYibyNfAyiML2JKRZZTkqT7s15axuoEROkmk8C6KI-Bmq2yc980QrbNGuo_avojmQeCOQM7OiPh8xvEemp-FxJT0Tm9KGh28LL-WuoI2slWqAwFifK0FdixWt4DuWX5kmBng9YVyvm50i-hW_XchkygRjCuGSi4eHYPgTR_dI-u-I0tW7CpSG-hlTqwpuOrMK0Bw42q-JKW9VJJ0i9tVChJiQ0UySDBh97k7iTbBZnZ8Ll7MR2reykUYSBqN0TP6uV-TPHccMfvSv-GB97JDczW5sLVottsN-DNIfH3NcyUvnatR5_47-OM6RojJqcE5oE4R5YzE17hJ7GQkiG2rLymfpCH-x6TxzKOMCL3zsMTUP6YcglM3T646lNfnT8UetneBRLjdx85m_xRiU0U6ZBZwHhl6mU2GEdjXHPkyqjnj5Nud6XW-SDE3vQL1Ljz6p4dhZ4ighY0Vc9lNbGgXIQi6pruNuYRdNnAWC2Gbthdd7Wd7AcyVZDOtIEzXVp9UO8EPNStQNJIHKd76hlkP6U8W8RvWNpA3aPDdT6Y7JiSuGzwJfFhejx3yWStsQd20ChSeHEw5QjUMpHRYPmrip8nkjvGcaoYKp7xVGQjr8AYxCiGYa_NTn9pzWINuRSl6aCw7Xfn0F7DCnPYeQbaStTcQTslOgdg4oQDjSNMHXUOsEC55cUtjnQz5ybnGiCsHAzKKQ3xEgV3dYkrCC141VopnenCL5UACsCQr8xTM06-X3UmyUAEuQvJCWpNwmA3W_QoC6tpvKjZCguO_DvVEE7QQC_5bO_Rs1NhzecKkAtMLHZcos-6rjXEb-wZRRjx7sN8LessGywnynvYEy1a-zO1-H7OfI_JoMtCRkcYJo4fjPgYRsxGn3vq9JLN2SuxlbGzftDSnj9koqKIIsYlJSSxCy0vd3YnBSH_kyzRek6L7QTEJLCSt9vROc4IpZkBG3rHiWVrpes6H3TiOW9x17ifHE2-XciMS6j-7PFg42ynJUQ7LwJDV69OcAvo6fO4hTT8-iRaEaCThlXD6X0LG3SJPJRr1eyeWj1UTr4eWDpVGXgB-BGY2XHGlULeK3ToqfYhBZyD4w_dtVCZTmUz6pItQkE1lrbM2YtLW7CK7Nni2UlgsBFYO48MuGqGiyj0hx3TT5n0RbzZqT5Nnz8JP-SOx5hxe5uguDXJnbqqx1zlhOfmzgskPJ9zG3UNZ66UKUoZAhcJwsh2HGeE1xetG-MH3h_bTJgxpC7oluDWwftTffgZMl2Foy5BhxR07p671lgy0FgS9JNvXgMjYS6kQ_cU7MTKG1DwZrJ36MrEr65udiCo4w3u6MrLOYPCkV15iuBv2s6xNLO6-94Qr26oK294MgviYiCW4A_s51U8PPGZXNfQyaksQo3kGMd4NpkDwnoEsUijhciGCLjfFdKosse3AD8L39_HhXwRQUGEW-nwMAwuAnsCq6XFsggq0ub-SQxzIIWynB11REGfMmHDeHyAYqqxgZve0eIy6m8I-aOdu2ftQ_wifjpBlYuJ7JnGoPQPtw-9_zS06T1kvFsItVeMwenCAGKNFsJwas96-eznXr53T0wpg7cZvBFEdlyZ_gbQTGnXao5KRKmJlAMEzckmUYpSd76fgY_b_RQI8n3Dc_KlnodzCbp_Fi4DZJm6ywhmWuX-bUHczxycVlkqM4CLHH1Ye6QHx8M842WIA-9kSjbYgX58tKCB-o4SbEo3wj4ppWEDqVBokT4s0pOrRQjMVOyJmCogKajwsnBVf5IWj8VD-Y_2Cz0ghU2l3HwvHp1d6x3oS0siIxoWuVDL2rPpRTrwypHyk3-e9jibRSCQk7pLqtejJ5SQsuQ56MK6EYf4n_hM_EwE21XYAoOKsZCsy66G1TDkgJ5_cnRtxcbzA2VjsVvvY982LNdhIZU1xSyF-Mooe2wr7XiGCWGQR_A4RdxSLCVOaJmxgaDOfy7LzzeGakB7TJxBPUPCyALTQ0YQfiiMrX07UlBs_MDluMO9pA0tq09UtAN49C5vu5mhYo0hn1XxzaDM1Hx7E--uiJLoR3PkIXfceRZGkPgAXES7ko7mLvka25HYCgnkALDn4mA7WdJY1-WZoMGEkLtF-yuRLdUw9ZYsYzYVSqcW8-ShtrkC7WQPerbfTWmWEaICLQX4DldDGM3MtyKdtb7vabQ_3P4SOMqyW76_-AeoZkGNZ7YGB8chXLVzM-qNZwWGt7DQUm-USu2gmS43HqP3xNN3f7_2Sr0uS_hVdr3LsvZVW1IemfmQjG9qcPrAUoPNwHWSLN-nCM_I4Ysg73BZc5drVd4unTyb-VrTWCgjTSGqNNfLHQbWsdStL7AHmwmNIZrqeel0XhMWRNjPJUetizQc30QcAh2GvQqbU5NPjcU78y21oMVfM-Wb6Zel58g19xE6X42Nytj8EFlmIGFo7XR09PflorD3KRguFIDIC3DxPXqh5r34kh_l6iJpW3eNuJEbbB_I9Win7mzRHD-gMRIiSM-9eMQGMjPNfCHHQclh-mJgxwbsAIzgquESt5dntvJaDsinEIXmI8vX11XgoF3ASkH7rqeiCkYg6zUJrSwx4k9VEGRzEDjZ8xXVd_kIJUfP6soqTf3CWTVWXH19FCCjYpJuFOdLFfxSNeo6agK-nYloNJJkw9XNC7848cbBwAkfX3PQhECmNTUqlI4_q1s4Tx6JI0yat8FCqOwk1Sk0VjRushNfhi9B9Ii2pGVE3JyjSXO-VOmGunVohurmjHqHPgjucrWzA281dy560-qJLI_lLXatnH2Q0UH7N02LxCmuDmlJJK03on2KqClRIJk7p7pNCzlKl0wGS6t9XGqiFLztuGzBRISnvUsyjpW_BHsM_zCj-H5MZe8H95-Ou8qCfp8I_IPSGYYN5rRrY7xj1EnKyP90bgqWp9lqrZziDIuE_ivpWK7wV44pLO_sid0i05i2xJTA2HXUO-odWs5HO7Ah6AlBd5CwonAtim8YcXzZ89gefeZ94J4ZCIiuJTfo_BFB4jl4ibcA9hEi0Mx0iQZ4J-nPzKKZ4p1drQ1ipCKitBfvMwjYMDGmw5xhrX383BFMUaGOt2zwMsUzJ3FMMgsQvSvbO1ZSQbis_hbcNvZPOjo7nHmfxjjL0i_1Z_nQ6QTkZGDlLyrb8IvFxiIQVVq-nmYxGAmD9I6C65GPP2KksvsSaNnuuu2oQX0ZkvEuOEOxgwKBZ1Hfq1ErTuPNcYPDDWJt-Mlh3zpebR9vOfni7tt59BMR4C8GT46-I8k6JM3mmH7r0zaKXHfq3gMxBjAR5W0YnDbvPUwH6icS8SJdmPEXAA2K5A4R2vb2xdV4yHzvaggAfXKh3u_UMz20l2LI44ryVLx4PrdtPHQZQHohABvdd9Nb_V4JitGl72H1jWr3dS3tm1OtDQTDfjhG5ut4I7fM0iiCJ891F0se0bgtQH4Nf8WyUgs397ESdkdgKJSDve94RFnQylAzzw-YwBWg-6JfIPQJohRFdM-uVfqkqLlZ79pryh5dISoXZF3ldN9dlqrHxHdEHxea0RzU75PTdkfpeyCDxLgJzLwAst5QjVSrKIIO5SFMaKWiZuH7asDPFmpLnj_ToE_gdmtRUJFt9X4zT3So_Ev1LoNGa7TRd7HeZnXRJbsryxwgpwvv0AgM7zfCyoyQonAg4PeR7xT-J2X5RNKqv9Dqo2i_SeSqZ7TWF4eqZN0DTgLdT07doAzarVgIA952zNwG_jY7SoFZlgGmiO2pOF-eVOucF3W6t-V4ecZ_Q14K3678ilTlezw1COZi7uR81CqKXONm3KvcgDRfuRbsJ3x8s34MPEyYm60ebe90Q4nlq-A5UyZoMQYYH9BfBtNZvEwWroEl8MtDOchDGfge4-5IY4oNB6cRpAbIDBR8svJJ9VCw-WxrtA3DFfiVPixUdgWYdX0cVA0ANy_LqYIlZ9IFo8swcUmn9KrRSx5FWW6IUg HTTP 307
  • https://linkprotect.cudasvc.com/url?a=trk.klclick3.com%2fls%2fclick%3fupn%3du001.dtwVv1Ru50yD1xohsam-2FjKNGoL0STJFjHtGd93vEL2zaahEP1uFFEZmjUugdDdAQBnyaWc-2Bj6n4B2xc-2FDOE2upDfrCmCcTMj01aiKJBfSe93Ov-2BXgDjklyEzObUVIbpo64vo1mcFPuuO-2BXrNipAijg-3D-3DIOc7_5XISM4t410aTfJfADooI-2FCdwNBrNlqWfOwGnQovgfhjqqODihHqe8FZba-2Fyt4jQKFmAiTUZoNLBLcD8u5Za-2Bz0d2FoAGP9lvxEHQjlqyF91sjyoIAPF5dRrfHhjLFHwcEbAc0rW2ISfwpEE-2B4rG6BJydHPeyOVTMF42mIBQaJzgFPZcQZqhgLo-2FGdGTrlzcg2oEICLE-2BnM-2Bx9QMopvKfBuIrUaTLes91hCgP3hyec5J-2F3Mj5jOs8cywXi6hGHgaF65X9bXFfkV9QEOwX5g4qF3aFoqhzLjguIdcJ-2FLjBgD0hKwkK58SITs-2FTpeMzQAD1fcK1IC8k7ug1Jxsp-2BhRuh14RjkB4lPbUNnsDzRsMKyDaDQ-2Fp5uN4qogepmysSarnWGjyJGclQhKEEoisPkW8dC9gXlgibjpwzE12Mh8o0cpmgUB7RKp-2Bl7YDTm15qnDseeyPH4Dfj68Bnf2wcaa36w-3D-3D&c=E,1,MSOB6uWJ5UBxbOd4DEzEOyyoag2OWkTJmnt8krYuv54UibC__pbV5fx_xX2GwyS2JYOTPOf7z7My2v88k7Vd6ApG3VSFdniMcp1fo2lVwQIo4jD0jwTijNDu8So,&typo=1= HTTP 302
  • http://trk.klclick3.com/ls/click?upn=u001.dtwVv1Ru50yD1xohsam-2FjKNGoL0STJFjHtGd93vEL2zaahEP1uFFEZmjUugdDdAQBnyaWc-2Bj6n4B2xc-2FDOE2upDfrCmCcTMj01aiKJBfSe93Ov-2BXgDjklyEzObUVIbpo64vo1mcFPuuO-2BXrNipAijg-3D-3DIOc7_5XISM4t410aTfJfADooI-2FCdwNBrNlqWfOwGnQovgfhjqqODihHqe8FZba-2Fyt4jQKFmAiTUZoNLBLcD8u5Za-2Bz0d2FoAGP9lvxEHQjlqyF91sjyoIAPF5dRrfHhjLFHwcEbAc0rW2ISfwpEE-2B4rG6BJydHPeyOVTMF42mIBQaJzgFPZcQZqhgLo-2FGdGTrlzcg2oEICLE-2BnM-2Bx9QMopvKfBuIrUaTLes91hCgP3hyec5J-2F3Mj5jOs8cywXi6hGHgaF65X9bXFfkV9QEOwX5g4qF3aFoqhzLjguIdcJ-2FLjBgD0hKwkK58SITs-2FTpeMzQAD1fcK1IC8k7ug1Jxsp-2BhRuh14RjkB4lPbUNnsDzRsMKyDaDQ-2Fp5uN4qogepmysSarnWGjyJGclQhKEEoisPkW8dC9gXlgibjpwzE12Mh8o0cpmgUB7RKp-2Bl7YDTm15qnDseeyPH4Dfj68Bnf2wcaa36w-3D-3D HTTP 307
  • https://trk.klclick3.com/ls/click?upn=u001.dtwVv1Ru50yD1xohsam-2FjKNGoL0STJFjHtGd93vEL2zaahEP1uFFEZmjUugdDdAQBnyaWc-2Bj6n4B2xc-2FDOE2upDfrCmCcTMj01aiKJBfSe93Ov-2BXgDjklyEzObUVIbpo64vo1mcFPuuO-2BXrNipAijg-3D-3DIOc7_5XISM4t410aTfJfADooI-2FCdwNBrNlqWfOwGnQovgfhjqqODihHqe8FZba-2Fyt4jQKFmAiTUZoNLBLcD8u5Za-2Bz0d2FoAGP9lvxEHQjlqyF91sjyoIAPF5dRrfHhjLFHwcEbAc0rW2ISfwpEE-2B4rG6BJydHPeyOVTMF42mIBQaJzgFPZcQZqhgLo-2FGdGTrlzcg2oEICLE-2BnM-2Bx9QMopvKfBuIrUaTLes91hCgP3hyec5J-2F3Mj5jOs8cywXi6hGHgaF65X9bXFfkV9QEOwX5g4qF3aFoqhzLjguIdcJ-2FLjBgD0hKwkK58SITs-2FTpeMzQAD1fcK1IC8k7ug1Jxsp-2BhRuh14RjkB4lPbUNnsDzRsMKyDaDQ-2Fp5uN4qogepmysSarnWGjyJGclQhKEEoisPkW8dC9gXlgibjpwzE12Mh8o0cpmgUB7RKp-2Bl7YDTm15qnDseeyPH4Dfj68Bnf2wcaa36w-3D-3D HTTP 302
  • https://lonestarconsultinginc.com/sync/?_kx=tppKePnOXO2XhnuftvBU1fThXRdQa6-KpecS0GEWRPw.YeGNPs
Request Chain 1
  • https://www.ifuna.org/Sync HTTP 301
  • https://www.ifuna.org/Sync/
Request Chain 2
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/7a55c9ccbaaa/api.js

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
lonestarconsultinginc.com/sync/
Redirect Chain
  • https://url.us.m.mimecastprotect.com/s/nkHXCxkmlkT10JOpoU7dxcm?domain=linkprotect.cudasvc.com
  • https://url.us.m.mimecastprotect.com/r/dbiDHaWlnkbIr-7HtuTvXUfRopJVhW-yft6h1Au-06bcxvGMsodsqdAE9KQdHvFrtljl_EP81GgZIPU_6oMBAnYc04d-QUtV_9XecuEp4bg8X-JZk3PX_84oDlHAHEOCxKtmBuUrfYioKFgkR5OG1qQzB-DRbS...
  • https://linkprotect.cudasvc.com/url?a=trk.klclick3.com%2fls%2fclick%3fupn%3du001.dtwVv1Ru50yD1xohsam-2FjKNGoL0STJFjHtGd93vEL2zaahEP1uFFEZmjUugdDdAQBnyaWc-2Bj6n4B2xc-2FDOE2upDfrCmCcTMj01aiKJBfSe93Ov...
  • http://trk.klclick3.com/ls/click?upn=u001.dtwVv1Ru50yD1xohsam-2FjKNGoL0STJFjHtGd93vEL2zaahEP1uFFEZmjUugdDdAQBnyaWc-2Bj6n4B2xc-2FDOE2upDfrCmCcTMj01aiKJBfSe93Ov-2BXgDjklyEzObUVIbpo64vo1mcFPuuO-2BXrNi...
  • https://trk.klclick3.com/ls/click?upn=u001.dtwVv1Ru50yD1xohsam-2FjKNGoL0STJFjHtGd93vEL2zaahEP1uFFEZmjUugdDdAQBnyaWc-2Bj6n4B2xc-2FDOE2upDfrCmCcTMj01aiKJBfSe93Ov-2BXgDjklyEzObUVIbpo64vo1mcFPuuO-2BXrN...
  • https://lonestarconsultinginc.com/sync/?_kx=tppKePnOXO2XhnuftvBU1fThXRdQa6-KpecS0GEWRPw.YeGNPs
30 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lonestarconsultinginc.com/sync/?_kx=tppKePnOXO2XhnuftvBU1fThXRdQa6-KpecS0GEWRPw.YeGNPs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.231.93.78 , United States, ASN29757 (WEBLINE19, US),
Reverse DNS
lonestarconsultinginc.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
31177
Content-Type
text/html
Date
Fri, 12 Jul 2024 13:48:14 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Tue, 09 Jul 2024 17:37:29 GMT
Server
Apache

Redirect headers

content-length
117
content-type
text/html; charset=utf-8
date
Fri, 12 Jul 2024 13:48:13 GMT
location
https://lonestarconsultinginc.com/sync/?_kx=tppKePnOXO2XhnuftvBU1fThXRdQa6-KpecS0GEWRPw.YeGNPs
server
nginx
via
1.1 181a665d1a0b3047b4fa647eeabfb330.cloudfront.net (CloudFront)
x-amz-cf-id
3Vi1dI1HBmnDjlSB4nLmf1ZK26XthE24sDN4Vijopafs1PSbRi-tXQ==
x-amz-cf-pop
IAD55-P3
x-cache
Miss from cloudfront
x-robots-tag
noindex, nofollow
/
www.ifuna.org/Sync/
Redirect Chain
  • https://www.ifuna.org/Sync
  • https://www.ifuna.org/Sync/
32 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ifuna.org/Sync/
Requested by
Host: lonestarconsultinginc.com
URL: https://lonestarconsultinginc.com/sync/?_kx=tppKePnOXO2XhnuftvBU1fThXRdQa6-KpecS0GEWRPw.YeGNPs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.35.74 Grenoble, France, ASN16276 (OVH, FR),
Reverse DNS
service.franceservers.org
Software
LiteSpeed / PHP/8.1.13
Resource Hash
54a97d2f29a08754204123d2e1578440e29fee61175085bed4949f2691ffedb0

Request headers

Referer
https://lonestarconsultinginc.com/sync/?_kx=tppKePnOXO2XhnuftvBU1fThXRdQa6-KpecS0GEWRPw.YeGNPs#c2hlcHBhcmRAcGVubnRydXN0LmNvbQ==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-length
10792
content-type
text/html; charset=UTF-8
date
Fri, 12 Jul 2024 13:48:16 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/8.1.13

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
707
content-type
text/html
date
Fri, 12 Jul 2024 13:48:16 GMT
location
https://www.ifuna.org/Sync/
server
LiteSpeed
Primary Request /
53beff18.34277800203c50a21cf06992.workers.dev/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://53beff18.34277800203c50a21cf06992.workers.dev/?email=sheppard@penntrust.com
Requested by
Host: www.ifuna.org
URL: https://www.ifuna.org/Sync/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:190c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca28706eabdfd2c4ab9911a466398baeafac658484477ff5c735a90945eb5c3f

Request headers

Referer
https://www.ifuna.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
8a217d6dcfa3103d-LAX
content-encoding
br
content-type
text/html
date
Fri, 12 Jul 2024 13:48:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vFM6akwSwKXHkP4hMVmwB0LO0Kzi%2Fvh2z7cgsKd9tdgEMUa2gxhLLAMi92fJ5ZgvO%2B%2FA7nwigxCarLVSJmcXDB1zBRI8oF6rrXdcwapxKkOL%2F%2FzNhniU5iZcNLGTVf0wkkFfcllOiI8ZawD81J2DT6W3C%2FTlzpxWbG9mhOo820syYuROIxNOoy4VE2g%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
api.js
challenges.cloudflare.com/turnstile/v0/g/7a55c9ccbaaa/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
  • https://challenges.cloudflare.com/turnstile/v0/g/7a55c9ccbaaa/api.js
43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/7a55c9ccbaaa/api.js
Requested by
Host: 53beff18.34277800203c50a21cf06992.workers.dev
URL: https://53beff18.34277800203c50a21cf06992.workers.dev/?email=sheppard@penntrust.com
Protocol
H3
Server
104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de7d1e230009b19b7bbef1d1b1a7bea78e8ae39f428eb1bde0e84f0a2119fc8a

Request headers

Referer
https://53beff18.34277800203c50a21cf06992.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 13:48:17 GMT
content-encoding
br
last-modified
Wed, 10 Jul 2024 18:24:02 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8a217d70fde52344-SJC
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 12 Jul 2024 13:48:17 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/g/7a55c9ccbaaa/api.js
cache-control
max-age=300, public
cross-origin-resource-policy
cross-origin
cf-ray
8a217d706d482344-SJC
alt-svc
h3=":443"; ma=86400
content-length
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m3qj0/0x4AAAAAAAe8EPAEXpfthv_Z/auto/fbE/normal/auto/ Frame 8DFE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/m3qj0/0x4AAAAAAAe8EPAEXpfthv_Z/auto/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://53beff18.34277800203c50a21cf06992.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8a217d729ebc15fd-SJC
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jul 2024 13:48:17 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
favicon.ico
53beff18.34277800203c50a21cf06992.workers.dev/ 		6 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://53beff18.34277800203c50a21cf06992.workers.dev/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:190c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c3724f2be4c767c784dd09df528bcaba4f3c1d6ae99a05d414eab71f8ced34e

Request headers

Referer
https://53beff18.34277800203c50a21cf06992.workers.dev/?email=sheppard@penntrust.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 12 Jul 2024 13:48:18 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2IDwRuv%2FPuyDoryco3rlftB5GZy4ra%2Bc2b8gbiBiKfd8DAIQ9DYVose9sDfEHFJpPjkws0AnfbuG41AcVoLBzA5ezM2mXttg0BBkJzcJkVeQlK%2BzL8J2Z7UXlC%2BeOwOICLeIhzjTFJ5Wjy%2BHp6soQAyTP3UZxvfwu1FUw51joga3tNjBNo252xvcans%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
8a217d76ba76103d-LAX
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| verifyCallback_CF function| hh2 function| Encrypt function| sendRequest function| onloadTurnstileCallback object| turnstile

0 Cookies