urlscan.io logo urlscan.io
SecurityTrails logo

rfp.jekinlowo.com Open in urlscan Pro
172.67.184.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://url.us.m.mimecastprotect.com/s/of2mCn5Pz5c79PM63H94LQk?domain=us-west-2.protection.sophos.com
Effective URL: https://rfp.jekinlowo.com/
Submission: On May 28 via manual from IN — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 11 HTTP transactions. The main IP is 172.67.184.2, located in United States and belongs to CLOUDFLARENET, US. The main domain is rfp.jekinlowo.com.
TLS certificate: Issued by GTS CA 1P5 on May 27th 2024. Valid for: 3 months.
This is the only time rfp.jekinlowo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 205.139.111.113 30031 (MIMECAST-)
1 1 18.165.83.15 16509 (AMAZON-02)
2 69.49.245.172 19871 (NETWORK-S...)
5 172.67.184.2 13335 (CLOUDFLAR...)
2 104.17.3.184 13335 (CLOUDFLAR...)
11 4
2    205.139.111.113 (United States)

ASN30031 (MIMECAST-, US)
PTR: us-api.mimecast.com
url.us.m.mimecastprotect.com
1    18.165.83.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-15.iad55.r.cloudfront.net
us-west-2.protection.sophos.com
2    69.49.245.172 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 69-49-245-172.webhostbox.net
theavengersgroup.com
5    172.67.184.2 (United States)

ASN13335 (CLOUDFLARENET, US)
rfp.jekinlowo.com
2    104.17.3.184 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
5 jekinlowo.com
rfp.jekinlowo.com
151 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4500
14 KB
2 theavengersgroup.com
theavengersgroup.com
746 B
2 mimecastprotect.com
url.us.m.mimecastprotect.com — Cisco Umbrella Rank: 11045
3 KB
1 sophos.com
us-west-2.protection.sophos.com — Cisco Umbrella Rank: 117085
433 B
11 5
Domain Requested by
5 rfp.jekinlowo.com rfp.jekinlowo.com
2 challenges.cloudflare.com rfp.jekinlowo.com
challenges.cloudflare.com
2 theavengersgroup.com
2 url.us.m.mimecastprotect.com 2 redirects
1 us-west-2.protection.sophos.com 1 redirects
11 5

This site contains no links.

Subject Issuer Validity Valid
webmail.theavengersgroup.com
R3		 2024-05-26 -
2024-08-24		 3 months crt.sh
jekinlowo.com
GTS CA 1P5		 2024-05-27 -
2024-08-25		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://rfp.jekinlowo.com/
Frame ID: A612D48C48F278B62B3A52D5B4BE3604
Requests: 10 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/f6xld/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: CA39EB3A289560120FED7DC37BE35C2B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://rfp.jekinlowo.com/ HTTP 307
    https://rfp.jekinlowo.com/ Page URL

Page Statistics

11
Requests

82 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

166 kB
Transfer

494 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rfp.jekinlowo.com/ HTTP 307
    https://rfp.jekinlowo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://url.us.m.mimecastprotect.com/s/of2mCn5Pz5c79PM63H94LQk?domain=us-west-2.protection.sophos.com HTTP 307
  • https://url.us.m.mimecastprotect.com/r/3tX1JERH9ImGLIL7kGGeLu-hDnwrdWRiuAAToBQMLGPQ88wktP9bZV4A2qCHHt9U5YFSFq04OMHFC97G9NZA9ihUB0CNtD1HqUJSRTS8bYkcAFP8_w49yy2of1WojtWCBj6gvRbrIqwf0y6SXf-nOdufBOnq6hxsXx6VFOOQXVIgeW2tRwP1ZRXx_fm-3oLlmcqSOOplubC28arREazyuaxZdc-LTR4yBhNxRoobBiX6C7CHFAnwuDv-GiBYwigmMTxVdecZmyBNQCVdmKhgjeOj-Ue6-z11VyOW5u4F89hudl9oQJ-3ojXYVWlx-iCcUY45OoBDhNSXBnJ-x9kJjmB0lEYvQ2jcfY7tlPtkEYtmpdfescrgbaTT0193Nj9AMvWZGVsDPSSVZH4sSbtKPGefm0suRF-eZqNk8X8-JsZIg6iNY6d-_QZb-3fGx_1SDsLok4MEkxLiidV3Umz91EqNZPUld2uufkCSDTQbCVoS4VBzqS5aTDbL929c5ztKEVTUy8jNPq6jvevtPpu_3TGp-ppOfdSZ4sZeSTBVnSLpeSgszb-8avs64u2wPpMmFNr3QeW6ySwylNKyhW6Zp_wzn1D_kKYN6b3FdxO8a0KwLJsn6R5y2vfhM8J-z9evtEjO7CCP3U1XWni0oKroI81-FvREVhoi-GdwwoNbq2sVaZESQ9lhxrzBrYvCXYGnmghKwiwh5UFeufijt_BcQFA8xiRJ1R2DIEu7nwn5_1E9P-C-JVMihUbpzLpJ6qbWGuNzJVb_TD7UIB5G-VTgYyZCpR0Qr4PTZro1ilhsGB0PzTJZuL94epmq8P7YaafDtcWciQruCbfu1Nai4G1ljNlfesjHP4yHc-XYvkwD-vz1bANN1Nl8aOUYHFeNPt_sfe6lJ9lzYBYPAc66kGFSYrR3IdRqEIBDlmNzRMNQMUmxXfheiuLL1fJ6J-joxCa3BebPn3GSzAwyqHAVUBUZxqD0aPk674TxiuQvNlaRhWesml4Y-Fke0Yyr6UOOIjk8uei098C-YOcfV6C19XdGg7GfN7O2OeICxEIjPTVluJniAJZQyxLrQ67hdx40cBYubhyB8o5icVztHuQvbootSFFAekRcEO-940IOzqxWJn44Sb3Sqr5UD19mbLas_XL34pTCOsIXqMZ8DGOUNLuLGsM8NzEqKOYRqPPaEZLkrJb4oy3avQMMvjPTWloGxNv33VfTFlDsTSLcy9N41j1l9OXvUkjEZNHVOCwNGBkotOrHBFJG-Mb0z7yck5l5BYUajG-7xFn76DylFTdg_WCz-XoQz9YLSF_oimJk8seC4JfSKTzBWAH4tKMQBTAxGH4l8f38KpjH7xw-qOFji9wAxEhwT7Ne6vxALyhtNeNpdlkElH-vGMOmHbSHB6dUh3_58lzq5IR9InEYd1tqGLo3GoRGmZ902TfHSrvbFNXRG4dZAhdh0dQ7FRt_R_BewKj9vtN4cyDhkQTYRhUFLlA4VsJpq7tuhTZzIE5TYZMzS0qETDlhCYTr706ZFcIi7HirikOziw_xNLNzBZpD2FxvIyLXHg20Layx4rLBD5dQpAl4LybVhWJEKkqKOZIs64bfXn8FQMwMIZLy2hsORuJ-pljitL8vLUBzQ8_CRu5b-1K3tXUPhNp03RrWT_PqfbsNeHu3E8DJnZYO-4fUBTZHJhvTuyXZ93i0ngbCfz1kQ96TzhyPjHBOn1ea-1kNvfW-9LL_RJj7NFQ3rQ_35gBEmUknun26R4zITSDfLIHYkrLhyc8lORsd2Sbsk8a-JdnlI0bgbMjcappgOIAAlexywrKuleKFWAZ5vNRh9cN4a3_SDTDQbb2Gt2WeoEC-kIi0v7BE3fDjrwAWmuVAaUlRNzA1lDawcFpGxOG0oGkHG96u8iTdP0p5DBoyyWLAjzaNKenVujmozN33i8F7EV1YFkV6_Bhsw6WrNnHDxA_8rvCuchslOZTwHQWvYM1BUm0sgpx-DQ3Pz_HMETJNo0dOGi5r45eZHQccMTPWQZmyG9yGhCYZzLfV1J6gda4aHuzHZG45kCdvByZnLZGn8l8-O0BqDUvY513FONz2crfxIGlKRcI0nhcch8oU_a0jVvPRmTM0k0chMDLMJs84-iN9nTYCDkMAqm7Zkj3ILZvkySTsTwj9S-Kqo3ePYDapXM76DrRcxAQJerYjPzKombMIWA HTTP 307
  • https://us-west-2.protection.sophos.com/?d=theavengersgroup.com&u=aHR0cHM6Ly90aGVhdmVuZ2Vyc2dyb3VwLmNvbS9zL2gvaw==&p=m&i=NjRhNWEwOTRmZjk5Mjg2Y2Y4N2Q4ZDFh&t=dzlkeCtNQUdwNGovRmdDTlFxMngyV0ZESG5BaWpoaHlKVzhEYlhzbHdMdz0=&h=221461201ee74398896b04f8f229befc&s=AVNPUEhUT0NFTkNSWVBUSVYgOeduo9UTN3JOjAwCv8bpNP-swGXkY9Qx6AiQJh_GsQ HTTP 302
  • https://theavengersgroup.com/s/h/k

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
k
theavengersgroup.com/s/h/
Redirect Chain
  • https://url.us.m.mimecastprotect.com/s/of2mCn5Pz5c79PM63H94LQk?domain=us-west-2.protection.sophos.com
  • https://url.us.m.mimecastprotect.com/r/3tX1JERH9ImGLIL7kGGeLu-hDnwrdWRiuAAToBQMLGPQ88wktP9bZV4A2qCHHt9U5YFSFq04OMHFC97G9NZA9ihUB0CNtD1HqUJSRTS8bYkcAFP8_w49yy2of1WojtWCBj6gvRbrIqwf0y6SXf-nOdufBOnq6h...
  • https://us-west-2.protection.sophos.com/?d=theavengersgroup.com&u=aHR0cHM6Ly90aGVhdmVuZ2Vyc2dyb3VwLmNvbS9zL2gvaw==&p=m&i=NjRhNWEwOTRmZjk5Mjg2Y2Y4N2Q4ZDFh&t=dzlkeCtNQUdwNGovRmdDTlFxMngyV0ZESG5BaWpoa...
  • https://theavengersgroup.com/s/h/k
0
231 B 		Document
General
Check archive.org
Download Go to
Full URL
https://theavengersgroup.com/s/h/k
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
69.49.245.172 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
69-49-245-172.webhostbox.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 28 May 2024 16:25:29 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
refresh
0;url=https://rfp.jekinlowo.com#k

Redirect headers

content-length
0
content-type
text/html
date
Tue, 28 May 2024 16:25:30 GMT
location
https://theavengersgroup.com/s/h/k
referrer-policy
no-referrer
via
1.1 0ed062928320c9569a09db8a928795e4.cloudfront.net (CloudFront)
x-amz-apigw-id
YfXLJFmfPHcEXaw=
x-amz-cf-id
dlBjGH3sGUt9W8WF05DORJBpOG9iIGORUZSCcuZ9HcDsSx_JQhXVmQ==
x-amz-cf-pop
IAD55-P3
x-amzn-requestid
90e7f7c2-ae47-4f88-a39c-d24437b20d22
x-amzn-trace-id
Root=1-6656057a-1df97b1f66f891e3689e7e76;Parent=59e9aafd5042d98f;Sampled=0;lineage=b506645d:0
x-cache
Miss from cloudfront
x-robots-tag
noindex, nofollow
Primary Request /
rfp.jekinlowo.com/
Redirect Chain
  • https://rfp.jekinlowo.com/
  • https://rfp.jekinlowo.com/
15 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rfp.jekinlowo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47858149c9a0bf48b47a2133b96a47989721a16be38be0816831e4ffe3d7393a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://theavengersgroup.com/s/h/k
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
LS8l7/i9WloweujwJ6k7+tydRx6JVIsQXosAVryLwswCw5E5n5S3vM9EgW6MM8YbLBTYL3U1MQ/q2kh8OIVjtS3QcCeordCd5KT80aL6gftgiKW7U7O87LB9KHG1e7gxb/SRSUKE6vLhe8nHRjOoug==$ayHvLkH102V8JtOtQ75fAw==
cf-mitigated
challenge
cf-ray
88af99deaf3ba524-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 28 May 2024 16:25:30 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LN0SvfQtkQ%2F68uuyytY4ngJyLDw5FgNlgmtQ1fLBpogmJ5%2F1Ege4L8r9sJDs1nFzFCKL7ZI6Bjx4WwdBurS7TW78qi2wyi0AkML%2BDi10lSN4HM8sdom03v5%2Fs3QAYoDrEUoUOg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://rfp.jekinlowo.com/#k
favicon.ico
theavengersgroup.com/ 		315 B
515 B 		Other
General
Check archive.org
Download Go to
Full URL
https://theavengersgroup.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
69.49.245.172 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
69-49-245-172.webhostbox.net
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://theavengersgroup.com/s/h/k
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 28 May 2024 16:25:29 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
v1
rfp.jekinlowo.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		390 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rfp.jekinlowo.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=88af99deaf3ba524
Requested by
Host: rfp.jekinlowo.com
URL: https://rfp.jekinlowo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbff5683ccd1b878d827588de00433ea28d078649dc7a97daa09b7918255d20d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"125.0.6422.112"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://rfp.jekinlowo.com/?__cf_chl_rt_tk=7u1yh3Uo2WOzPDfZqMs2avl75JWT9oPkmRwzMiNzxGA-1716913530-0.0.1.1-1557
sec-ch-ua-full-version-list
"Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 16:25:30 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oYbWRmrK0E5s0WMy%2BjEaCetfBoVC8eKU6px8YNveGpRJfc6K1wluQGMAdmYyyhm5SLah5Dvo%2BpmrZjdUC7PxsJoovxlZsgvMX%2BWDTK8Z2vzMU9RmUoVsczj9MZ87mtUwHVOxkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
88af99df3ffaa524-MIA
alt-svc
h3=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/b/695da7821231/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/695da7821231/api.js?onload=gayxv3&render=explicit
Requested by
Host: rfp.jekinlowo.com
URL: https://rfp.jekinlowo.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=88af99deaf3ba524
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e158035a6f740b0245a027bf0d559c56782ebbeec7cab5a827083bd16aa47901

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://rfp.jekinlowo.com
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 16:25:30 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800, public
cross-origin-resource-policy
cross-origin
cf-ray
88af99e099a0d9f1-MIA
alt-svc
h3=":443"; ma=86400
favicon.ico
rfp.jekinlowo.com/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rfp.jekinlowo.com/favicon.ico
Requested by
Host: rfp.jekinlowo.com
URL: https://rfp.jekinlowo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbdbdb443e626d1193c909027fff39a6f708d5e3a7cc0cc5e06653a99af60c71
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"125.0.6422.112"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://rfp.jekinlowo.com/
sec-ch-ua-full-version-list
"Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 16:25:30 GMT
content-encoding
br
x-content-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
cf-chl-out
zXWSYTaLhrsfxa0ohJ1Mu6ocAS3ycbwjwxvhA81rmOMobHeg237ppJdiIeENlOA4yBxfuSyV3mvWA0i3eLvPAuNsrjTR9txPG3+q1nLWtwgP6h2xHvMhGxmXNZ789wZvl5oWqA+PB5Vy1RtyJC5TUQ==$Ar54ZPrO3polWUrxhN+/Hg==
referrer-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rpcVMa%2BcnjhbTfFA4Ku%2FT4ENtawpGtpjSFlRFE8%2BVuO2pKvQlmiS8HknvJZo3Er4pp%2BdDLcxpCaNmDZOpk1uy8PkDDCdydSX1b7aeigNuAAJLKghCqy1hw6WMWzdpjE8qoOvQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
88af99e0698aa524-MIA
expires
Thu, 01 Jan 1970 00:00:01 GMT
949e1279-77c6-48ba-8589-16d657d68feb
https://rfp.jekinlowo.com/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://rfp.jekinlowo.com/949e1279-77c6-48ba-8589-16d657d68feb
Requested by
Host: rfp.jekinlowo.com
URL: https://rfp.jekinlowo.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://rfp.jekinlowo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
1cc37106e22c474
rfp.jekinlowo.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2024177619:1716910064:q-7-UXEfKKZJAb6VCgxiHS0FMXpzmQxwaWSCCO6B1j8/88af99deaf3ba524/ 		16 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rfp.jekinlowo.com/cdn-cgi/challenge-platform/h/b/flow/ov1/2024177619:1716910064:q-7-UXEfKKZJAb6VCgxiHS0FMXpzmQxwaWSCCO6B1j8/88af99deaf3ba524/1cc37106e22c474
Requested by
Host: rfp.jekinlowo.com
URL: https://rfp.jekinlowo.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=88af99deaf3ba524
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eaa49449c0cdf9a4a2662da363fae2df80f9d9f5ac10bb50095df3d2b20caec

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
Content-type
application/x-www-form-urlencoded
sec-ch-ua-full-version
"125.0.6422.112"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://rfp.jekinlowo.com/
sec-ch-ua-full-version-list
"Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
CF-Challenge
1cc37106e22c474
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 16:25:31 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FtTgW4VyCHJF7vPWvLRfZxjJu6auXftSwGddDunPa1GDs5lGWT6Fm1oaNqT6kAbXzmsgu0%2FKmhTFw7Dq%2FznifHwKa%2B9tvn%2BvajFdNDCYsjbgy8gXTD%2Fz3zyzOrRxUDtItoiqNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
88af99e11a72a524-MIA
alt-svc
h3=":443"; ma=86400
cf-chl-gen
RPYwMWa0t6zH9NVsqF4AlMC9iTgY3xss++xZtF7OziYGuDX1QqnnVzcCDS7W+EDP$RIHCtiW447aEVqloopPXJw==
favicon.ico
rfp.jekinlowo.com/ 		15 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://rfp.jekinlowo.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.184.2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4c8a43327804b414019afce3e18138145ddb23b5fb67ae9bb50969137f113d8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"125.0.6422.112"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://rfp.jekinlowo.com/
sec-ch-ua-full-version-list
"Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 16:25:31 GMT
content-encoding
br
x-content-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
cf-chl-out
ZwntWaI61QOGBUyRr/BS+1Fewg1CeHGaGfi1ow8JPJTVPi6Z1plbAMpGCms05NWvE+iIHO5MoGxXXI07NQp4r5pOrtL+UVnzbwS6Ne6bg1Lu3N6F1HyUsolrz3zywrXwxQgRtf1pIKGItBISrKz1NA==$9Xa7GrCpGFXvcNmRZxh/5Q==
referrer-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MlsOoaXv1PW1VLf3b2NadQQwCRgPBqAsZ6uSB7I7NFiczaZHX4mkpqMx0k1qsmMyRQNi5MyQ7rVYUGZfvl8bRI8g06f1YmplIcBzsNa7r8%2B4UdzuKIUNPXrrHvNqi%2FkHi3dqVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
88af99e11a74a524-MIA
expires
Thu, 01 Jan 1970 00:00:01 GMT
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/f6xld/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame CA39 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/f6xld/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/695da7821231/api.js?onload=gayxv3&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
88af99e219ae7483-MIA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 28 May 2024 16:25:31 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
f172f74b-d53a-4f54-9dd8-23c01c29b579
https://rfp.jekinlowo.com/ 		80 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://rfp.jekinlowo.com/f172f74b-d53a-4f54-9dd8-23c01c29b579
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3418640c1204265881221580b9d1554424f6ed49549d408da50c690ab29f400

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://rfp.jekinlowo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
80
Content-Type
text/javascript

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _cf_chl_opt function| BIbrJ0 function| hfeDJ2 function| rOvQ5 function| oXia4 object| QbEmX0 object| dSEMW3 function| gayxv3 boolean| JXhB6 function| QgHlK1 function| WjxD5 object| LXal2 number| aDLZZ3 object| angular object| turnstile boolean| trPbq3 string| AJKC1

0 Cookies

6 Console Messages

Source Level URL
Text
network error URL: https://theavengersgroup.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://rfp.jekinlowo.com/#k
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://rfp.jekinlowo.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://rfp.jekinlowo.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()