urlscan.io logo urlscan.io
SecurityTrails logo

igbh.ingoguat.com Open in urlscan Pro
172.67.204.31  Private Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lacplesis.delfi.lv/adsAdmin/redir.php?uid=1439888198&cid=c3_26488405&cname=Oli&cimg=http://lacplesis.delfi.lv/adsAd...
Effective URL: https://igbh.ingoguat.com/W0dbMo/
Submission: On July 02 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 10 HTTP transactions. The main IP is 172.67.204.31, located in United States and belongs to CLOUDFLARENET, US. The main domain is igbh.ingoguat.com.
TLS certificate: Issued by WE1 on June 25th 2024. Valid for: 3 months.
This is the only time igbh.ingoguat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 62.63.137.94 5518 (TET_)
1 1 167.89.118.35 11377 (SENDGRID)
2 185.199.109.153 54113 (FASTLY)
1 104.17.72.14 13335 (CLOUDFLAR...)
2 172.67.204.31 13335 (CLOUDFLAR...)
1 188.114.96.3 13335 (CLOUDFLAR...)
1 151.101.2.137 54113 (FASTLY)
1 3 104.17.2.184 13335 (CLOUDFLAR...)
1 104.17.25.14 13335 (CLOUDFLAR...)
10 7
1    62.63.137.94 (Latvia)

ASN5518 (TET_, LV)
PTR: lacplesis.delfi.lv
lacplesis.delfi.lv
1    167.89.118.35 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x35.outbound-mail.sendgrid.net
u45399925.ct.sendgrid.net
2    185.199.109.153 (San Francisco, United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-153.github.com
sofia092111.github.io
1    104.17.72.14 (None, )

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
2    172.67.204.31 (United States)

ASN13335 (CLOUDFLARENET, US)
igbh.ingoguat.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
dzccd.25bvnw8.ru
1    151.101.2.137 (San Francisco, United States)

ASN54113 (FASTLY, US)
code.jquery.com
3    104.17.2.184 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
5 cloudflare.com
ajax.cloudflare.com — Cisco Umbrella Rank: 3133
challenges.cloudflare.com — Cisco Umbrella Rank: 4311
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
33 KB
2 ingoguat.com
igbh.ingoguat.com
5 KB
2 github.io
sofia092111.github.io
4 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 816
30 KB
1 25bvnw8.ru
dzccd.25bvnw8.ru
438 B
1 sendgrid.net
u45399925.ct.sendgrid.net
368 B
1 delfi.lv
lacplesis.delfi.lv — Cisco Umbrella Rank: 561138
1023 B
10 7
Domain Requested by
3 challenges.cloudflare.com 1 redirects igbh.ingoguat.com
challenges.cloudflare.com
2 igbh.ingoguat.com sofia092111.github.io
2 sofia092111.github.io sofia092111.github.io
1 cdnjs.cloudflare.com igbh.ingoguat.com
1 code.jquery.com igbh.ingoguat.com
1 dzccd.25bvnw8.ru igbh.ingoguat.com
1 ajax.cloudflare.com sofia092111.github.io
1 u45399925.ct.sendgrid.net 1 redirects
1 lacplesis.delfi.lv 1 redirects
10 9

This site contains no links.

Subject Issuer Validity Valid
*.github.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-15 -
2025-03-14		 a year crt.sh
ajax.cloudflare.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-08-01 -
2024-08-15		 a year crt.sh
ingoguat.com
WE1		 2024-06-25 -
2024-09-23		 3 months crt.sh
25bvnw8.ru
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://igbh.ingoguat.com/W0dbMo/
Frame ID: 6E9E2FC15E59771A8C58CCFEC8493DAB
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/53hts/0x4AAAAAAAdcvA0pOG4yf-BL/auto/normal
Frame ID: 94D01427A69A27656AB910FF3FB1C88C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Income Tax

Page URL History Show full URLs

  1. http://lacplesis.delfi.lv/adsAdmin/redir.php?uid=1439888198&cid=c3_26488405&cname=Oli&cimg=http://lacp... HTTP 307
    https://lacplesis.delfi.lv/adsAdmin/redir.php?uid=1439888198&cid=c3_26488405&cname=Oli&cimg=http://lacp... HTTP 307
    http://lacplesis.delfi.lv/adsAdmin/redir.php?uid=1439888198&cid=c3_26488405&cname=Oli&cimg=http://lacp... HTTP 302
    http://u45399925.ct.sendgrid.net/ls/click?upn=u001.P5twhHPZ8ddWUFr7QzBnFwu49oAc39ZGizb-2Bfon967kbcwRt2sNk6Jjf... HTTP 307
    https://u45399925.ct.sendgrid.net/ls/click?upn=u001.P5twhHPZ8ddWUFr7QzBnFwu49oAc39ZGizb-2Bfon967kbcwRt2sNk6Jjf... HTTP 302
    https://sofia092111.github.io/sofiamevistapa/?redirect_mongo_id=6682f233803d945f9b74d663&utm_source=Spring... Page URL
  2. https://igbh.ingoguat.com/W0dbMo/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

90 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

7
IPs

4
Countries

72 kB
Transfer

203 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lacplesis.delfi.lv/adsAdmin/redir.php?uid=1439888198&cid=c3_26488405&cname=Oli&cimg=http://lacplesis.delfi.lv/adsAdmin/i/preview_610959355.jpeg&u=http://u45399925.ct.sendgrid.net/ls/click?upn=u001.P5twhHPZ8ddWUFr7QzBnFwu49oAc39ZGizb-2Bfon967kbcwRt2sNk6JjfNCZEE-2FTF-2FHoiWdYQrm-2BaC52TuWCJej0YI5kfex8VfzUB1a67WbLiT9ohVcNtosyNi9ytLLEcDQXfRBVAA-2FdpgZtDkHQ8xs4SIoBnJAud0U-2FjpMXqFKFlTd0oPucHMBmsfYbr1W1bFPuqjXwvWKhbYIawiZ-2FwOAwiIppc-2BCo-2F8nqqi4BfLzk-3DMqvb_NbKRw1e3eztFxz5vjavcmdoozMVb-2Fr9DO9Yopnv1-2BLKGiSlXTn5tLJ1E7D2gLcuSGQnw2-2Fq4dCGhuTgI-2FCh5wHXEnMeo0XxpcK4Mkyr-2BEvScg-2FUSbGEX9xfg7lbd7-2BEUQV4vzADZ1KbjvJb-2F3jeIzI8hMEWxcR-2FvoUctYwvxe6s8UPP7JWdl8MT6KpZBxyaUh915FMBuvi2lS6-2F8fnrckX9z1kD9sexnkBHRayLfAlh-2ForEpzapShaXRSzAtUpDX0sBB2LbmnEos21q1NyUL3QsMhMVGxXLqUuSt6pUy07V9B9Sh6jRjnbDb6-2BdhXshHy9AJkauhe2uJY5ocKUdgGbRT-2FLzAmQyl1NT1kteHPrWoZ-2FeMfwWZoaws4bMh8gV6TH9XPlpoVe9KPpNrxZoApxusvvksTCG28qqycpgMXINjNOsje7gNMLZggLxa8d-2FF&c=E,1,5bEVim247z1fGhtUhmYwbNu1H8iIZr4NrgaCfUxKZdTyuUxW48gwPUfsoILDy-FCjYA5-2MCgtJlXy5N3PAFAD47XFHidB4K4cNJC7Z-FhFR1P96vPVq&typo=1&sa=D&sntz=1&usg=AOvVaw3M2IK1451r_uQGYiEVyOIF&sa=D&source=editors&ust=1719861584574540&usg=AOvVaw3XnUDNEs0mfujfRThl97w7 HTTP 307
    https://lacplesis.delfi.lv/adsAdmin/redir.php?uid=1439888198&cid=c3_26488405&cname=Oli&cimg=http://lacplesis.delfi.lv/adsAdmin/i/preview_610959355.jpeg&u=http://u45399925.ct.sendgrid.net/ls/click?upn=u001.P5twhHPZ8ddWUFr7QzBnFwu49oAc39ZGizb-2Bfon967kbcwRt2sNk6JjfNCZEE-2FTF-2FHoiWdYQrm-2BaC52TuWCJej0YI5kfex8VfzUB1a67WbLiT9ohVcNtosyNi9ytLLEcDQXfRBVAA-2FdpgZtDkHQ8xs4SIoBnJAud0U-2FjpMXqFKFlTd0oPucHMBmsfYbr1W1bFPuqjXwvWKhbYIawiZ-2FwOAwiIppc-2BCo-2F8nqqi4BfLzk-3DMqvb_NbKRw1e3eztFxz5vjavcmdoozMVb-2Fr9DO9Yopnv1-2BLKGiSlXTn5tLJ1E7D2gLcuSGQnw2-2Fq4dCGhuTgI-2FCh5wHXEnMeo0XxpcK4Mkyr-2BEvScg-2FUSbGEX9xfg7lbd7-2BEUQV4vzADZ1KbjvJb-2F3jeIzI8hMEWxcR-2FvoUctYwvxe6s8UPP7JWdl8MT6KpZBxyaUh915FMBuvi2lS6-2F8fnrckX9z1kD9sexnkBHRayLfAlh-2ForEpzapShaXRSzAtUpDX0sBB2LbmnEos21q1NyUL3QsMhMVGxXLqUuSt6pUy07V9B9Sh6jRjnbDb6-2BdhXshHy9AJkauhe2uJY5ocKUdgGbRT-2FLzAmQyl1NT1kteHPrWoZ-2FeMfwWZoaws4bMh8gV6TH9XPlpoVe9KPpNrxZoApxusvvksTCG28qqycpgMXINjNOsje7gNMLZggLxa8d-2FF&c=E,1,5bEVim247z1fGhtUhmYwbNu1H8iIZr4NrgaCfUxKZdTyuUxW48gwPUfsoILDy-FCjYA5-2MCgtJlXy5N3PAFAD47XFHidB4K4cNJC7Z-FhFR1P96vPVq&typo=1&sa=D&sntz=1&usg=AOvVaw3M2IK1451r_uQGYiEVyOIF&sa=D&source=editors&ust=1719861584574540&usg=AOvVaw3XnUDNEs0mfujfRThl97w7 HTTP 307
    http://lacplesis.delfi.lv/adsAdmin/redir.php?uid=1439888198&cid=c3_26488405&cname=Oli&cimg=http://lacplesis.delfi.lv/adsAdmin/i/preview_610959355.jpeg&u=http://u45399925.ct.sendgrid.net/ls/click?upn=u001.P5twhHPZ8ddWUFr7QzBnFwu49oAc39ZGizb-2Bfon967kbcwRt2sNk6JjfNCZEE-2FTF-2FHoiWdYQrm-2BaC52TuWCJej0YI5kfex8VfzUB1a67WbLiT9ohVcNtosyNi9ytLLEcDQXfRBVAA-2FdpgZtDkHQ8xs4SIoBnJAud0U-2FjpMXqFKFlTd0oPucHMBmsfYbr1W1bFPuqjXwvWKhbYIawiZ-2FwOAwiIppc-2BCo-2F8nqqi4BfLzk-3DMqvb_NbKRw1e3eztFxz5vjavcmdoozMVb-2Fr9DO9Yopnv1-2BLKGiSlXTn5tLJ1E7D2gLcuSGQnw2-2Fq4dCGhuTgI-2FCh5wHXEnMeo0XxpcK4Mkyr-2BEvScg-2FUSbGEX9xfg7lbd7-2BEUQV4vzADZ1KbjvJb-2F3jeIzI8hMEWxcR-2FvoUctYwvxe6s8UPP7JWdl8MT6KpZBxyaUh915FMBuvi2lS6-2F8fnrckX9z1kD9sexnkBHRayLfAlh-2ForEpzapShaXRSzAtUpDX0sBB2LbmnEos21q1NyUL3QsMhMVGxXLqUuSt6pUy07V9B9Sh6jRjnbDb6-2BdhXshHy9AJkauhe2uJY5ocKUdgGbRT-2FLzAmQyl1NT1kteHPrWoZ-2FeMfwWZoaws4bMh8gV6TH9XPlpoVe9KPpNrxZoApxusvvksTCG28qqycpgMXINjNOsje7gNMLZggLxa8d-2FF&c=E,1,5bEVim247z1fGhtUhmYwbNu1H8iIZr4NrgaCfUxKZdTyuUxW48gwPUfsoILDy-FCjYA5-2MCgtJlXy5N3PAFAD47XFHidB4K4cNJC7Z-FhFR1P96vPVq&typo=1&sa=D&sntz=1&usg=AOvVaw3M2IK1451r_uQGYiEVyOIF&sa=D&source=editors&ust=1719861584574540&usg=AOvVaw3XnUDNEs0mfujfRThl97w7 HTTP 302
    http://u45399925.ct.sendgrid.net/ls/click?upn=u001.P5twhHPZ8ddWUFr7QzBnFwu49oAc39ZGizb-2Bfon967kbcwRt2sNk6JjfNCZEE-2FTF-2FHoiWdYQrm-2BaC52TuWCJej0YI5kfex8VfzUB1a67WbLiT9ohVcNtosyNi9ytLLEcDQXfRBVAA-2FdpgZtDkHQ8xs4SIoBnJAud0U-2FjpMXqFKFlTd0oPucHMBmsfYbr1W1bFPuqjXwvWKhbYIawiZ-2FwOAwiIppc-2BCo-2F8nqqi4BfLzk-3DMqvb_NbKRw1e3eztFxz5vjavcmdoozMVb-2Fr9DO9Yopnv1-2BLKGiSlXTn5tLJ1E7D2gLcuSGQnw2-2Fq4dCGhuTgI-2FCh5wHXEnMeo0XxpcK4Mkyr-2BEvScg-2FUSbGEX9xfg7lbd7-2BEUQV4vzADZ1KbjvJb-2F3jeIzI8hMEWxcR-2FvoUctYwvxe6s8UPP7JWdl8MT6KpZBxyaUh915FMBuvi2lS6-2F8fnrckX9z1kD9sexnkBHRayLfAlh-2ForEpzapShaXRSzAtUpDX0sBB2LbmnEos21q1NyUL3QsMhMVGxXLqUuSt6pUy07V9B9Sh6jRjnbDb6-2BdhXshHy9AJkauhe2uJY5ocKUdgGbRT-2FLzAmQyl1NT1kteHPrWoZ-2FeMfwWZoaws4bMh8gV6TH9XPlpoVe9KPpNrxZoApxusvvksTCG28qqycpgMXINjNOsje7gNMLZggLxa8d-2FF HTTP 307
    https://u45399925.ct.sendgrid.net/ls/click?upn=u001.P5twhHPZ8ddWUFr7QzBnFwu49oAc39ZGizb-2Bfon967kbcwRt2sNk6JjfNCZEE-2FTF-2FHoiWdYQrm-2BaC52TuWCJej0YI5kfex8VfzUB1a67WbLiT9ohVcNtosyNi9ytLLEcDQXfRBVAA-2FdpgZtDkHQ8xs4SIoBnJAud0U-2FjpMXqFKFlTd0oPucHMBmsfYbr1W1bFPuqjXwvWKhbYIawiZ-2FwOAwiIppc-2BCo-2F8nqqi4BfLzk-3DMqvb_NbKRw1e3eztFxz5vjavcmdoozMVb-2Fr9DO9Yopnv1-2BLKGiSlXTn5tLJ1E7D2gLcuSGQnw2-2Fq4dCGhuTgI-2FCh5wHXEnMeo0XxpcK4Mkyr-2BEvScg-2FUSbGEX9xfg7lbd7-2BEUQV4vzADZ1KbjvJb-2F3jeIzI8hMEWxcR-2FvoUctYwvxe6s8UPP7JWdl8MT6KpZBxyaUh915FMBuvi2lS6-2F8fnrckX9z1kD9sexnkBHRayLfAlh-2ForEpzapShaXRSzAtUpDX0sBB2LbmnEos21q1NyUL3QsMhMVGxXLqUuSt6pUy07V9B9Sh6jRjnbDb6-2BdhXshHy9AJkauhe2uJY5ocKUdgGbRT-2FLzAmQyl1NT1kteHPrWoZ-2FeMfwWZoaws4bMh8gV6TH9XPlpoVe9KPpNrxZoApxusvvksTCG28qqycpgMXINjNOsje7gNMLZggLxa8d-2FF HTTP 302
    https://sofia092111.github.io/sofiamevistapa/?redirect_mongo_id=6682f233803d945f9b74d663&utm_source=Springbot&utm_medium=Email&utm_campaign=6682f233803d945f9b74d664 Page URL
  2. https://igbh.ingoguat.com/W0dbMo/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://lacplesis.delfi.lv/adsAdmin/redir.php?uid=1439888198&cid=c3_26488405&cname=Oli&cimg=http://lacplesis.delfi.lv/adsAdmin/i/preview_610959355.jpeg&u=http://u45399925.ct.sendgrid.net/ls/click?upn=u001.P5twhHPZ8ddWUFr7QzBnFwu49oAc39ZGizb-2Bfon967kbcwRt2sNk6JjfNCZEE-2FTF-2FHoiWdYQrm-2BaC52TuWCJej0YI5kfex8VfzUB1a67WbLiT9ohVcNtosyNi9ytLLEcDQXfRBVAA-2FdpgZtDkHQ8xs4SIoBnJAud0U-2FjpMXqFKFlTd0oPucHMBmsfYbr1W1bFPuqjXwvWKhbYIawiZ-2FwOAwiIppc-2BCo-2F8nqqi4BfLzk-3DMqvb_NbKRw1e3eztFxz5vjavcmdoozMVb-2Fr9DO9Yopnv1-2BLKGiSlXTn5tLJ1E7D2gLcuSGQnw2-2Fq4dCGhuTgI-2FCh5wHXEnMeo0XxpcK4Mkyr-2BEvScg-2FUSbGEX9xfg7lbd7-2BEUQV4vzADZ1KbjvJb-2F3jeIzI8hMEWxcR-2FvoUctYwvxe6s8UPP7JWdl8MT6KpZBxyaUh915FMBuvi2lS6-2F8fnrckX9z1kD9sexnkBHRayLfAlh-2ForEpzapShaXRSzAtUpDX0sBB2LbmnEos21q1NyUL3QsMhMVGxXLqUuSt6pUy07V9B9Sh6jRjnbDb6-2BdhXshHy9AJkauhe2uJY5ocKUdgGbRT-2FLzAmQyl1NT1kteHPrWoZ-2FeMfwWZoaws4bMh8gV6TH9XPlpoVe9KPpNrxZoApxusvvksTCG28qqycpgMXINjNOsje7gNMLZggLxa8d-2FF&c=E,1,5bEVim247z1fGhtUhmYwbNu1H8iIZr4NrgaCfUxKZdTyuUxW48gwPUfsoILDy-FCjYA5-2MCgtJlXy5N3PAFAD47XFHidB4K4cNJC7Z-FhFR1P96vPVq&typo=1&sa=D&sntz=1&usg=AOvVaw3M2IK1451r_uQGYiEVyOIF&sa=D&source=editors&ust=1719861584574540&usg=AOvVaw3XnUDNEs0mfujfRThl97w7 HTTP 307
  • https://lacplesis.delfi.lv/adsAdmin/redir.php?uid=1439888198&cid=c3_26488405&cname=Oli&cimg=http://lacplesis.delfi.lv/adsAdmin/i/preview_610959355.jpeg&u=http://u45399925.ct.sendgrid.net/ls/click?upn=u001.P5twhHPZ8ddWUFr7QzBnFwu49oAc39ZGizb-2Bfon967kbcwRt2sNk6JjfNCZEE-2FTF-2FHoiWdYQrm-2BaC52TuWCJej0YI5kfex8VfzUB1a67WbLiT9ohVcNtosyNi9ytLLEcDQXfRBVAA-2FdpgZtDkHQ8xs4SIoBnJAud0U-2FjpMXqFKFlTd0oPucHMBmsfYbr1W1bFPuqjXwvWKhbYIawiZ-2FwOAwiIppc-2BCo-2F8nqqi4BfLzk-3DMqvb_NbKRw1e3eztFxz5vjavcmdoozMVb-2Fr9DO9Yopnv1-2BLKGiSlXTn5tLJ1E7D2gLcuSGQnw2-2Fq4dCGhuTgI-2FCh5wHXEnMeo0XxpcK4Mkyr-2BEvScg-2FUSbGEX9xfg7lbd7-2BEUQV4vzADZ1KbjvJb-2F3jeIzI8hMEWxcR-2FvoUctYwvxe6s8UPP7JWdl8MT6KpZBxyaUh915FMBuvi2lS6-2F8fnrckX9z1kD9sexnkBHRayLfAlh-2ForEpzapShaXRSzAtUpDX0sBB2LbmnEos21q1NyUL3QsMhMVGxXLqUuSt6pUy07V9B9Sh6jRjnbDb6-2BdhXshHy9AJkauhe2uJY5ocKUdgGbRT-2FLzAmQyl1NT1kteHPrWoZ-2FeMfwWZoaws4bMh8gV6TH9XPlpoVe9KPpNrxZoApxusvvksTCG28qqycpgMXINjNOsje7gNMLZggLxa8d-2FF&c=E,1,5bEVim247z1fGhtUhmYwbNu1H8iIZr4NrgaCfUxKZdTyuUxW48gwPUfsoILDy-FCjYA5-2MCgtJlXy5N3PAFAD47XFHidB4K4cNJC7Z-FhFR1P96vPVq&typo=1&sa=D&sntz=1&usg=AOvVaw3M2IK1451r_uQGYiEVyOIF&sa=D&source=editors&ust=1719861584574540&usg=AOvVaw3XnUDNEs0mfujfRThl97w7 HTTP 307
  • http://lacplesis.delfi.lv/adsAdmin/redir.php?uid=1439888198&cid=c3_26488405&cname=Oli&cimg=http://lacplesis.delfi.lv/adsAdmin/i/preview_610959355.jpeg&u=http://u45399925.ct.sendgrid.net/ls/click?upn=u001.P5twhHPZ8ddWUFr7QzBnFwu49oAc39ZGizb-2Bfon967kbcwRt2sNk6JjfNCZEE-2FTF-2FHoiWdYQrm-2BaC52TuWCJej0YI5kfex8VfzUB1a67WbLiT9ohVcNtosyNi9ytLLEcDQXfRBVAA-2FdpgZtDkHQ8xs4SIoBnJAud0U-2FjpMXqFKFlTd0oPucHMBmsfYbr1W1bFPuqjXwvWKhbYIawiZ-2FwOAwiIppc-2BCo-2F8nqqi4BfLzk-3DMqvb_NbKRw1e3eztFxz5vjavcmdoozMVb-2Fr9DO9Yopnv1-2BLKGiSlXTn5tLJ1E7D2gLcuSGQnw2-2Fq4dCGhuTgI-2FCh5wHXEnMeo0XxpcK4Mkyr-2BEvScg-2FUSbGEX9xfg7lbd7-2BEUQV4vzADZ1KbjvJb-2F3jeIzI8hMEWxcR-2FvoUctYwvxe6s8UPP7JWdl8MT6KpZBxyaUh915FMBuvi2lS6-2F8fnrckX9z1kD9sexnkBHRayLfAlh-2ForEpzapShaXRSzAtUpDX0sBB2LbmnEos21q1NyUL3QsMhMVGxXLqUuSt6pUy07V9B9Sh6jRjnbDb6-2BdhXshHy9AJkauhe2uJY5ocKUdgGbRT-2FLzAmQyl1NT1kteHPrWoZ-2FeMfwWZoaws4bMh8gV6TH9XPlpoVe9KPpNrxZoApxusvvksTCG28qqycpgMXINjNOsje7gNMLZggLxa8d-2FF&c=E,1,5bEVim247z1fGhtUhmYwbNu1H8iIZr4NrgaCfUxKZdTyuUxW48gwPUfsoILDy-FCjYA5-2MCgtJlXy5N3PAFAD47XFHidB4K4cNJC7Z-FhFR1P96vPVq&typo=1&sa=D&sntz=1&usg=AOvVaw3M2IK1451r_uQGYiEVyOIF&sa=D&source=editors&ust=1719861584574540&usg=AOvVaw3XnUDNEs0mfujfRThl97w7 HTTP 302
  • http://u45399925.ct.sendgrid.net/ls/click?upn=u001.P5twhHPZ8ddWUFr7QzBnFwu49oAc39ZGizb-2Bfon967kbcwRt2sNk6JjfNCZEE-2FTF-2FHoiWdYQrm-2BaC52TuWCJej0YI5kfex8VfzUB1a67WbLiT9ohVcNtosyNi9ytLLEcDQXfRBVAA-2FdpgZtDkHQ8xs4SIoBnJAud0U-2FjpMXqFKFlTd0oPucHMBmsfYbr1W1bFPuqjXwvWKhbYIawiZ-2FwOAwiIppc-2BCo-2F8nqqi4BfLzk-3DMqvb_NbKRw1e3eztFxz5vjavcmdoozMVb-2Fr9DO9Yopnv1-2BLKGiSlXTn5tLJ1E7D2gLcuSGQnw2-2Fq4dCGhuTgI-2FCh5wHXEnMeo0XxpcK4Mkyr-2BEvScg-2FUSbGEX9xfg7lbd7-2BEUQV4vzADZ1KbjvJb-2F3jeIzI8hMEWxcR-2FvoUctYwvxe6s8UPP7JWdl8MT6KpZBxyaUh915FMBuvi2lS6-2F8fnrckX9z1kD9sexnkBHRayLfAlh-2ForEpzapShaXRSzAtUpDX0sBB2LbmnEos21q1NyUL3QsMhMVGxXLqUuSt6pUy07V9B9Sh6jRjnbDb6-2BdhXshHy9AJkauhe2uJY5ocKUdgGbRT-2FLzAmQyl1NT1kteHPrWoZ-2FeMfwWZoaws4bMh8gV6TH9XPlpoVe9KPpNrxZoApxusvvksTCG28qqycpgMXINjNOsje7gNMLZggLxa8d-2FF HTTP 307
  • https://u45399925.ct.sendgrid.net/ls/click?upn=u001.P5twhHPZ8ddWUFr7QzBnFwu49oAc39ZGizb-2Bfon967kbcwRt2sNk6JjfNCZEE-2FTF-2FHoiWdYQrm-2BaC52TuWCJej0YI5kfex8VfzUB1a67WbLiT9ohVcNtosyNi9ytLLEcDQXfRBVAA-2FdpgZtDkHQ8xs4SIoBnJAud0U-2FjpMXqFKFlTd0oPucHMBmsfYbr1W1bFPuqjXwvWKhbYIawiZ-2FwOAwiIppc-2BCo-2F8nqqi4BfLzk-3DMqvb_NbKRw1e3eztFxz5vjavcmdoozMVb-2Fr9DO9Yopnv1-2BLKGiSlXTn5tLJ1E7D2gLcuSGQnw2-2Fq4dCGhuTgI-2FCh5wHXEnMeo0XxpcK4Mkyr-2BEvScg-2FUSbGEX9xfg7lbd7-2BEUQV4vzADZ1KbjvJb-2F3jeIzI8hMEWxcR-2FvoUctYwvxe6s8UPP7JWdl8MT6KpZBxyaUh915FMBuvi2lS6-2F8fnrckX9z1kD9sexnkBHRayLfAlh-2ForEpzapShaXRSzAtUpDX0sBB2LbmnEos21q1NyUL3QsMhMVGxXLqUuSt6pUy07V9B9Sh6jRjnbDb6-2BdhXshHy9AJkauhe2uJY5ocKUdgGbRT-2FLzAmQyl1NT1kteHPrWoZ-2FeMfwWZoaws4bMh8gV6TH9XPlpoVe9KPpNrxZoApxusvvksTCG28qqycpgMXINjNOsje7gNMLZggLxa8d-2FF HTTP 302
  • https://sofia092111.github.io/sofiamevistapa/?redirect_mongo_id=6682f233803d945f9b74d663&utm_source=Springbot&utm_medium=Email&utm_campaign=6682f233803d945f9b74d664
Request Chain 6
  • https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/d2a97f6b6ec9/api.js

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
sofia092111.github.io/sofiamevistapa/
Redirect Chain
  • http://lacplesis.delfi.lv/adsAdmin/redir.php?uid=1439888198&cid=c3_26488405&cname=Oli&cimg=http://lacplesis.delfi.lv/adsAdmin/i/preview_610959355.jpeg&u=http://u45399925.ct.sendgrid.net/ls/click?up...
  • https://lacplesis.delfi.lv/adsAdmin/redir.php?uid=1439888198&cid=c3_26488405&cname=Oli&cimg=http://lacplesis.delfi.lv/adsAdmin/i/preview_610959355.jpeg&u=http://u45399925.ct.sendgrid.net/ls/click?u...
  • http://lacplesis.delfi.lv/adsAdmin/redir.php?uid=1439888198&cid=c3_26488405&cname=Oli&cimg=http://lacplesis.delfi.lv/adsAdmin/i/preview_610959355.jpeg&u=http://u45399925.ct.sendgrid.net/ls/click?up...
  • http://u45399925.ct.sendgrid.net/ls/click?upn=u001.P5twhHPZ8ddWUFr7QzBnFwu49oAc39ZGizb-2Bfon967kbcwRt2sNk6JjfNCZEE-2FTF-2FHoiWdYQrm-2BaC52TuWCJej0YI5kfex8VfzUB1a67WbLiT9ohVcNtosyNi9ytLLEcDQXfRBVAA-...
  • https://u45399925.ct.sendgrid.net/ls/click?upn=u001.P5twhHPZ8ddWUFr7QzBnFwu49oAc39ZGizb-2Bfon967kbcwRt2sNk6JjfNCZEE-2FTF-2FHoiWdYQrm-2BaC52TuWCJej0YI5kfex8VfzUB1a67WbLiT9ohVcNtosyNi9ytLLEcDQXfRBVAA...
  • https://sofia092111.github.io/sofiamevistapa/?redirect_mongo_id=6682f233803d945f9b74d663&utm_source=Springbot&utm_medium=Email&utm_campaign=6682f233803d945f9b74d664
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sofia092111.github.io/sofiamevistapa/?redirect_mongo_id=6682f233803d945f9b74d663&utm_source=Springbot&utm_medium=Email&utm_campaign=6682f233803d945f9b74d664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
275
cache-control
max-age=600
content-encoding
gzip
content-length
3511
content-type
text/html; charset=utf-8
date
Tue, 02 Jul 2024 12:35:57 GMT
etag
W/"6682f1a6-2043"
expires
Tue, 02 Jul 2024 12:40:47 GMT
last-modified
Mon, 01 Jul 2024 18:12:54 GMT
permissions-policy
interest-cohort=()
server
GitHub.com
strict-transport-security
max-age=31556952
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
2
x-fastly-request-id
ea78c01d7593773e18edf08d28e3a6d8fefa4a54
x-github-request-id
82F8:0EB9:EE3F12:F38E11:6683F2F4
x-proxy-cache
MISS
x-served-by
cache-hel1410030-HEL
x-timer
S1719923757.455137,VS0,VE0

Redirect headers

Connection
keep-alive
Content-Length
199
Content-Type
text/html; charset=utf-8
Date
Tue, 02 Jul 2024 12:35:56 GMT
Location
https://sofia092111.github.io/sofiamevistapa/?redirect_mongo_id=6682f233803d945f9b74d663&utm_source=Springbot&utm_medium=Email&utm_campaign=6682f233803d945f9b74d664
Server
nginx
X-Robots-Tag
noindex, nofollow
api.js
sofia092111.github.io/cdn-cgi/bm/cv/669835187/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://sofia092111.github.io/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: sofia092111.github.io
URL: https://sofia092111.github.io/sofiamevistapa/?redirect_mongo_id=6682f233803d945f9b74d663&utm_source=Springbot&utm_medium=Email&utm_campaign=6682f233803d945f9b74d664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-109-153.github.com
Software
GitHub.com /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sofia092111.github.io/sofiamevistapa/?redirect_mongo_id=6682f233803d945f9b74d663&utm_source=Springbot&utm_medium=Email&utm_campaign=6682f233803d945f9b74d664
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fastly-request-id
f1ab41ae8c908bfab725fb795c3afcbf55639488
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding
gzip
via
1.1 varnish
date
Tue, 02 Jul 2024 12:35:57 GMT
age
310
x-cache
HIT
content-length
5142
x-served-by
cache-hel1410030-HEL
server
GitHub.com
x-github-request-id
43B7:1D93EF:836E3AA:8612D57:6683F2F7
x-timer
S1719923758.529996,VS0,VE0
etag
W/"667dfbb1-239b"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-cache-hits
2
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: sofia092111.github.io
URL: https://sofia092111.github.io/sofiamevistapa/?redirect_mongo_id=6682f233803d945f9b74d663&utm_source=Springbot&utm_medium=Email&utm_campaign=6682f233803d945f9b74d664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.72.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://sofia092111.github.io/sofiamevistapa/?redirect_mongo_id=6682f233803d945f9b74d663&utm_source=Springbot&utm_medium=Email&utm_campaign=6682f233803d945f9b74d664
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:35:58 GMT
strict-transport-security
max-age=15780000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 28 Jun 2024 11:26:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
gzip
etag
W/"667e9dca-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JAVCshaPk%2BelaFNnkw4Wwf439TWQEl0lkRdXMLMZ%2F66AJEidmhT%2FWKXTSjVNDXPBeiP%2BUevNA6DJOF20ZdT5e71ZwIT%2BUmR9TN0jlFQl8W16goEsSfBex%2F3puLJL3JM%2BgqCy7%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
89ceadc0c884d92e-HEL
expires
Thu, 04 Jul 2024 12:35:58 GMT
Primary Request /
igbh.ingoguat.com/W0dbMo/ 		6 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://igbh.ingoguat.com/W0dbMo/
Requested by
Host: sofia092111.github.io
URL: https://sofia092111.github.io/sofiamevistapa/?redirect_mongo_id=6682f233803d945f9b74d663&utm_source=Springbot&utm_medium=Email&utm_campaign=6682f233803d945f9b74d664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.204.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d2955357a1465ffb07a7dce46d882d605cf225a49cd4721596b8dbcfb9ff670

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://sofia092111.github.io/sofiamevistapa/?redirect_mongo_id=6682f233803d945f9b74d663&utm_source=Springbot&utm_medium=Email&utm_campaign=6682f233803d945f9b74d664
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
89ceadc0fedf92c7-CPH
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 02 Jul 2024 12:35:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n7SAP9uQUaUaeEkm6t06CvByAXZDFOWiPyj6%2BQ86GROE6rQPlKihJbvUbNDqZZEsT99g4FwZBY5beMZvAoaStrU4GTex3xTqMyZ8WZchBAk7w%2BqA4Ew62iOku%2BY%2FGg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
ytdepyuaqbowpnsiheZagwCAFHNEDPHHGLYBJQAKPCXQCYKWDTOHBKWYXHZBYDZIEPHRQGPABZFMIGD
dzccd.25bvnw8.ru/ 		1 B
438 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dzccd.25bvnw8.ru/ytdepyuaqbowpnsiheZagwCAFHNEDPHHGLYBJQAKPCXQCYKWDTOHBKWYXHZBYDZIEPHRQGPABZFMIGD
Requested by
Host: igbh.ingoguat.com
URL: https://igbh.ingoguat.com/W0dbMo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://igbh.ingoguat.com/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:36:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TOnq%2F97t20ulTUZFAxB2IIGLo3xeO%2FC1dOygN707CvdfzC0B4qpw0m%2BX3MWe6ySs843Wxd3kFc96sQldIMTOwyB4sKVZOkZbPldVDU9%2FKvo11I0DrG%2BpIxlqGJ%2BryepOWleg"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
89ceadca0f310bed-AMS
alt-svc
h3=":443"; ma=86400
favicon.ico
igbh.ingoguat.com/ 		0
324 B 		Other
General
Check archive.org
Download Go to
Full URL
https://igbh.ingoguat.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.204.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://igbh.ingoguat.com/W0dbMo/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:35:59 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ylczAteqSTLus%2B%2FpDreAds%2FCvE3YowEiMNONwcxxWtBkglMr3gZLSlyJepGbCvMIduNmV3kVyV7%2FQFdXOMylRZ6FHi6ii2bQbBVgbTPVp25eAf3jTogNsrlf9rsCKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
cf-ray
89ceadc59ffd92c7-CPH
alt-svc
h3=":443"; ma=86400
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: igbh.ingoguat.com
URL: https://igbh.ingoguat.com/W0dbMo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://igbh.ingoguat.com/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:36:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1328332
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-hel1410033-HEL
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1719923761.305144,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
16, 29482
api.js
challenges.cloudflare.com/turnstile/v0/g/d2a97f6b6ec9/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/g/d2a97f6b6ec9/api.js
42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/d2a97f6b6ec9/api.js
Requested by
Host: igbh.ingoguat.com
URL: https://igbh.ingoguat.com/W0dbMo/
Protocol
H2
Server
104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14b108c7f687c327d6aa759fd1d255a981d5d505b241b5b968b674e3bf50b2b9

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://igbh.ingoguat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 02 Jul 2024 12:36:01 GMT
content-encoding
br
last-modified
Thu, 27 Jun 2024 13:08:16 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
89ceadd4dd9a4e1c-HEL
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 02 Jul 2024 12:36:01 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/g/d2a97f6b6ec9/api.js
cache-control
max-age=300, public
cross-origin-resource-policy
cross-origin
cf-ray
89ceadd42d1c4e1c-HEL
alt-svc
h3=":443"; ma=86400
content-length
0
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
Requested by
Host: igbh.ingoguat.com
URL: https://igbh.ingoguat.com/W0dbMo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://igbh.ingoguat.com/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 12:36:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1091951
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13972
last-modified
Sat, 14 Aug 2021 20:33:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61182885-3694"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t0rm3I9Rgl2gqK8nsSuVwrHCMg0CHPXJBNbiM3EGno6115n7D5UCRyNIoqwBJCHdhzqZek5k6m8tNKCz3W64y4hwrTD8ClukN9flgDY%2BkkFucF3kaToX528BwzcW8VuakV70zJSy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89ceadd42ea48d93-HEL
expires
Sun, 22 Jun 2025 12:36:01 GMT
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/53hts/0x4AAAAAAAdcvA0pOG4yf-BL/auto/ Frame 94D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/53hts/0x4AAAAAAAdcvA0pOG4yf-BL/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://igbh.ingoguat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
89ceadd86d244c86-HEL
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jul 2024 12:36:02 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| $ function| jQuery object| turnstile object| CryptoJS function| ezNWbnJhFF function| HQZsHrqtDF

2 Cookies

Domain/Path Name / Value
igbh.ingoguat.com/ Name: XSRF-TOKEN
Value: eyJpdiI6InJ5aVhvcWdYUFJWeXI0VWc1ZzdSc3c9PSIsInZhbHVlIjoiRTU2cm0yOUxUVnJOT1NDNkRUTE12eXp0U1pQcDBxK0xaQTVzUzFIWWRlWkN1REQxWkFMd2xneEU5aGt3NWNtL3dOZ2NzcUlacFFFWFdpZkNJRDNNQTFpZWNKVGlQbjVuZnRlUVBCVUhucDlFcGdQUTBWbmVsSEQrU1gzdWFEeGMiLCJtYWMiOiIwMGI5YmEwZWYzMDRjZDMzMDg2MmIwNTcwMjJiMmQwMmNhMWIwZGVhZWEwNTQyMzIyZDdjMmFiY2E2OWI1MWE5IiwidGFnIjoiIn0%3D
igbh.ingoguat.com/ Name: laravel_session
Value: eyJpdiI6Ik9yZFdiUUJKa2sxeHd1Z0p5cFUxUWc9PSIsInZhbHVlIjoiSjRtOHNad2JxVFkzaDNtRm43WmpadzhaU01wcHVTbEhzZ1h1RnRKNm1aNW5tNjJxYzVab2t1OTJYNDNXcXFjRzRNQUUzVGVrK3FFak5wU0FxOGxjb2hzS1U5bnZMVXBWbk04ZkVJaXNiRm5lU0VRY0x5KzJMTjZxK3pFaXNlRnMiLCJtYWMiOiJjM2E0YzI3MGMwYjlkOWExYzc3ZjdkMzc5MzA3NmM4MTA0NjA5ODViMWMxN2JhOWQzZDFkMmUyZjI0YzNjOGY5IiwidGFnIjoiIn0%3D

8 Console Messages

Source Level URL
Text
network error URL: https://sofia092111.github.io/cdn-cgi/bm/cv/669835187/api.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://igbh.ingoguat.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://igbh.ingoguat.com/W0dbMo/(Line 6)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://igbh.ingoguat.com/W0dbMo/(Line 6)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://igbh.ingoguat.com/W0dbMo/(Line 6)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://igbh.ingoguat.com/W0dbMo/(Line 6)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://igbh.ingoguat.com/W0dbMo/(Line 6)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://igbh.ingoguat.com/W0dbMo/(Line 6)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556952