www.gojctraining.com Open in urlscan Pro
2606:4700::6810:10c2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.blandselfbold.za.com/nbhatmonw/janjsqpv3513pwiwrkf/vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac...
Effective URL:
https://www.gojctraining.com/twonews-st1?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89
Submission: On April 18 via api (April 18th 2024, 9:34:51 pm UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 19 HTTP transactions. The main IP is 2606:4700::6810:10c2, located in and belongs to . The main domain is www.gojctraining.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 1st 2023. Valid for: a year.

This is the only time www.gojctraining.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3035::ac43:a34d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1 1	44.229.7.140 44.229.7.140	() ()
1 1	52.59.165.42 52.59.165.42	() ()
6	2606:4700::68... 2606:4700::6810:10c2	() ()
1	2606:4700::68... 2606:4700::6810:5049	() ()
1	2606:4700::68... 2606:4700::6811:3b8	() ()
1	2606:4700::68... 2606:4700::6811:2b8	() ()
19	7

7 2606:4700:3035::ac43:a34d (United States)

ASN13335 (CLOUDFLARENET, US)

www.blandselfbold.za.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.229.7.140 (None, ) 1 redirects

ASN- ()

e650a-ghu-gcuyrgcl42fncl8n.hop.clickbank.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.165.42 (None, ) 1 redirects

ASN- ()

jcnow.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:10c2 (None, )

ASN- ()

www.gojctraining.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (None, )

ASN- ()

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:3b8 (None, )

ASN- ()

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:2b8 (None, )

ASN- ()

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	za.com www.blandselfbold.za.com	615 KB
6	gojctraining.com www.gojctraining.com	211 KB
2	cloudflare.com challenges.cloudflare.com	14 KB
1	cloudflareinsights.com static.cloudflareinsights.com	7 KB
1	jcnow.link 1 redirects jcnow.link	117 B
1	clickbank.net 1 redirects e650a-ghu-gcuyrgcl42fncl8n.hop.clickbank.net	643 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	72 KB
19	7

	Domain	Requested by
7	www.blandselfbold.za.com	www.blandselfbold.za.com
6	www.gojctraining.com	www.gojctraining.com static.cloudflareinsights.com
2	challenges.cloudflare.com	www.gojctraining.com challenges.cloudflare.com
1	static.cloudflareinsights.com	www.gojctraining.com
1	jcnow.link	1 redirects
1	e650a-ghu-gcuyrgcl42fncl8n.hop.clickbank.net	1 redirects
1	www.googletagmanager.com	www.blandselfbold.za.com
19	7

This site contains no links.

Subject Issuer	Validity	Valid
blandselfbold.za.com E1	`2024-04-15` - `2024-07-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
www.gojctraining.com Cloudflare Inc ECC CA-3	`2023-09-01` - `2024-08-31`	a year	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2023-08-18` - `2024-08-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.gojctraining.com/twonews-st1?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89
Frame ID: 59D6943CD96B855FB6D50233F4A3AFE9
Requests: 18 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/o3ooj/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: 0E6C2C05B75C74AD4C598744D94AF33C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Human Verification

Page URL History Show full URLs

http://www.blandselfbold.za.com/nbhatmonw/janjsqpv3513pwiwrkf/vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h1... HTTP 307
https://www.blandselfbold.za.com/nbhatmonw/janjsqpv3513pwiwrkf/vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h1... Page URL
http://www.blandselfbold.za.com/offer.php?id=161&sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h... HTTP 307
https://www.blandselfbold.za.com/offer.php?id=161&sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h... Page URL
http://www.blandselfbold.za.com/clicks/bpage/SuperAffiliateSystem.php?sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9aw... HTTP 307
https://www.blandselfbold.za.com/clicks/bpage/SuperAffiliateSystem.php?sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9aw... Page URL
https://e650a-ghu-gcuyrgcl42fncl8n.hop.clickbank.net/?cbpage=twonews&tid=1032594 HTTP 307
https://jcnow.link/twonews?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89 HTTP 302
https://www.gojctraining.com/twonews-st1?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

89 %
HTTPS

75 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

918 kB
Transfer

1388 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.blandselfbold.za.com/nbhatmonw/janjsqpv3513pwiwrkf/vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a HTTP 307
https://www.blandselfbold.za.com/nbhatmonw/janjsqpv3513pwiwrkf/vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a Page URL
http://www.blandselfbold.za.com/offer.php?id=161&sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a HTTP 307
https://www.blandselfbold.za.com/offer.php?id=161&sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a Page URL
http://www.blandselfbold.za.com/clicks/bpage/SuperAffiliateSystem.php?sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a HTTP 307
https://www.blandselfbold.za.com/clicks/bpage/SuperAffiliateSystem.php?sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a Page URL
https://e650a-ghu-gcuyrgcl42fncl8n.hop.clickbank.net/?cbpage=twonews&tid=1032594 HTTP 307
https://jcnow.link/twonews?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89 HTTP 302
https://www.gojctraining.com/twonews-st1?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.blandselfbold.za.com/nbhatmonw/janjsqpv3513pwiwrkf/vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a HTTP 307
https://www.blandselfbold.za.com/nbhatmonw/janjsqpv3513pwiwrkf/vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a

Request Chain 3

http://www.blandselfbold.za.com/offer.php?id=161&sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a HTTP 307
https://www.blandselfbold.za.com/offer.php?id=161&sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a

Request Chain 4

http://www.blandselfbold.za.com/clicks/bpage/SuperAffiliateSystem.php?sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a HTTP 307
https://www.blandselfbold.za.com/clicks/bpage/SuperAffiliateSystem.php?sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a
www.blandselfbold.za.com/nbhatmonw/janjsqpv3513pwiwrkf/vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/
Redirect Chain

http://www.blandselfbold.za.com/nbhatmonw/janjsqpv3513pwiwrkf/vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a
https://www.blandselfbold.za.com/nbhatmonw/janjsqpv3513pwiwrkf/vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a

1 KB
900 B

226ms
211ms

Document
text/html

2606:4700:3035::ac43:a34d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blandselfbold.za.com/nbhatmonw/janjsqpv3513pwiwrkf/vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8767c7d9aedb18bf-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 18 Apr 2024 21:34:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AXrPsR6sHWeEtaSvVCOczS8kfKdADzzvwe0BUfCH0FqMiGbaGEEda68PLQ7%2FFGrQPF3vT%2BZyvCzlUmdfx6UDuR8XguOn82U3zrIJNXXEpI4%2F7CDo51MYX%2BhYQTxNSmhmJG6Twqt86RiV4I%2Bb72sLhXrSmn3N85M%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

Location: https://www.blandselfbold.za.com/nbhatmonw/janjsqpv3513pwiwrkf/vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 jquery-1.11.0.min.js
www.blandselfbold.za.com/ 94 KB
34 KB 27ms
26ms Script
application/javascript 2606:4700:3035::ac43:a34d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blandselfbold.za.com/jquery-1.11.0.min.js
Requested by: Host: www.blandselfbold.za.com
URL: https://www.blandselfbold.za.com/nbhatmonw/janjsqpv3513pwiwrkf/vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.blandselfbold.za.com/nbhatmonw/janjsqpv3513pwiwrkf/vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:34:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 Jan 2024 11:46:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 390
etag: W/"659a8f1d-1787d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x17idD79Uc%2BH3UlRFds2KauW2PF0LA3bqUi03bJCoj9jaBX3W0vco7eZDwt%2Fl9xSnikZvoFLvAoFhlt2bVU%2BNjfcfHLEAJQYuNLMaET5quGId3LeA%2FWHnvr8%2B5trABCLkq1%2Be8yoEl57AFBijHJodRMXq7sAILw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8767c7db085818bf-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js
www.googletagmanager.com/gtag/ 197 KB
72 KB 72ms
27ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-22484186-3

Requested by

Host: www.blandselfbold.za.com
URL: https://www.blandselfbold.za.com/nbhatmonw/janjsqpv3513pwiwrkf/vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.blandselfbold.za.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:34:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72925
x-xss-protection: 0
last-modified: Thu, 18 Apr 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Apr 2024 21:34:45 GMT

GET
H3

200

offer.php
www.blandselfbold.za.com/
Redirect Chain

http://www.blandselfbold.za.com/offer.php?id=161&sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a
https://www.blandselfbold.za.com/offer.php?id=161&sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a

374 B
696 B

114ms
113ms

Document
text/html

2606:4700:3035::ac43:a34d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blandselfbold.za.com/offer.php?id=161&sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a
Requested by: Host: www.blandselfbold.za.com
URL: https://www.blandselfbold.za.com/nbhatmonw/janjsqpv3513pwiwrkf/vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.blandselfbold.za.com/nbhatmonw/janjsqpv3513pwiwrkf/vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8767c7db88d518bf-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 18 Apr 2024 21:34:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5hZZElzLt6hKcSLxo85Fzu42FcEG6GPKRNyfeuTfdwNDlvKlj%2FanxONb7HGDOiQN%2BqaLNuhiEehjxGyTcIfInlJworSbHn7T0K2VMG%2FY9gbYr3z%2FRNw%2B7xqR45TzCqUQvTSBHEfwnbryqNRnul9pht3xG35%2FyJk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

Location: https://www.blandselfbold.za.com/offer.php?id=161&sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a
Non-Authoritative-Reason: HttpsUpgrades

GET
H3

200

SuperAffiliateSystem.php Show response
www.blandselfbold.za.com/clicks/bpage/
Redirect Chain

http://www.blandselfbold.za.com/clicks/bpage/SuperAffiliateSystem.php?sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a
https://www.blandselfbold.za.com/clicks/bpage/SuperAffiliateSystem.php?sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a

5 KB
2 KB

112ms
112ms

Document
text/html

2606:4700:3035::ac43:a34d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blandselfbold.za.com/clicks/bpage/SuperAffiliateSystem.php?sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60db3519844a68854325546187b8a93c125be03d67be0e4bca2742a4647e4025

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.blandselfbold.za.com/offer.php?id=161&sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8767c7dc799818bf-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 18 Apr 2024 21:34:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NetTwZeDgwo8wax7sB9rNReUS46QaDq%2BbHbuDImmg%2FIWL4fvBUi5E5fAzuPntMql0CyGPKel%2BZDHiQ9onjK5qThZ%2BVR3bA36wQMOom4WJxjQvqFof8DKtgIc5CJ3WWgV9QqcxHBX%2ByGredoSQ19oSRf6GBGdPwA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

Location: https://www.blandselfbold.za.com/clicks/bpage/SuperAffiliateSystem.php?sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 favicon.ico
www.blandselfbold.za.com/ 1 KB
531 B 16ms
16ms Other
image/x-icon 2606:4700:3035::ac43:a34d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blandselfbold.za.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.blandselfbold.za.com/offer.php?id=161&sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:34:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 Jan 2024 11:46:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 391
etag: W/"659a8f1e-57e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1BqvRF3YOsRm3QyS9MpIXwrtINbMoWcpAc1GnCEr2yCjsmnqBuUnPjwNG64hXtWhhfAjyi3eGQDrDLGXJboaUf3glD7LasWfccZmI66P7ARuEWcbjGt1vZ8mTMXxNHiA6iLcH%2BduojvKQr3SR%2Ba0aTs7dG70reA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=14400
cf-ray: 8767c7dc799418bf-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 SuperAffiliateSystem.PNG
www.blandselfbold.za.com/clicks/bpage/ 576 KB
576 KB 21ms
21ms Image
image/png 2606:4700:3035::ac43:a34d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.blandselfbold.za.com/clicks/bpage/SuperAffiliateSystem.PNG
Requested by: Host: www.blandselfbold.za.com
URL: https://www.blandselfbold.za.com/clicks/bpage/SuperAffiliateSystem.php?sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d179dd95a8384a4570831f52291427a38d4c512738df2e699b834d7a66879980

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.blandselfbold.za.com/clicks/bpage/SuperAffiliateSystem.php?sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:34:45 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Apr 2024 17:34:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 209
etag: "661d6513-8fe51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Q4NtmWr2buSspjBLRxvqerIaKYxF3ACcr3MFYsNKtIHV9E%2BD6vFW%2BSEDmDr4j7OIOSD8zwGPh0T%2BD9VdWlCzDow4SW3cxrfVMTJ2Y%2BFeGcJJfmA%2Ftq8wk5HI8qR%2BBOvnpAyK00XUTRpN74R%2BePk6ZSAkwoPLfA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8767c7dd4a4818bf-FRA
alt-svc: h3=":443"; ma=86400
content-length: 589393

GET
H3 200 favicon.ico
www.blandselfbold.za.com/ 1 KB
0 3ms
3ms Other
image/x-icon 2606:4700:3035::ac43:a34d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blandselfbold.za.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:a34d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9bc1ab7f7c0c6bc5d097050968993474e32346cffa537be1e0335a19645f12e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.blandselfbold.za.com/clicks/bpage/SuperAffiliateSystem.php?sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:34:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 07 Jan 2024 11:46:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 391
etag: W/"659a8f1e-57e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1BqvRF3YOsRm3QyS9MpIXwrtINbMoWcpAc1GnCEr2yCjsmnqBuUnPjwNG64hXtWhhfAjyi3eGQDrDLGXJboaUf3glD7LasWfccZmI66P7ARuEWcbjGt1vZ8mTMXxNHiA6iLcH%2BduojvKQr3SR%2Ba0aTs7dG70reA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=14400
cf-ray: 8767c7dc799418bf-FRA
alt-svc: h3=":443"; ma=86400

GET
H2

403

Primary Request twonews-st1 Show response
www.gojctraining.com/
Redirect Chain

https://e650a-ghu-gcuyrgcl42fncl8n.hop.clickbank.net/?cbpage=twonews&tid=1032594
https://jcnow.link/twonews?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89
https://www.gojctraining.com/twonews-st1?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89

19 KB
10 KB

72ms
28ms

Document
text/html

2606:4700::6810:10c2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gojctraining.com/twonews-st1?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

dbe5fa393f45443f3d15c0ae46160cfad8fe15f5523710f8f80a82f782e01a24

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.blandselfbold.za.com/clicks/bpage/SuperAffiliateSystem.php?sid=1032594&h=vgvwpreqm6dr6mvdk1_hb9awew6_82twrcd6p1a0zr0/h19rya0hxecemtqiod_xac2_c_gz0cqwr6h3hnch9xhe1h1plisjner522fupu-a
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: Y6lcLN8d3EfJ/lj/Jhta73oHbFc1RY5sjWh9pGEWYO0/UVnrC2pEKYisJPc3oFQSFeGyS1ELRxMeCU3FSLI5CpG+W+eML5APRANCG9kw0pNF/bErNlMv63Y9Ee6PowItxzDJ6NbCj8PUzsOZboH/MQ==$GGjA4lr7Uhk+3L6T0F+hzw==
cf-mitigated: challenge
cf-ray: 8767c7fddf519208-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 18 Apr 2024 21:34:50 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

content-length: 0
date: Thu, 18 Apr 2024 21:34:50 GMT
location: https://www.gojctraining.com/twonews-st1?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89

GET
H2 200 v55bfa2fee65d44688e90c00735ed189a1713218998793 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 95ms
69ms Script
text/javascript 2606:4700::6810:5049

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
Requested by: Host: www.gojctraining.com
URL: https://www.gojctraining.com/twonews-st1?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.gojctraining.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:34:50 GMT
content-encoding: gzip
last-modified: Mon, 15 Apr 2024 22:09:58 GMT
server: cloudflare
etag: W/"2024.4.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8767c7fe386965a3-FRA

GET
H2 200 v1 Show response
www.gojctraining.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 386 KB
162 KB 44ms
43ms Script
application/javascript 2606:4700::6810:10c2

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gojctraining.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8767c7fddf519208
Requested by: Host: www.gojctraining.com
URL: https://www.gojctraining.com/twonews-st1?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: ba444c3726f173a3eabf0394ed8bf439d8c1cdbd823e7b92cb558fb7f64b69ab

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "124.0.6367.60"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://www.gojctraining.com/twonews-st1?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89&__cf_chl_rt_tk=Pcn55DxKHCDzG_jmJydFJOsvrVIyTHi7_mG_f._Gib8-1713476090-0.0.1.1-1514
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:34:50 GMT
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
server: cloudflare
cf-ray: 8767c7fe2f969208-FRA
vary: accept-encoding
content-type: application/javascript; charset=UTF-8

GET
H3 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/ 41 KB
14 KB 46ms
33ms Script
application/javascript 2606:4700::6811:3b8

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/api.js?onload=lmgW1&render=explicit
Requested by: Host: www.gojctraining.com
URL: https://www.gojctraining.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8767c7fddf519208
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af2da74872f03e058ab79a584176d2086afc01bbd42dd2ed14259179341be6a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://www.gojctraining.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:34:50 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8767c7feef109c00-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 403 favicon.ico
www.gojctraining.com/ 16 KB
16 KB 27ms
27ms Image
text/html 2606:4700::6810:10c2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gojctraining.com/favicon.ico

Requested by

Host: www.gojctraining.com
URL: https://www.gojctraining.com/twonews-st1?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

792c9898c9ae557ebeb11dc185b48919839239bcd9ed6541d042b1a1d1bb4a92

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "124.0.6367.60"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://www.gojctraining.com/twonews-st1?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:34:50 GMT
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
cf-chl-out: T3GKytHbiQrk4jpAdiwnwbMKHX/x5HkvNLvSKVl4DsJhNSGo9UjaWhac9IWNa3DGfLd7ucQu2U85RW4qLFES2ij94iyC7ncUlXLfBGH2RyjDOZMKujaMnylCvH2yVmY5C3lMdcbNleqElD3GkInj2w==$+VNTrBguLfb22yWabdGsgg==
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 8767c7fed8239208-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
BLOB 200
OK 5fb9e04f-d62f-4b99-babf-475ffaac9c69
https://www.gojctraining.com/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.gojctraining.com/5fb9e04f-d62f-4b99-babf-475ffaac9c69
Requested by: Host: www.gojctraining.com
URL: https://www.gojctraining.com/twonews-st1?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.gojctraining.com/twonews-st1?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H2 204 rum Show response
www.gojctraining.com/cdn-cgi/ 0
175 B 89ms
89ms XHR
text/plain 2606:4700::6810:10c2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gojctraining.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "124.0.6367.60"
content-type: application/json
sec-ch-ua-platform-version: "10.0.0"
Referer: https://www.gojctraining.com/twonews-st1?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:34:50 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.gojctraining.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8767c7ff385e9208-FRA

GET
H2 403 favicon.ico
www.gojctraining.com/ 16 KB
7 KB 27ms
27ms Other
text/html 2606:4700::6810:10c2

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gojctraining.com/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

fe4e10d6dc5bae56bb067be11c55397efbf04526ad0a7935fd5d87ffc28758aa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
sec-ch-ua-full-version: "124.0.6367.60"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://www.gojctraining.com/twonews-st1?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 21:34:50 GMT
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
cf-chl-out: 831ACtozypSCRJQC602tEw3TxSaPJU+K9k+QJf0hyHj3gpd8BvXQHDUC5cRl1yHW0M1r4o29gTDcWLZH+vueuhhG16ynfpe+m1/GlCwdQ9i3qdHYtuS2CWNmEwqqq1qtr3XCJzSlLAxynR76BoZUTA==$LUSF0U2SDwLaguKrx0yheg==
referrer-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 8767c7ff38689208-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 c48e91e6fae1733 Show response
www.gojctraining.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1547947825:1713471963:0W-45j4uCSyAG0W_ymmTUyKY_lKdw-4pBVlnoDfU5Ko/8767c7fddf519208/ 15 KB
16 KB 50ms
50ms XHR
text/plain 2606:4700::6810:10c2

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gojctraining.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1547947825:1713471963:0W-45j4uCSyAG0W_ymmTUyKY_lKdw-4pBVlnoDfU5Ko/8767c7fddf519208/c48e91e6fae1733
Requested by: Host: www.gojctraining.com
URL: https://www.gojctraining.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8767c7fddf519208
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e67881d65a3821fc9eed872461a61813c6e26cb70d831ba712c06bf9f668a5c8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch: "x86"
Content-type: application/x-www-form-urlencoded
sec-ch-ua-full-version: "124.0.6367.60"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://www.gojctraining.com/twonews-st1?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness: "64"
sec-ch-ua-model: ""
CF-Challenge: c48e91e6fae1733
sec-ch-ua-platform: "Win32"

Response headers

cf-chl-gen: VMNfXf/Nhoa+b6XChc3mi5esGLnC/xG8k6zWgc9YXBtPzkwC3hUG3wIfsdcU8zax$fK0KxDZ9nyS8KL3nwK7EZQ==
date: Thu, 18 Apr 2024 21:34:50 GMT
content-encoding: br
server: cloudflare
cf-ray: 8767c7ff88a69208-FRA
vary: accept-encoding
content-type: text/plain; charset=UTF-8

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/o3ooj/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame 0E6C 0
0 33ms
20ms Document
text/html 2606:4700::6811:2b8

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/o3ooj/0x4AAAAAAADnOjc0PNeA8qVm/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/54ea73d52131/api.js?onload=lmgW1&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:2b8 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8767c8004ddc37fd-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 18 Apr 2024 21:34:50 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
vary: accept-encoding

GET
BLOB 200
OK ac125a58-361a-412c-a56d-a1df75ec6522
https://www.gojctraining.com/ 80 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.gojctraining.com/ac125a58-361a-412c-a56d-a1df75ec6522
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d5d7571ddb9876d6bdb02c3291e62d788f660b71e6eb9d9032234a691db4680

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.gojctraining.com/twonews-st1?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 80
Content-Type: text/javascript

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://www.gojctraining.com/twonews-st1?hop=7frederick&hopId=3a4dd097-774d-41e0-b994-d24a88fa3b89 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.gojctraining.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.gojctraining.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
e650a-ghu-gcuyrgcl42fncl8n.hop.clickbank.net
jcnow.link
static.cloudflareinsights.com
www.blandselfbold.za.com
www.gojctraining.com
www.googletagmanager.com
2606:4700:3035::ac43:a34d
2606:4700::6810:10c2
2606:4700::6810:5049
2606:4700::6811:2b8
2606:4700::6811:3b8
2a00:1450:4001:829::2008
44.229.7.140
52.59.165.42
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
1d5d7571ddb9876d6bdb02c3291e62d788f660b71e6eb9d9032234a691db4680
60db3519844a68854325546187b8a93c125be03d67be0e4bca2742a4647e4025
792c9898c9ae557ebeb11dc185b48919839239bcd9ed6541d042b1a1d1bb4a92
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
8af2da74872f03e058ab79a584176d2086afc01bbd42dd2ed14259179341be6a
a9bc1ab7f7c0c6bc5d097050968993474e32346cffa537be1e0335a19645f12e
ba444c3726f173a3eabf0394ed8bf439d8c1cdbd823e7b92cb558fb7f64b69ab
d179dd95a8384a4570831f52291427a38d4c512738df2e699b834d7a66879980
dbe5fa393f45443f3d15c0ae46160cfad8fe15f5523710f8f80a82f782e01a24
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67881d65a3821fc9eed872461a61813c6e26cb70d831ba712c06bf9f668a5c8
fe4e10d6dc5bae56bb067be11c55397efbf04526ad0a7935fd5d87ffc28758aa

www.gojctraining.com Open in urlscan Pro 2606:4700::6810:10c2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

89 %HTTPS

75 %IPv6

7 Domains

7 Subdomains

7 IPs

2 Countries

918 kBTransfer

1388 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

5 Console Messages

Indicators

www.gojctraining.com Open in urlscan Pro
2606:4700::6810:10c2 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

89 %
HTTPS

75 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

918 kB
Transfer

1388 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions