urlscan.io logo urlscan.io
SecurityTrails logo

www.ashleyrnadison.com Open in urlscan Pro
104.17.154.191  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://1u.fi/eKsyF
Effective URL: https://www.ashleyrnadison.com/v4new?offer_id=4&affiliate_id=184&affiliate_sub=88435_&affiliate_click_id=10260f09d31dd57d3b170e...
Submission: On May 06 via manual from LU — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 5 countries across 6 domains to perform 9 HTTP transactions. The main IP is 104.17.154.191, located in and belongs to CLOUDFLARENET, US. The main domain is www.ashleyrnadison.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on June 19th 2023. Valid for: a year.
This is the only time www.ashleyrnadison.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.97.3 13335 (CLOUDFLAR...)
1 1 185.26.105.244 24935 (ATE-AS)
1 1 13.227.219.98 16509 (AMAZON-02)
2 2 52.210.2.133 16509 (AMAZON-02)
5 104.17.154.191 13335 (CLOUDFLAR...)
1 104.17.3.184 13335 (CLOUDFLAR...)
1 104.17.2.184 13335 (CLOUDFLAR...)
9 4
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
1u.fi
1    185.26.105.244 (France)

ASN24935 (ATE-AS, FR)
PTR: redirect.netim.net
12flirt.at
1    13.227.219.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-98.ams54.r.cloudfront.net
t.ajump1.com
2    52.210.2.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com
rubylife.go2cloud.org
5    104.17.154.191 (None, )

ASN13335 (CLOUDFLARENET, US)
www.ashleyrnadison.com
1    104.17.3.184 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    104.17.2.184 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
5 ashleyrnadison.com
www.ashleyrnadison.com
139 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4500
14 KB
2 go2cloud.org
rubylife.go2cloud.org — Cisco Umbrella Rank: 796321
3 KB
1 ajump1.com
t.ajump1.com
1 KB
1 12flirt.at
12flirt.at
226 B
1 1u.fi
1u.fi
590 B
9 6
Domain Requested by
5 www.ashleyrnadison.com www.ashleyrnadison.com
2 challenges.cloudflare.com www.ashleyrnadison.com
challenges.cloudflare.com
2 rubylife.go2cloud.org 2 redirects
1 t.ajump1.com 1 redirects
1 12flirt.at 1 redirects
1 1u.fi 1 redirects
9 6

This site contains no links.

Subject Issuer Validity Valid
*.ashleyrnadison.com
RapidSSL TLS RSA CA G1		 2023-06-19 -
2024-06-28		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.ashleyrnadison.com/v4new?offer_id=4&affiliate_id=184&affiliate_sub=88435_&affiliate_click_id=10260f09d31dd57d3b170e1b3ed7f9&transaction_id=10285150aa6f6218d85231e091de26
Frame ID: 468DE0D6F92828CD3899E5580B3FBBC5
Requests: 8 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/eyj6z/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 2360A89249204D306D8DC45A5808A859
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Pieni hetki...

Page URL History Show full URLs

  1. https://1u.fi/eKsyF HTTP 301
    http://12flirt.at/ HTTP 307
    https://12flirt.at/ HTTP 307
    http://12flirt.at/ HTTP 301
    https://t.ajump1.com/88435/5012?bo=2753,2754,2755,2756&popUnder=true HTTP 303
    https://rubylife.go2cloud.org/aff_c?offer_id=4&aff_id=184&url_id=675&source=88435&aff_sub=&aff_click_id=10... HTTP 302
    https://rubylife.go2cloud.org/aff_r?offer_id=4&aff_id=184&url=https%3A%2F%2Fwww.ashleyrnadison.com%2Fv4new... HTTP 302
    https://www.ashleyrnadison.com/v4new?offer_id=4&affiliate_id=184&affiliate_sub=88435_&affiliate_click_id=10... Page URL

Page Statistics

9
Requests

78 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

4
IPs

5
Countries

153 kB
Transfer

524 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://1u.fi/eKsyF HTTP 301
    http://12flirt.at/ HTTP 307
    https://12flirt.at/ HTTP 307
    http://12flirt.at/ HTTP 301
    https://t.ajump1.com/88435/5012?bo=2753,2754,2755,2756&popUnder=true HTTP 303
    https://rubylife.go2cloud.org/aff_c?offer_id=4&aff_id=184&url_id=675&source=88435&aff_sub=&aff_click_id=10260f09d31dd57d3b170e1b3ed7f9&aff_sub3=6483&bo=2753%2C2754%2C2755%2C2756 HTTP 302
    https://rubylife.go2cloud.org/aff_r?offer_id=4&aff_id=184&url=https%3A%2F%2Fwww.ashleyrnadison.com%2Fv4new%3Foffer_id%3D4%26affiliate_id%3D184%26affiliate_sub%3D88435_%26affiliate_click_id%3D10260f09d31dd57d3b170e1b3ed7f9%26transaction_id%3D10285150aa6f6218d85231e091de26&urlauth=653757460577868661864650131703 HTTP 302
    https://www.ashleyrnadison.com/v4new?offer_id=4&affiliate_id=184&affiliate_sub=88435_&affiliate_click_id=10260f09d31dd57d3b170e1b3ed7f9&transaction_id=10285150aa6f6218d85231e091de26 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request v4new
www.ashleyrnadison.com/
Redirect Chain
  • https://1u.fi/eKsyF
  • http://12flirt.at/
  • https://12flirt.at/
  • http://12flirt.at/
  • https://t.ajump1.com/88435/5012?bo=2753,2754,2755,2756&popUnder=true
  • https://rubylife.go2cloud.org/aff_c?offer_id=4&aff_id=184&url_id=675&source=88435&aff_sub=&aff_click_id=10260f09d31dd57d3b170e1b3ed7f9&aff_sub3=6483&bo=2753%2C2754%2C2755%2C2756
  • https://rubylife.go2cloud.org/aff_r?offer_id=4&aff_id=184&url=https%3A%2F%2Fwww.ashleyrnadison.com%2Fv4new%3Foffer_id%3D4%26affiliate_id%3D184%26affiliate_sub%3D88435_%26affiliate_click_id%3D10260f...
  • https://www.ashleyrnadison.com/v4new?offer_id=4&affiliate_id=184&affiliate_sub=88435_&affiliate_click_id=10260f09d31dd57d3b170e1b3ed7f9&transaction_id=10285150aa6f6218d85231e091de26
19 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ashleyrnadison.com/v4new?offer_id=4&affiliate_id=184&affiliate_sub=88435_&affiliate_click_id=10260f09d31dd57d3b170e1b3ed7f9&transaction_id=10285150aa6f6218d85231e091de26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.154.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee331cd4a3d753f8e85857ace6ca36904e8e4a78ef3d4b5ae8b9ce5f375f746c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
JFbSu1nsqi0njQ5t57iN8woKOHWId+jwhiJrKgPK0ulp/yk5OPl/n0V3tJOeb032l3zJUr/1ydKE/fDvnqaoN2A/ecTQN9grtaXikLuncoha7T5h63dwNISDMnSOpHMnCYdeylptgGJ4D3ZHXOWYAQ==$eJ9EDpDq6mBfDxgn8geqMQ==
cf-mitigated
challenge
cf-ray
87f92de30ea9d922-HEL
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Mon, 06 May 2024 13:04:59 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
381
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 06 May 2024 13:04:59 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://www.ashleyrnadison.com/v4new?offer_id=4&affiliate_id=184&affiliate_sub=88435_&affiliate_click_id=10260f09d31dd57d3b170e1b3ed7f9&transaction_id=10285150aa6f6218d85231e091de26
Pragma
no-cache
Server
nginx
X-Request-Id
d0ea154b17eb15567665e21718fb6d28
v1
www.ashleyrnadison.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		383 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ashleyrnadison.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87f92de30ea9d922
Requested by
Host: www.ashleyrnadison.com
URL: https://www.ashleyrnadison.com/v4new?offer_id=4&affiliate_id=184&affiliate_sub=88435_&affiliate_click_id=10260f09d31dd57d3b170e1b3ed7f9&transaction_id=10285150aa6f6218d85231e091de26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.154.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2363fbedcd0a8c0e162c6f9030f8562ea998ff0ac9f1a1ce3913aead25988261

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.118"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.ashleyrnadison.com/v4new?offer_id=4&affiliate_id=184&affiliate_sub=88435_&affiliate_click_id=10260f09d31dd57d3b170e1b3ed7f9&transaction_id=10285150aa6f6218d85231e091de26&__cf_chl_rt_tk=NHMpwlXvLpXC6N5svDy4jz0INaIuF0uaZNeT9Dc6Qf4-1715000699-0.0.1.1-1983
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 13:04:59 GMT
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
server
cloudflare
cf-ray
87f92de5185ad922-HEL
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
api.js
challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js?onload=XagHGl3&render=explicit
Requested by
Host: www.ashleyrnadison.com
URL: https://www.ashleyrnadison.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87f92de30ea9d922
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6b5cd0b65ebbb519dd845ba2979b40e58b056ca2c90f67a8bfea871d39615a7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://www.ashleyrnadison.com
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 13:05:00 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
87f92de9dc0c4e1a-HEL
alt-svc
h3=":443"; ma=86400
favicon.ico
www.ashleyrnadison.com/ 		32 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ashleyrnadison.com/favicon.ico
Requested by
Host: www.ashleyrnadison.com
URL: https://www.ashleyrnadison.com/v4new?offer_id=4&affiliate_id=184&affiliate_sub=88435_&affiliate_click_id=10260f09d31dd57d3b170e1b3ed7f9&transaction_id=10285150aa6f6218d85231e091de26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.154.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cf86e1b505f9b4797d6ecadf74307badd9e5d0635e83981413d8656908e2458

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.118"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.ashleyrnadison.com/v4new?offer_id=4&affiliate_id=184&affiliate_sub=88435_&affiliate_click_id=10260f09d31dd57d3b170e1b3ed7f9&transaction_id=10285150aa6f6218d85231e091de26
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 13:04:59 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 14 Jun 2023 16:22:43 GMT
server
cloudflare
age
148
vary
Accept-Encoding
content-type
image/x-icon
cache-control
public, max-age=14400
server-timing
dtSInfo;desc="1"
cf-ray
87f92de66969d922-HEL
expires
Mon, 06 May 2024 17:04:59 GMT
7f09923e-fc1d-4b58-a698-5054b07fbd92
https://www.ashleyrnadison.com/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.ashleyrnadison.com/7f09923e-fc1d-4b58-a698-5054b07fbd92
Requested by
Host: www.ashleyrnadison.com
URL: https://www.ashleyrnadison.com/v4new?offer_id=4&affiliate_id=184&affiliate_sub=88435_&affiliate_click_id=10260f09d31dd57d3b170e1b3ed7f9&transaction_id=10285150aa6f6218d85231e091de26
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://www.ashleyrnadison.com/v4new?offer_id=4&affiliate_id=184&affiliate_sub=88435_&affiliate_click_id=10260f09d31dd57d3b170e1b3ed7f9&transaction_id=10285150aa6f6218d85231e091de26
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
12ecf3dae011f2c
www.ashleyrnadison.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1567087473:1714998937:tVlSkuOOb9jTpQ6PoEAP20Cicz5uAKLjtDGWiYKboOo/87f92de30ea9d922/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ashleyrnadison.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1567087473:1714998937:tVlSkuOOb9jTpQ6PoEAP20Cicz5uAKLjtDGWiYKboOo/87f92de30ea9d922/12ecf3dae011f2c
Requested by
Host: www.ashleyrnadison.com
URL: https://www.ashleyrnadison.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=87f92de30ea9d922
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.154.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d306a4fd43fee693fdb2d42b8cb8afdb739adc9e30ce2ca6dd04dca5e8add150

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
Content-type
application/x-www-form-urlencoded
sec-ch-ua-full-version
"124.0.6367.118"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.ashleyrnadison.com/v4new?offer_id=4&affiliate_id=184&affiliate_sub=88435_&affiliate_click_id=10260f09d31dd57d3b170e1b3ed7f9&transaction_id=10285150aa6f6218d85231e091de26
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
CF-Challenge
12ecf3dae011f2c
sec-ch-ua-platform
"Win32"

Response headers

cf-chl-gen
CftF0l6NdT+dQ8KBjo7exon+4iklsiCqUzZFjXATCW97G6u0tVBOr26cC0yPAsbg$ASCc2jdy4f0mWrv1xD7IAw==
date
Mon, 06 May 2024 13:05:00 GMT
content-encoding
gzip
server
cloudflare
cf-ray
87f92de749e9d922-HEL
vary
accept-encoding
content-type
text/plain; charset=UTF-8
c9908872-b41b-478a-bf96-91c69c5f83e5
https://www.ashleyrnadison.com/ 		80 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.ashleyrnadison.com/c9908872-b41b-478a-bf96-91c69c5f83e5
Requested by
Host: www.ashleyrnadison.com
URL: https://www.ashleyrnadison.com/v4new?offer_id=4&affiliate_id=184&affiliate_sub=88435_&affiliate_click_id=10260f09d31dd57d3b170e1b3ed7f9&transaction_id=10285150aa6f6218d85231e091de26
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3418640c1204265881221580b9d1554424f6ed49549d408da50c690ab29f400

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://www.ashleyrnadison.com/v4new?offer_id=4&affiliate_id=184&affiliate_sub=88435_&affiliate_click_id=10260f09d31dd57d3b170e1b3ed7f9&transaction_id=10285150aa6f6218d85231e091de26
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
80
Content-Type
text/javascript
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/eyj6z/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 2360 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/eyj6z/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/d0ff3ebede6b/api.js?onload=XagHGl3&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
87f92dedc9154c78-HEL
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 06 May 2024 13:05:01 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
vary
accept-encoding
favicon.ico
www.ashleyrnadison.com/ 		32 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.ashleyrnadison.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.154.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cf86e1b505f9b4797d6ecadf74307badd9e5d0635e83981413d8656908e2458

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.118"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.ashleyrnadison.com/v4new?offer_id=4&affiliate_id=184&affiliate_sub=88435_&affiliate_click_id=10260f09d31dd57d3b170e1b3ed7f9&transaction_id=10285150aa6f6218d85231e091de26
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 13:04:59 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 14 Jun 2023 16:22:43 GMT
server
cloudflare
age
148
vary
Accept-Encoding
content-type
image/x-icon
cache-control
public, max-age=14400
server-timing
dtSInfo;desc="1"
cf-ray
87f92de66969d922-HEL
expires
Mon, 06 May 2024 17:04:59 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _cf_chl_opt function| UuEKIx0 function| irjVD5 object| dAXu9 object| HtXsUP9 function| Skim3 function| XagHGl3 boolean| hAQbG6 function| gSUh2 function| dBzx6 function| rNaINu0 object| PcLwD9 number| etml6 object| angular string| hQUN3 object| turnstile boolean| VETep3

10 Cookies

Domain/Path Name / Value
1u.fi/ Name: PHPSESSID
Value: r2jmelunb19utka7uqhki0elgl
1u.fi/ Name: short_21362
Value: 1
t.ajump1.com/ Name: aff_ran_url_1349
Value: 33541
t.ajump1.com/ Name: enc_aff_session_1349
Value: ENC03c664dcac94b7f23ff1c3c53360257afc66811aaec1d103e6c7fb9606958694912d6f40c9c02e54027badb104ba53fa5a8633938fda0dbb9ad1b229db2446caf15a8b32aceb471ca082ee27cac742fcccd4636ef868dfc2f066c88e539344128d0b505170940b26ceac45145c9f7695ce9c368c1b169b258275c6ca2dd3ea50c826085c33
t.ajump1.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjQiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
rubylife.go2cloud.org/ Name: aff_ran_url_4
Value: 675
rubylife.go2cloud.org/ Name: enc_aff_session_4
Value: ENC0366ba896823dcccae6eeacc642ec64afe8e563227e34e73746d64dfedc190eafafbbfa0ba9b350a9ed6612ad28b90de0ec3d4a62eb4a03305f2adfbe5ac1eb7636445150abf49ec03d45fb8b779c92ad8ca9166f2f58089bf882bc76dcebc97a8eac4665a7a605f24ad342e82894b111d69eb1077c767f4e38b0aecebfa8332e3b255c01ee6ed99b28db3afe60935147a1a523b54fa0b761dd77c18cc955208980f262cd1
rubylife.go2cloud.org/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjQiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiYWNjZXB0X2xhbmd1YWdlIjoiZmktRkksZmk7cT0wLjk7cT0wLjkiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=
.ashleyrnadison.com/ Name: __cf_bm
Value: 03xe5qnYG.5aBS94R2hmiOM_ar3Z.0O6TaEHY24tNsg-1715000699-1.0.1.1-ORMCLrzG3FfVKlbKVJYRNH.DnzKJ8KpcDMbxF5Ohf1Qh1pnmqiKhEA6lVsayuy3SnftVFWtPWJwX6FxnTAUSVg
.ashleyrnadison.com/ Name: _cfuvid
Value: UoEr7ge.KIquG1vaXVd5xKsp_NerC0aNRGQQpC3XLwU-1715000699934-0.0.1.1-604800000

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://www.ashleyrnadison.com/v4new?offer_id=4&affiliate_id=184&affiliate_sub=88435_&affiliate_click_id=10260f09d31dd57d3b170e1b3ed7f9&transaction_id=10285150aa6f6218d85231e091de26
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN