urlscan.io logo urlscan.io
SecurityTrails logo

0wsgy.ns-decoumnents.ru Open in urlscan Pro
2606:4700:20::681a:7f0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://brandequity.economictimes.indiatimes.com/etl.php?url=http%3A%2F%2F1132241834.altmooh-aljadeed.com.sa%2F.usu.edu%2F254779481%2F0gk37%2F%2F...
Effective URL: https://0wsgy.ns-decoumnents.ru/Mdominic.bria@usu.edu
Submission Tags: falconsandbox
Submission: On April 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 2606:4700:20::681a:7f0, located in United States and belongs to CLOUDFLARENET, US. The main domain is 0wsgy.ns-decoumnents.ru.
TLS certificate: Issued by GTS CA 1P5 on March 17th 2023. Valid for: 3 months.
This is the only time 0wsgy.ns-decoumnents.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
1 192.185.129.210 46606 (UNIFIEDLA...)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
1 5 2606:4700::68... 13335 (CLOUDFLAR...)
12 3
Apex Domain
Subdomains		 Transfer
7 ns-decoumnents.ru
0wsgy.ns-decoumnents.ru
128 KB
5 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5123
116 KB
2 indiatimes.com
brandequity.economictimes.indiatimes.com — Cisco Umbrella Rank: 678022
2 KB
1 altmooh-aljadeed.com.sa
1132241834.altmooh-aljadeed.com.sa
499 B
12 4
Domain Requested by
7 0wsgy.ns-decoumnents.ru 1132241834.altmooh-aljadeed.com.sa
0wsgy.ns-decoumnents.ru
5 challenges.cloudflare.com 1 redirects 0wsgy.ns-decoumnents.ru
challenges.cloudflare.com
2 brandequity.economictimes.indiatimes.com 2 redirects
1 1132241834.altmooh-aljadeed.com.sa
12 4

This site contains no links.

Subject Issuer Validity Valid
*.ns-decoumnents.ru
GTS CA 1P5		 2023-03-17 -
2023-06-15		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://0wsgy.ns-decoumnents.ru/Mdominic.bria@usu.edu
Frame ID: DBA5126ACF15E13B32C067750D0EE5F5
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/fjo4l/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 6B225300670CD36E91D71F4D55D0CE20
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading...

Page URL History Show full URLs

  1. https://brandequity.economictimes.indiatimes.com/etl.php?url=http%3A%2F%2F1132241834.altmooh-aljadeed.com.sa%2F.usu.edu%2F254... HTTP 302
    https://brandequity.economictimes.indiatimes.com/etlr.php?url=http%3A%2F%2F1132241834.altmooh-aljadeed.com.sa%2F.usu.edu%2F25... HTTP 302
    http://1132241834.altmooh-aljadeed.com.sa/.usu.edu/254779481/0gk37////dominic.bria@usu.edu/?utm_source=promotions&utm_... Page URL
  2. https://0wsgy.ns-decoumnents.ru/Mdominic.bria@usu.edu Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

12
Requests

83 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

245 kB
Transfer

562 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://brandequity.economictimes.indiatimes.com/etl.php?url=http%3A%2F%2F1132241834.altmooh-aljadeed.com.sa%2F.usu.edu%2F254779481%2F0gk37%2F%2F%2F%2Fdominic.bria%40usu.edu%2F HTTP 302
    https://brandequity.economictimes.indiatimes.com/etlr.php?url=http%3A%2F%2F1132241834.altmooh-aljadeed.com.sa%2F.usu.edu%2F254779481%2F0gk37%2F%2F%2F%2Fdominic.bria%40usu.edu%2F HTTP 302
    http://1132241834.altmooh-aljadeed.com.sa/.usu.edu/254779481/0gk37////dominic.bria@usu.edu/?utm_source=promotions&utm_medium=email&utm_campaign= Page URL
  2. https://0wsgy.ns-decoumnents.ru/Mdominic.bria@usu.edu Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://brandequity.economictimes.indiatimes.com/etl.php?url=http%3A%2F%2F1132241834.altmooh-aljadeed.com.sa%2F.usu.edu%2F254779481%2F0gk37%2F%2F%2F%2Fdominic.bria%40usu.edu%2F HTTP 302
  • https://brandequity.economictimes.indiatimes.com/etlr.php?url=http%3A%2F%2F1132241834.altmooh-aljadeed.com.sa%2F.usu.edu%2F254779481%2F0gk37%2F%2F%2F%2Fdominic.bria%40usu.edu%2F HTTP 302
  • http://1132241834.altmooh-aljadeed.com.sa/.usu.edu/254779481/0gk37////dominic.bria@usu.edu/?utm_source=promotions&utm_medium=email&utm_campaign=
Request Chain 3
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
1132241834.altmooh-aljadeed.com.sa/.usu.edu/254779481/0gk37////dominic.bria@usu.edu/
Redirect Chain
  • https://brandequity.economictimes.indiatimes.com/etl.php?url=http%3A%2F%2F1132241834.altmooh-aljadeed.com.sa%2F.usu.edu%2F254779481%2F0gk37%2F%2F%2F%2Fdominic.bria%40usu.edu%2F
  • https://brandequity.economictimes.indiatimes.com/etlr.php?url=http%3A%2F%2F1132241834.altmooh-aljadeed.com.sa%2F.usu.edu%2F254779481%2F0gk37%2F%2F%2F%2Fdominic.bria%40usu.edu%2F
  • http://1132241834.altmooh-aljadeed.com.sa/.usu.edu/254779481/0gk37////dominic.bria@usu.edu/?utm_source=promotions&utm_medium=email&utm_campaign=
191 B
499 B 		Document
General
Check archive.org
Download Go to
Full URL
http://1132241834.altmooh-aljadeed.com.sa/.usu.edu/254779481/0gk37////dominic.bria@usu.edu/?utm_source=promotions&utm_medium=email&utm_campaign=
Protocol
HTTP/1.1
Server
192.185.129.210 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-185-129-210.unifiedlayer.com
Software
Apache /
Resource Hash
a1682988c09b5efa3c3b2a531750dcf6080376547d89308a0945102d525eb4c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
172
Content-Type
text/html; charset=UTF-8
Date
Tue, 04 Apr 2023 18:06:29 GMT
Keep-Alive
timeout=5, max=75
Server
Apache
Upgrade
h2,h2c
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-language
en
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 04 Apr 2023 18:06:27 GMT
expires
Tue, 04 Apr 2023 18:06:27 GMT
location
http://1132241834.altmooh-aljadeed.com.sa/.usu.edu/254779481/0gk37////dominic.bria@usu.edu/?utm_source=promotions&utm_medium=email&utm_campaign=
pragma
no-cache
server
Bhoot
strict-transport-security
max-age=25920000; includeSubdomains
x-content-type-options
nosniff
x-cool
22.57
x-frame-options
sameorigin SAMEORIGIN
x-xss-protection
1; mode=block
Primary Request Mdominic.bria@usu.edu
0wsgy.ns-decoumnents.ru/ 		7 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0wsgy.ns-decoumnents.ru/Mdominic.bria@usu.edu
Requested by
Host: 1132241834.altmooh-aljadeed.com.sa
URL: http://1132241834.altmooh-aljadeed.com.sa/.usu.edu/254779481/0gk37////dominic.bria@usu.edu/?utm_source=promotions&utm_medium=email&utm_campaign=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e8a4767560be2ecf424bd8f7c0d7acea62c752f46b6704a21326cdc9310d113
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://1132241834.altmooh-aljadeed.com.sa/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7b2b7c539bba5caa-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 04 Apr 2023 18:06:30 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJsfOnyQT3eD1rKbbGwT0jRV90uZar8iRZs4HEERDLkBxzXhDu0S%2Bhd%2BqLoUf3%2F08ik0bnJm2wBcymUFtdXpZzNQP%2BZh7Jzpx8cUxoDUZyHw3nojF3skpFaGmC4eqqIUetEIfQYcKZfHN0cIuNUoGb0dlzpO"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
v1
0wsgy.ns-decoumnents.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ 		147 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0wsgy.ns-decoumnents.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7b2b7c539bba5caa
Requested by
Host: 0wsgy.ns-decoumnents.ru
URL: https://0wsgy.ns-decoumnents.ru/Mdominic.bria@usu.edu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f643989f3f711033d721b9f397d9b4afbadd02a2ff0610cadd1142bcf7ff5c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0wsgy.ns-decoumnents.ru/Mdominic.bria@usu.edu?__cf_chl_rt_tk=rymK.TIrU22UxE9HurPLD0SfiLHW1eXrhM_Tujbqly0-1680631590-0-gaNycGzNC3s
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 18:06:31 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=07yqpEzk4nOtJ1FYNYcxpQlF0wjcm4nvQPbwvNXBwCI92i6xQbBZwxqyRYC1NS%2B4H72o4jtW%2FbT%2BPZ0FpQR00dGfVbNXbD1eC48fxQre9qP7TlhJ%2BSf30EB6gjgCbbUSgIoCyo1dQ%2FoLXyoacCv3g0BdOdR%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7b2b7c53ec195caa-FRA
transparent.gif
0wsgy.ns-decoumnents.ru/cdn-cgi/images/trace/managed/js/ 		42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://0wsgy.ns-decoumnents.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7b2b7c539bba5caa
Requested by
Host: 0wsgy.ns-decoumnents.ru
URL: https://0wsgy.ns-decoumnents.ru/Mdominic.bria@usu.edu?__cf_chl_rt_tk=rymK.TIrU22UxE9HurPLD0SfiLHW1eXrhM_Tujbqly0-1680631590-0-gaNycGzNC3s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0wsgy.ns-decoumnents.ru/Mdominic.bria@usu.edu?__cf_chl_rt_tk=rymK.TIrU22UxE9HurPLD0SfiLHW1eXrhM_Tujbqly0-1680631590-0-gaNycGzNC3s
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 18:06:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 21 Mar 2023 12:30:57 GMT
server
cloudflare
etag
"6419a381-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7b2b7c53ec1b5caa-FRA
content-length
42
expires
Tue, 04 Apr 2023 20:06:31 GMT
api.js
challenges.cloudflare.com/turnstile/v0/b/c09a1a74/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit
14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: 0wsgy.ns-decoumnents.ru
URL: https://0wsgy.ns-decoumnents.ru/Mdominic.bria@usu.edu
Protocol
H2
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38065ca232356314bc86aad8e1b1ad253d7b20a16bc6387d01ab225c29e86490

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 18:06:31 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7b2b7c545bf69bb2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Tue, 04 Apr 2023 18:06:31 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control
max-age=300, public
cf-ray
7b2b7c544bc99bb2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
e855bcc29a01d5b
0wsgy.ns-decoumnents.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/2018363636:1680629382:NzZ0A6-p76x-_MnyzwiDgCwN9RThIFEab7mzIaM5Hhc/7b2b7c539bba5caa/ 		122 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0wsgy.ns-decoumnents.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/2018363636:1680629382:NzZ0A6-p76x-_MnyzwiDgCwN9RThIFEab7mzIaM5Hhc/7b2b7c539bba5caa/e855bcc29a01d5b
Requested by
Host: 0wsgy.ns-decoumnents.ru
URL: https://0wsgy.ns-decoumnents.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7b2b7c539bba5caa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
592bfbea3c7ff6b0abc519dc279a5801cf0a22a67584c2cd59bcaecda2a69b44

Request headers

Referer
https://0wsgy.ns-decoumnents.ru/Mdominic.bria@usu.edu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
CF-Challenge
e855bcc29a01d5b
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 04 Apr 2023 18:06:31 GMT
content-encoding
br
cf_chl_gen
Y7B7VuoCeKlJOuLpLLKc2ECdm12Pv5ke0Hwr0H7UpybSGr/VnC/OBTMQ0Vm+LellpQ0IjCaFxwUHc0Q59+P3sx8CFADPQ2dMUF1cxFyXGiyYeQyHw1e1AUV51QgSQxROMgObn2OWSU4dojE2ew0yEpM2SHvCqUYxMBtVobtsHZ3lpRl9SxEur9rVNAo8o3Qqwz6zKMGfukTyeDcvZakeZpTQPi2kzfZ+S2mpZKbBhZ6KbJwbvH2xfkaKxnNkMJUUAdwRfRqjPnf65hE3f0jf3apS+89ZFv1eU51hXmP3sKK12w5mDttOHpuWvN2Kd5kb0EpjJSD6VAwkwpemZhEMhFcypAebVwmIvj1VifUp6gegelWhrzi3NrouPQWAOqpLlPrkdmtrUXxr8zv1ag9PZDC0Wu8DPx+Pr0i/YlxT6IbE1sYEkZAZi0pGQA3V0VGu$RuLZuEL4gkukeawlWZY/Vw==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOqjWmYOuiKWiA%2Bi6KaxrbLyRB0%2FRlNigNEM64k4Sydrbh%2FpA8OZST%2FfTyq%2FnqCoP16SC3HwVbKILP3nEr2aL4OiNfcy6PLGfAlpuY%2Fw%2FSNz9FkW%2BV6RxWNVpjoYJ8prpyc7WOZw0PQ2p9VEo%2FIXRtQojXa5"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7b2b7c54cd855caa-FRA
5uKEqbr0mLpyKBk
0wsgy.ns-decoumnents.ru/cdn-cgi/challenge-platform/h/b/img/7b2b7c539bba5caa/1680631591178/ 		61 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://0wsgy.ns-decoumnents.ru/cdn-cgi/challenge-platform/h/b/img/7b2b7c539bba5caa/1680631591178/5uKEqbr0mLpyKBk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fef02bc984860b3227eeeec29aa7394f7385324e28f1d857b86c6f9c282dc0c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0wsgy.ns-decoumnents.ru/Mdominic.bria@usu.edu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 18:06:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7b2b7c57e9db5caa-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdL%2FyCCd%2B2nM9IR7E4ZOQ0Y2o7Kx7TmkgwHbP4lVrb96S5QrOitHQ%2FUep%2FbSMTJN53msbc9FRESf3DhSSaie3pDGSHqqPjQDNgv6vwD6hXhrBt9tlILS5Ld%2ByBswq07gboTLBla5sYXO1vhqgzss1AEY99lf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
Bm_Q7mCHEIish38
0wsgy.ns-decoumnents.ru/cdn-cgi/challenge-platform/h/b/pat/7b2b7c539bba5caa/1680631591180/ab056ef1ec6f63ca5a7a07e628f03a279ff2e6dea8efcbc00a9fce4f804a65c9/ 		1 B
787 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://0wsgy.ns-decoumnents.ru/cdn-cgi/challenge-platform/h/b/pat/7b2b7c539bba5caa/1680631591180/ab056ef1ec6f63ca5a7a07e628f03a279ff2e6dea8efcbc00a9fce4f804a65c9/Bm_Q7mCHEIish38
Requested by
Host: 1132241834.altmooh-aljadeed.com.sa
URL: http://1132241834.altmooh-aljadeed.com.sa/.usu.edu/254779481/0gk37////dominic.bria@usu.edu/?utm_source=promotions&utm_medium=email&utm_campaign=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0wsgy.ns-decoumnents.ru/Mdominic.bria@usu.edu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 18:06:31 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gqwVu8exvY8paegfmKPA6J5_y5t6o78vACp_OT4BKZckAFzB3c2d5Lm5zLWRlY291bW5lbnRzLnJ1, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAosgoN3xmwny44x-b3uhcfXXPKHIjdLBDH6qWJkmK-lLNepJd9XkfZUhHXsrVh6dzzlG-78EYB_2by01p8nVTQ1aNZ_rL3t0CYrClRTJqD5u7jiZqQmXtLMdIwOgSVlmpZ3E1uQpAY1u0YJgfVayHdzwjAvVfouhmPwUEyFCjy6NTlUQvV2mZXUmXwwis17sQI6DlNu3UNK2tm5s-MaIjJKVibP1sHHMgJmKUJfYvLXb6URhUNpiRD8HP6LpCdEG6sk4ga7xzrhgd7WSq2Ty1NGCBzyiYx-pm2tWO-rSpSPj6Icm7PKNWIGdCoorskjZXZqEM9gHeOR1-RRaYu75E7wIDAQAB, max-age=20
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7b2b7c580a0b5caa-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2MH98d8XJcqPuyvzduRZFhhdNOM1EOLPdH%2F1PXLaulsY1bUqQwkuR3TuYFJTyFPGLFMdHqOwVCdYeNcL8PMhHBW%2BvLxZuAJpViynS4ZG8UBvYWfj05b073Xui23x9pIl%2BrKcdd4qFxqox6ZEt%2FNLgTLpVe6"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
e855bcc29a01d5b
0wsgy.ns-decoumnents.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/2018363636:1680629382:NzZ0A6-p76x-_MnyzwiDgCwN9RThIFEab7mzIaM5Hhc/7b2b7c539bba5caa/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://0wsgy.ns-decoumnents.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/2018363636:1680629382:NzZ0A6-p76x-_MnyzwiDgCwN9RThIFEab7mzIaM5Hhc/7b2b7c539bba5caa/e855bcc29a01d5b
Requested by
Host: 0wsgy.ns-decoumnents.ru
URL: https://0wsgy.ns-decoumnents.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7b2b7c539bba5caa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba986c933e27fb5f0658ecda3d21f5491126a87b8d1d14976d19fb3a1d56469e

Request headers

Referer
https://0wsgy.ns-decoumnents.ru/Mdominic.bria@usu.edu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
CF-Challenge
e855bcc29a01d5b
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 04 Apr 2023 18:06:32 GMT
content-encoding
br
cf_chl_gen
4Stsy+hm15gGA4Wn/qJS21IIG6z39tDweDRS+dqR5UXFFcmowzpERzWtC63z/zBH$5XdMthPh33KBQ0lr0DaxFg==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ndoQNVPOjudRELOkXfB05szaW0ZcH4Ms78wp3qsb%2BWah5d8ytGbdlL5aWHVBfsZX%2Bf7J5NeGnMetFpQ8003BiPEIOfmdOfJkk15Znk3XFEekKQedpSudup5GalRuhiEWcCKoD4yj6JGqzG6fCB0KryHn5Yp"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7b2b7c5e0a865caa-FRA
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/fjo4l/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 6B22 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/fjo4l/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b3650f716e4835f532c848630b0f76b91d3bb7d2e2f4351f7a5da1ae9d83c66

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7b2b7c5e7ea791f3-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 04 Apr 2023 18:06:32 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 6B22 		157 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7b2b7c5e7ea791f3
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/fjo4l/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7229f45c5a19d8677bca85b42eee2e95e3f96bc295bd20a0ba80690ff4528e44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/fjo4l/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 18:06:32 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7b2b7c5eef9b91f3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
cbedd1ce60a85ad
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/978314667:1680629151:caUj06Uvofbe9fGYkrQcgR6X7WHkB7nn2xPlQIKQgHE/7b2b7c5e7ea791f3/ Frame 6B22 		88 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/978314667:1680629151:caUj06Uvofbe9fGYkrQcgR6X7WHkB7nn2xPlQIKQgHE/7b2b7c5e7ea791f3/cbedd1ce60a85ad
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7b2b7c5e7ea791f3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be3ca63879a95e9128db28e28a6f5dd74430cb301021949c6f88a49d6ba1fb47

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/fjo4l/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
CF-Challenge
cbedd1ce60a85ad
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 04 Apr 2023 18:06:32 GMT
content-encoding
br
cf_chl_gen
7k2+NESOyWzkacMQqiXvaV6dD2Q9uvLi+OZSuea1GAab/Nm7NJG31mnU5VlYF78Bqs+SMhPANVI5+qvsOJcotzLks472KQNQ/9nTDBhuU+Q2QPS2rx+2CEM6hQjDAXHqjdPCfksqt4mH9UfIqQlzRcnnwYN4pTVjkx2w5w5dV2Givwc6QuwN7zmeMrzJdiOxcbJgCA5rTfVgPmxTSlv7z9ULqkDsunh15UhdqEm2UrJidzjeAs7TydEiCWa2EMQEEHvb3+N3LGlubfV1VDEBUhhKwVo586YDUH+pvkWBTEO53yev15xTC3jTzVNUuDaRidckjeuSTHrhyW18OilTchxqkZKsdmhp/95D/KYZGKAO65k3nvpW4216L7OM9NpcXFRVBhNwrPkW5NC6wd+Lz8U3S49BCYxLiX7OjozySCs=$iqbPUmr94GRJhAHktn+eLw==
server
cloudflare
cf-ray
7b2b7c5ff8eb91f3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _cf_chl_opt function| _cf_chl_turnstile_l function| __cf_md5 function| sendRequest function| SHA256 function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded object| _ undefined| _cf_gcr

5 Cookies

Domain/Path Name / Value
brandequity.economictimes.indiatimes.com/ Name: PHPSESSID
Value: 33503681fed83391a0a43101ffe6a370
brandequity.economictimes.indiatimes.com/ Name: pmUsr
Value: 1680631587
.economictimes.indiatimes.com/ Name: ak_bmsc
Value: 2133069DAB1CDB37B5D28D2180891E76~000000000000000000000000000000~YAAQv7UQAtPiKEyHAQAA2uJyTRNc+rbRFwQHTBEVjIlNhvmkMpsQcM1wUH3rjJuoHXJd217UYvA5/sFgojfeveIvzMNT2svV9wE3mqz4l417ZChY4ZYQd4fbeTcq3I2QXmp8F/KyM+XY/Uf7fsW4HQEP1zKgrLdxTYVVH38XuTZBbsVbkxWx5MF/bBlk+QG8QSOkID82GACXZPHnsa6lJjmMGSuFYNnE7lJuVcbfZdb/BISu5tz0PcZyHn9r1eMGyXYr/JuVZkJ94Q1PQ9r6SoC+ULD7KPM7eY1vzfxiIxiZwZ3wdhFvHoFu1u5NpRKnvNE76LxTl1GtRYxVDuQmnAgomOX6ytFYxoHHsxGKBe0hpNNbtyzWECq/4JeGBGQLZ6XHgnhpApj/nMK7xodxlfaeFsnZ+arKX08mIE+16D+5Sg==
brandequity.economictimes.indiatimes.com/ Name: brandequity_subscription_source
Value: email
.economictimes.indiatimes.com/ Name: bm_sv
Value: F2676606524BAF9269F42990E6286815~YAAQv7UQAirjKEyHAQAA+uNyTRPJZJ73jB/tlUBtZZfxxMFQl+7Rvk8Zs3K2TA8XpeGTdc6Nmc9T19Wm5fmNdlgmQNPIdJ/6E38U5q/DyhmT2m4b+30gRIZvYNfy0SNwZoxIOEvesY7bTGu2f+zztLDaEDPhk/LV1n+sbwThEISEwwKxVMlrmuTS0M47UUFpeuzsO9dz+pEgSIRQCIi6O5wnVRmu5kQDUJJOgJ95DFOIYWGRRCVpmM1RyI2jdibLlJYa/ADf506lLLpRdi1JJDCn~1

4 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://0wsgy.ns-decoumnents.ru/Mdominic.bria@usu.edu
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://0wsgy.ns-decoumnents.ru/cdn-cgi/challenge-platform/h/b/pat/7b2b7c539bba5caa/1680631591180/ab056ef1ec6f63ca5a7a07e628f03a279ff2e6dea8efcbc00a9fce4f804a65c9/Bm_Q7mCHEIish38
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block