urlscan.io logo urlscan.io
SecurityTrails logo

go.prosperhemp.com Open in urlscan Pro
2606:4700::6810:dc2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://club.clot.travelingstarclub.com/ga/click/2-125772432-550-3939-7699-8686-351cc453cd-n07bd3b76d
Effective URL: https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&no...
Submission: On April 18 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2606:4700::6810:dc2, located in United States and belongs to CLOUDFLARENET, US. The main domain is go.prosperhemp.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 10th 2021. Valid for: a year.
This is the only time go.prosperhemp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.193.66.3 51167 (CONTABO)
1 1 23.229.68.39 55286 (SERVER-MANIA)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
13 2606:4700::68... 13335 (CLOUDFLAR...)
15 2
1    185.193.66.3 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: hmkr8yi.clot.travelingstarclub.com
club.clot.travelingstarclub.com
1    23.229.68.39 (Buffalo, United States)

ASN55286 (SERVER-MANIA, CA)
PTR: 5lxjbakfcy.mdxsales.com
toss.leadoeducation.com
1    2606:4700:3032::ac43:b0cc (United States)

ASN13335 (CLOUDFLARENET, US)
mwebblack.com
1    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
trk.legendaff.com
13    2606:4700::6810:dc2 (United States)

ASN13335 (CLOUDFLARENET, US)
go.prosperhemp.com
Apex Domain
Subdomains		 Transfer
13 prosperhemp.com
go.prosperhemp.com
264 KB
1 legendaff.com
trk.legendaff.com
2 KB
1 mwebblack.com
mwebblack.com
491 B
1 leadoeducation.com
toss.leadoeducation.com
301 B
1 travelingstarclub.com
club.clot.travelingstarclub.com
706 B
15 5
Domain Requested by
13 go.prosperhemp.com go.prosperhemp.com
1 trk.legendaff.com 1 redirects
1 mwebblack.com 1 redirects
1 toss.leadoeducation.com 1 redirects
1 club.clot.travelingstarclub.com 1 redirects
15 5

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
go.prosperhemp.com
Cloudflare Inc ECC CA-3		 2021-06-10 -
2022-06-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186
Frame ID: 001EB11C67D0F0A01FA7CD853B88376E
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://club.clot.travelingstarclub.com/ga/click/2-125772432-550-3939-7699-8686-351cc453cd-n07bd3b76d HTTP 302
    http://toss.leadoeducation.com/khgvcfgvhbjkhgvcfvhbj-hgfdxcgvhjkhgfcghj-kjhgfcdxcghjkhgfchj-jhgfcdxfcghjhgf... HTTP 302
    https://mwebblack.com/6738/186/2/?subid=jontmm7 HTTP 302
    https://trk.legendaff.com/aff_c?offer_id=67&aff_id=1143&aff_click_id=6738_sessid20220418190045956&aff_... HTTP 302
    https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3... Page URL
  2. https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3... Page URL

Page Statistics

15
Requests

87 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

2
IPs

2
Countries

264 kB
Transfer

311 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://club.clot.travelingstarclub.com/ga/click/2-125772432-550-3939-7699-8686-351cc453cd-n07bd3b76d HTTP 302
    http://toss.leadoeducation.com/khgvcfgvhbjkhgvcfvhbj-hgfdxcgvhjkhgfcghj-kjhgfcdxcghjkhgfchj-jhgfcdxfcghjhgfcghj-hgfdxfcghjhgfdgh9876546789765467 HTTP 302
    https://mwebblack.com/6738/186/2/?subid=jontmm7 HTTP 302
    https://trk.legendaff.com/aff_c?offer_id=67&aff_id=1143&aff_click_id=6738_sessid20220418190045956&aff_sub=186 HTTP 302
    https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186 Page URL
  2. https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://club.clot.travelingstarclub.com/ga/click/2-125772432-550-3939-7699-8686-351cc453cd-n07bd3b76d HTTP 302
  • http://toss.leadoeducation.com/khgvcfgvhbjkhgvcfvhbj-hgfdxcgvhjkhgfcghj-kjhgfcdxcghjkhgfchj-jhgfcdxfcghjhgfcghj-hgfdxfcghjhgfdgh9876546789765467 HTTP 302
  • https://mwebblack.com/6738/186/2/?subid=jontmm7 HTTP 302
  • https://trk.legendaff.com/aff_c?offer_id=67&aff_id=1143&aff_click_id=6738_sessid20220418190045956&aff_sub=186 HTTP 302
  • https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
copy-of-turmericbdhtf3gny6
go.prosperhemp.com/
Redirect Chain
  • https://club.clot.travelingstarclub.com/ga/click/2-125772432-550-3939-7699-8686-351cc453cd-n07bd3b76d
  • http://toss.leadoeducation.com/khgvcfgvhbjkhgvcfvhbj-hgfdxcgvhjkhgfcghj-kjhgfcdxcghjkhgfchj-jhgfcdxfcghjhgfcghj-hgfdxfcghjhgfdgh9876546789765467
  • https://mwebblack.com/6738/186/2/?subid=jontmm7
  • https://trk.legendaff.com/aff_c?offer_id=67&aff_id=1143&aff_click_id=6738_sessid20220418190045956&aff_sub=186
  • https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6...
12 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d361714bc4f568e193a426b1123bcbf3ae2ab8b6c9f806a5f64cc34236d26f32
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6fdfa42dcd450208-ZRH
content-type
text/html; charset=UTF-8
date
Mon, 18 Apr 2022 19:00:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

access-control-allow-headers
Tune-SDK-Version
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
6fdfa42cab9c7371-MRS
content-type
text/html; charset=iso-8859-1
date
Mon, 18 Apr 2022 19:00:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="NOI CUR OUR NOR INT"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cwfty4WNnA%2BUSVhG5epdaypJWPw9ogcdtezQFnm4RNn9UQ7gi79hxtPpaD1yvqdLnw4%2FOIqBotCNzvnNs8ooRrhwHWn4gJZl6s3gMBCHL%2F382BborLernU%2FHqeY2vxERt3aUkODyhsaksSrtcEDa6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tracking_id
102ec028e88a3b85d3d7a53b41b389
x-request-id
206a81f0797894abb4e59bc1b3364904
x-robots-tag
noindex, nofollow
v1
go.prosperhemp.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.prosperhemp.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6fdfa42dcd450208
Requested by
Host: go.prosperhemp.com
URL: https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4583c9016c681446c420ddfa3d4797c90c61b6e1c3952ed6d89ae135e3ccc132

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186&__cf_chl_rt_tk=G._XWLH8J_czye32rwH9eaemq0YoRdspggjTmQeG7JM-1650308405-0-gaNycGzNCFE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:00:05 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, must-revalidate
cf-ray
6fdfa42e1dc50208-ZRH
transparent.gif
go.prosperhemp.com/cdn-cgi/images/trace/jschal/js/ 		42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.prosperhemp.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=6fdfa42dcd450208
Requested by
Host: go.prosperhemp.com
URL: https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186&__cf_chl_rt_tk=G._XWLH8J_czye32rwH9eaemq0YoRdspggjTmQeG7JM-1650308405-0-gaNycGzNCFE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186&__cf_chl_rt_tk=G._XWLH8J_czye32rwH9eaemq0YoRdspggjTmQeG7JM-1650308405-0-gaNycGzNCFE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:00:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 11:16:25 GMT
server
cloudflare
etag
"62555f89-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
6fdfa42e1dcb0208-ZRH
vary
Accept-Encoding
content-length
42
expires
Mon, 18 Apr 2022 21:00:05 GMT
transparent.gif
go.prosperhemp.com/cdn-cgi/images/trace/jschal/nojs/ 		42 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.prosperhemp.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=6fdfa42dcd450208
Requested by
Host: go.prosperhemp.com
URL: https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186&__cf_chl_rt_tk=G._XWLH8J_czye32rwH9eaemq0YoRdspggjTmQeG7JM-1650308405-0-gaNycGzNCFE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186&__cf_chl_rt_tk=G._XWLH8J_czye32rwH9eaemq0YoRdspggjTmQeG7JM-1650308405-0-gaNycGzNCFE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:00:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 11:16:25 GMT
server
cloudflare
etag
"62555f89-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
6fdfa42e1dcd0208-ZRH
vary
Accept-Encoding
content-length
42
expires
Mon, 18 Apr 2022 21:00:05 GMT
36912fd913354d2
go.prosperhemp.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.34987090849906355:1650307112:9ce3c65210009e2e8c96da61cc4b58269fd755b43e09243546ec32e154bdce4c/6fdfa42dcd450208/ 		92 KB
92 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.prosperhemp.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.34987090849906355:1650307112:9ce3c65210009e2e8c96da61cc4b58269fd755b43e09243546ec32e154bdce4c/6fdfa42dcd450208/36912fd913354d2
Requested by
Host: go.prosperhemp.com
URL: https://go.prosperhemp.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6fdfa42dcd450208
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
070e8b5fac5a3d271d9a4d13fb486d215fc4cb299c47fb7dfa1e0c6c77955aaa

Request headers

Referer
https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
CF-Challenge
36912fd913354d2
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 18 Apr 2022 19:00:05 GMT
cf_chl_gen
ADfRePAIdzrHBOQSDZKDGDWeXYmJdmoE43d3U+Eq/TBiVPy6cu7bqN3W3RvDRVOVS5xHaKofSB8cHSe1m6JxFomKPwE2el/iiAGxZL2+eEtNtxlgvNKhV/RtFlivs/1I7uiCOm4pX3chLA7cW432aoyOjp9j8BvzHufbKud7DOQLMOYDUCchfOA5eXtigYJMQ5U05O//kAUc5OMV/97siOtBS89xbZJrsnIGvogquAYAWHuDtIT1tU5lXVCOH2A5FyTH5y/NST5NyR4K9Ee0kgI3ej30hA0kLmLSgiXTLzftADK9hwDcNiqncWl/j/Rt$XmytCM8kB1vq/AaB0k2ZTA==
server
cloudflare
cf-ray
6fdfa42f0f590208-ZRH
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Tx7bewmUON-RIkt
go.prosperhemp.com/cdn-cgi/challenge-platform/h/b/img/6fdfa42dcd450208/1650308405621/ 		61 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.prosperhemp.com/cdn-cgi/challenge-platform/h/b/img/6fdfa42dcd450208/1650308405621/Tx7bewmUON-RIkt
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
394c1bcd235b324a63a020ed0b17819e60a4d75794b5e08a90c8d7f1d7f01046

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:00:05 GMT
server
cloudflare
cf-ray
6fdfa43089a50208-ZRH
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
36912fd913354d2
go.prosperhemp.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.34987090849906355:1650307112:9ce3c65210009e2e8c96da61cc4b58269fd755b43e09243546ec32e154bdce4c/6fdfa42dcd450208/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.prosperhemp.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.34987090849906355:1650307112:9ce3c65210009e2e8c96da61cc4b58269fd755b43e09243546ec32e154bdce4c/6fdfa42dcd450208/36912fd913354d2
Requested by
Host: go.prosperhemp.com
URL: https://go.prosperhemp.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6fdfa42dcd450208
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fedd212c3fed2b09a9c6556c7c2301334696d8a795bd3c7886e8a58710aeb548

Request headers

Referer
https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
CF-Challenge
36912fd913354d2
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 18 Apr 2022 19:00:07 GMT
cf_chl_out_s
+HPyl497I8Ol8F+V3sbL/NZCRhIxHqcfuKVYsDsVYsucqyPdxPNYk5jyZ9xWPRSCs0DTafnMTA6GWZcDAAd/iYWzGHQXgJMioNCoHSPsmfEdkOkUBWW9BftybfQaHpVewxHyuVRm8YIUUaWmO6F/Arky9B6ASG9Qx/Jvac3bBWA=$45s7CSNdyAxJkwDepAI3tQ==
cf-ray
6fdfa4382f110208-ZRH
cf_chl_out
FFRILUH+GXPTMgcq8pG1sN51h90B8gVfsL1ltus8DnVjwDRTPAs7eHli79qU/HdDmi3eoH0ms0vD3B4A66EVFg==$lcJuqjAr4ijclpDh9kLKrw==
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
Primary Request copy-of-turmericbdhtf3gny6
go.prosperhemp.com/ 		12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186
Requested by
Host: go.prosperhemp.com
URL: https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbc8331f778c97bf64222cb4b52a883c42c67d9f3da3f1aa4c74ec2310ef3826
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
6fdfa4451df10208-ZRH
content-type
text/html; charset=UTF-8
date
Mon, 18 Apr 2022 19:00:09 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
v1
go.prosperhemp.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.prosperhemp.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6fdfa4451df10208
Requested by
Host: go.prosperhemp.com
URL: https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
065df2f8d94f6a1bb920eb3d6a9e9333bab44d050d7fdfb10dfd41a26da1409b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186&__cf_chl_rt_tk=.ORDzYQgz9RcYmFvW6dfrY4MwdcnEO8fKpzP5FETlAI-1650308409-0-gaNycGzNCJE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:00:09 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, must-revalidate
cf-ray
6fdfa4455e530208-ZRH
transparent.gif
go.prosperhemp.com/cdn-cgi/images/trace/jschal/js/ 		42 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.prosperhemp.com/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=6fdfa4451df10208
Requested by
Host: go.prosperhemp.com
URL: https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186&__cf_chl_rt_tk=.ORDzYQgz9RcYmFvW6dfrY4MwdcnEO8fKpzP5FETlAI-1650308409-0-gaNycGzNCJE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186&__cf_chl_rt_tk=.ORDzYQgz9RcYmFvW6dfrY4MwdcnEO8fKpzP5FETlAI-1650308409-0-gaNycGzNCJE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:00:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 11:16:25 GMT
server
cloudflare
etag
"62555f89-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
6fdfa4455e540208-ZRH
vary
Accept-Encoding
content-length
42
expires
Mon, 18 Apr 2022 21:00:09 GMT
transparent.gif
go.prosperhemp.com/cdn-cgi/images/trace/jschal/nojs/ 		42 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.prosperhemp.com/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=6fdfa4451df10208
Requested by
Host: go.prosperhemp.com
URL: https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186&__cf_chl_rt_tk=.ORDzYQgz9RcYmFvW6dfrY4MwdcnEO8fKpzP5FETlAI-1650308409-0-gaNycGzNCJE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186&__cf_chl_rt_tk=.ORDzYQgz9RcYmFvW6dfrY4MwdcnEO8fKpzP5FETlAI-1650308409-0-gaNycGzNCJE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:00:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 11:16:25 GMT
server
cloudflare
etag
"62555f89-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
6fdfa4455e560208-ZRH
vary
Accept-Encoding
content-length
42
expires
Mon, 18 Apr 2022 21:00:09 GMT
679249f9034d025
go.prosperhemp.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.48085957194819523:1650307116:2154c2bdbc3b0e8d12bf46fd1143da0b4e71baa26ca9fd1ca74bbd58cb29be3d/6fdfa4451df10208/ 		114 KB
114 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.prosperhemp.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.48085957194819523:1650307116:2154c2bdbc3b0e8d12bf46fd1143da0b4e71baa26ca9fd1ca74bbd58cb29be3d/6fdfa4451df10208/679249f9034d025
Requested by
Host: go.prosperhemp.com
URL: https://go.prosperhemp.com/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=6fdfa4451df10208
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
814d47a7b9bc939e35f7d6740a49c2d4825565ae9e968c9078e691e9226dc1f2

Request headers

Referer
https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
CF-Challenge
679249f9034d025
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 18 Apr 2022 19:00:09 GMT
cf_chl_gen
gaIoeOgqpxmbgEj2NJNe3rx12Ry3wJY2U7aehH9twLhYVKmr2468PIJFkDBW5GgidJ57mZ9733yuWxWFEw1GBOUHrJ2C7o4tWF5VCA74XaTvCiq3bFTk+wTmEkLImEA7ElrPlwAg5vU5f40EkjnWNJtd3eEUVKANGiY+iW4Vdh6FhY6ElNY4j6U/LrmgJAROlNpEkX8VzPOJKdViMRQ0ccqpp+Jz+d89gA3eoUXyOLhn7SyCLccovHtJ2Mgwz1L6v9G3oYrXt5p7F24p32lCB6/WmARXfV6X6nrMEgSASLas4e4ODhOk0nH8r/DVFnHb$28lmKmwomLDEw9QRe51Ydg==
server
cloudflare
cf-ray
6fdfa4464fff0208-ZRH
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
6QUV0g6n8Zi7BVD
go.prosperhemp.com/cdn-cgi/challenge-platform/h/b/img/6fdfa4451df10208/1650308409345/ 		61 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.prosperhemp.com/cdn-cgi/challenge-platform/h/b/img/6fdfa4451df10208/1650308409345/6QUV0g6n8Zi7BVD
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7eb613fdd3545479e166a6b99c29ae6e73cea05275717f3b14996231deacca7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 19:00:09 GMT
server
cloudflare
cf-ray
6fdfa446f9260208-ZRH
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| _cf_chl_opt function| _cf_chl_enter function| SHA256 function| sendRequest function| _cf_atob boolean| _cf_chl_done_ran function| _cf_chl_done object| _cf_chl_ctx

5 Cookies

Domain/Path Name / Value
trk.legendaff.com/ Name: enc_aff_session_67
Value: ENC03a956e17e7318449b36fe52225f2766454b125dcfa51042244f75567e200181b163ef977fbc8863546324c5a2e7e214637f636a45d83840f241b0899b5922f29db223bd07fc0abc666397a5f3776a8cbff6322a2ed95affeb67b96dc2378d6d874c875c089e1a65f228558c6eb8d461fba038b37af91bce799f134e6ff550890c2941d73d
trk.legendaff.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDAuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTAwLjAuNDg5Ni43NSBTYWZhcmkvNTM3LjM2IiwiYWNjZXB0X2xhbmd1YWdlIjoiZGUtREUsZGU7cT0wLjkiLCJjb25uZWN0aW9uX3NwZWVkIjoiYnJvYWRiYW5kIn0=
.go.prosperhemp.com/ Name: __cf_bm
Value: HnxE_i9UpXT7.DU2DlKnEY2bztf3MolTNWoEmOK1NRo-1650308405-0-AZ52WAXve6uDTmw88OS4N88TJiA253aExdYIiwW99KtyX6yrxiTxAyT15Q8kUDA7/tSAW1dx1DtCA9gbsO4O6Tz+JWQQWcHNOwJB86t40ZZW
go.prosperhemp.com/ Name: cf_chl_rc_ni
Value: 1
go.prosperhemp.com/ Name: cf_chl_prog
Value: e

4 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186
Message:
Failed to load resource: the server responded with a status of 503 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://go.prosperhemp.com/copy-of-turmericbdhtf3gny6?affiliate_id=&aff_sub=1143&aff_sub2=102ec028e88a3b85d3d7a53b41b389&nopopup=false&noautoplay=false&cookiepreview=false&ho_aff_id=1143&click_id=6738_sessid20220418190045956&trans_id=102ec028e88a3b85d3d7a53b41b389&fix=186
Message:
Failed to load resource: the server responded with a status of 503 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN