zrcrivuncddndhj.buzz Open in urlscan Pro
2606:4700:3034::ac43:b435 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://zrcrivuncddndhj.buzz/
Submission: On January 23 via api (January 23rd 2024, 10:31:46 pm UTC) from US — Scanned from US

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3034::ac43:b435, located in United States and belongs to CLOUDFLARENET, US. The main domain is zrcrivuncddndhj.buzz.
TLS certificate: Issued by E1 on January 23rd 2024. Valid for: 3 months.

This is the only time zrcrivuncddndhj.buzz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	2606:4700:303... 2606:4700:3034::ac43:b435	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3030::6815:28d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a0b:4d07:2::3 2a0b:4d07:2::3	44239 (PROINITY ...) (PROINITY PROINITY)
1	2600:1f10:4c5... 2600:1f10:4c55:e23e:87d2:54d6:c043:8794	14618 (AMAZON-AES) (AMAZON-AES)
12	6

8 2606:4700:3034::ac43:b435 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

zrcrivuncddndhj.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:28d (United States)

ASN13335 (CLOUDFLARENET, US)

www.bkacontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:2::3 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

cdn.icon-icons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f10:4c55:e23e:87d2:54d6:c043:8794 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

www.iconarchive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	zrcrivuncddndhj.buzz 1 redirects zrcrivuncddndhj.buzz	172 KB
1	iconarchive.com www.iconarchive.com — Cisco Umbrella Rank: 438909	32 KB
1	icon-icons.com cdn.icon-icons.com — Cisco Umbrella Rank: 202924	19 KB
1	bkacontent.com www.bkacontent.com	103 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	57 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 867	4 KB
12	6

	Domain	Requested by
8	zrcrivuncddndhj.buzz	1 redirects zrcrivuncddndhj.buzz
1	www.iconarchive.com	zrcrivuncddndhj.buzz
1	cdn.icon-icons.com	zrcrivuncddndhj.buzz
1	www.bkacontent.com	zrcrivuncddndhj.buzz
1	connect.facebook.net	zrcrivuncddndhj.buzz
1	unpkg.com	zrcrivuncddndhj.buzz
12	6

This site contains no links.

Subject Issuer	Validity	Valid
zrcrivuncddndhj.buzz E1	`2024-01-23` - `2024-04-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-02` - `2024-01-31`	3 months	crt.sh
bkacontent.com GTS CA 1P5	`2023-12-29` - `2024-03-28`	3 months	crt.sh
cdn.icon-icons.com R3	`2023-12-09` - `2024-03-08`	3 months	crt.sh
iconarchive.com R3	`2023-12-16` - `2024-03-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://zrcrivuncddndhj.buzz/
Frame ID: 3B459483C8D8BDB82562DEC30C1C3D31
Requests: 10 HTTP requests in this frame

Frame: https://zrcrivuncddndhj.buzz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Frame ID: 7937F3A1CA2D12E1264B46BF69B6C8ED
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shop

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Cart

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

12
Requests

92 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

386 kB
Transfer

1023 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://zrcrivuncddndhj.buzz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://zrcrivuncddndhj.buzz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
zrcrivuncddndhj.buzz/ 4 KB
2 KB 1945ms
1778ms Document
text/html 2606:4700:3034::ac43:b435
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zrcrivuncddndhj.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b435 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 3151545d9fdcc189eeef0f761e4b986c891cbb56b6324a0017abba63c0e9b19f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 84a37ce3ada09acc-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 23 Jan 2024 22:31:38 GMT
expires: Tue, 23 Jan 2024 22:31:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqicCY4iodYmvCHL9tzti%2B30g8xHaOGfatlhcReqN0Xv57%2Bg%2BUv910sJlJJzzVYSvcC4n0Q2VHs4VEmpY7nCqEQezF%2BmD00Qgpitw48nLP9YuM0s6iOlproAJAHL8veWpgxuM5gmquPRhfegQ5LRDdFOHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 leaflet.css
unpkg.com/leaflet@1.9.4/dist/ 14 KB
4 KB 146ms
50ms Stylesheet
text/css 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/leaflet@1.9.4/dist/leaflet.css

Requested by

Host: zrcrivuncddndhj.buzz
URL: https://zrcrivuncddndhj.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7837102824184820dfa198d1ebcd109ff6d0ff9a2672a074b9a1b4d147d04c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zrcrivuncddndhj.buzz/
Origin: https://zrcrivuncddndhj.buzz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:31:38 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6266114
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HF1FC089ZZD39YJR8M22DH7R-mia
server: cloudflare
etag: W/"39d6-7JKfEQDGZCzMXEJyz0zKEiUaml0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84a37cef6b9a0314-MIA

GET
H2 200 main.bf78e133.js Show response
zrcrivuncddndhj.buzz/wp/sweep_white_en_ecommerce_2_cra_65afaa9dae4bdd773b525182/static/js/ 440 KB
135 KB 1069ms
1067ms Script
application/javascript 2606:4700:3034::ac43:b435
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zrcrivuncddndhj.buzz/wp/sweep_white_en_ecommerce_2_cra_65afaa9dae4bdd773b525182/static/js/main.bf78e133.js
Requested by: Host: zrcrivuncddndhj.buzz
URL: https://zrcrivuncddndhj.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b435 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a967d6f5f4bedf946810089ea308d1a4c34277335965c624761d8e1716323bf9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zrcrivuncddndhj.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:31:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Jan 2024 12:02:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65afaac4-6e1b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gf2QN%2FmElg2LRjeqfCzzXVXgThOnsQbd71WP%2F36%2Fi%2FSug1L0Uo%2F%2B51TyFPk8U2MO7NoJeqUTION9lfMybE9CTyTN7ddBf7vJb3pG49llhWTNXqwCSD8kXF8LdQqP8BLOYEoCPmVK%2FaZr25bKByUqEp6XMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 84a37ceec9aa9acc-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 02 Feb 2024 22:31:38 GMT

GET
H2 200 main.d35bf513.css
zrcrivuncddndhj.buzz/wp/sweep_white_en_ecommerce_2_cra_65afaa9dae4bdd773b525182/static/css/ 29 KB
7 KB 518ms
517ms Stylesheet
text/css 2606:4700:3034::ac43:b435
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zrcrivuncddndhj.buzz/wp/sweep_white_en_ecommerce_2_cra_65afaa9dae4bdd773b525182/static/css/main.d35bf513.css
Requested by: Host: zrcrivuncddndhj.buzz
URL: https://zrcrivuncddndhj.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b435 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8b454612d9b91a8eb0cbb7daf3e59e44291de40eecbac2af36abb56dadffb5b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zrcrivuncddndhj.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:31:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Jan 2024 12:02:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65afaac4-73d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zDiMeD9LsPycubPwwah8DCqcq0xZp38JH32yXMAWEhlAfPOP2FjWbx5RkGDGFV4iG576CJM%2FnaWqTaIETX8mp3liY1Qqy8HOpcH39e7ecE03i1JyGnXLds%2FsA12C923pMjO1zNPwx1hgxsVGeEJq4FhDqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 84a37ceec9a89acc-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 02 Feb 2024 22:31:38 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
57 KB 199ms
66ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: zrcrivuncddndhj.buzz
URL: https://zrcrivuncddndhj.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

74f6b2b975944800f1566e81aaed5cc5dcb7a7170eafd4cdd3e205f88f8e1f5f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zrcrivuncddndhj.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 23 Jan 2024 22:31:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57021
x-xss-protection: 0
pragma: public
x-fb-debug: CvdcHJnhzHp+FGqmqPbXgd4nWqOKX3ac3c48/6RKLHwMbXP7seEYLaHW11pVbFqKhkrUI8tml9OSpJMYArK4Tw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 945.162f2b1a.chunk.js Show response
zrcrivuncddndhj.buzz/wp/sweep_white_en_ecommerce_2_cra_65afaa9dae4bdd773b525182/static/js/ 5 KB
3 KB 379ms
378ms Script
application/javascript 2606:4700:3034::ac43:b435
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zrcrivuncddndhj.buzz/wp/sweep_white_en_ecommerce_2_cra_65afaa9dae4bdd773b525182/static/js/945.162f2b1a.chunk.js
Requested by: Host: zrcrivuncddndhj.buzz
URL: https://zrcrivuncddndhj.buzz/wp/sweep_white_en_ecommerce_2_cra_65afaa9dae4bdd773b525182/static/js/main.bf78e133.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:b435 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dadc97ee1b2127260667cd6866c5fb2c754ae0bae189a95618476ff41e6d1322

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zrcrivuncddndhj.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:31:39 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Jan 2024 12:02:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65afaac4-155d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUYqcP1%2BeB4f7p5qix62W%2F4a6Vn1s2ipuXipYIvWsM1S0HiRPi6brw0ExMfdoLZFtJYjfV8jLYeCo80ukEHy6FxO%2Bdy6L2om4P8AVn8aAbW8wgASc%2FfzOU9p8pL3Vc19XpN7A9A%2B2pTQt39PpGesYWp8lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 84a37cf618c221bb-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 02 Feb 2024 22:31:39 GMT

GET
H3

200

main.js Show response
zrcrivuncddndhj.buzz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/ Frame 7937
Redirect Chain

https://zrcrivuncddndhj.buzz/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://zrcrivuncddndhj.buzz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

7 KB
4 KB

43ms
43ms

Script
application/javascript

2606:4700:3034::ac43:b435
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zrcrivuncddndhj.buzz/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js

Requested by

Host: zrcrivuncddndhj.buzz
URL: https://zrcrivuncddndhj.buzz/

Protocol

Server

2606:4700:3034::ac43:b435 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12506234d0686f3c50f83bb305b2edd7337c9b64aadf04d0d7023090ee3253f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:31:39 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGkp2FPDOow6u637%2B2H9FnYq3aVU8H8%2BTeqcg4IUZXqsOS0lxO1e7vLla1epJVi9IJRT%2Ba0yRQf8syOBIvMP4A2ch%2Bob7H0jkpElifL%2FhBAkMXt1EKWKSeJetGcmIWqVbtqSWO99rjadwEL13V9auSjzIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 84a37cf7eb4d21bb-MIA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 23 Jan 2024 22:31:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtUs7GoE0ZvZ54ptiyNupa9J37GXgilNlF8FKWNs05k3Qrawqgn8cBaG6jLnBaZ2%2FGfftVePgi1kbOratvBQD3QoiKACfF5YqWDhlnqCv4DtbUEs0H7SMod89fHwFTQb1uo3szZkdyAO3ZI0nCfAUXOjEA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
cache-control: max-age=300, public
cf-ray: 84a37cf6490821bb-MIA
alt-svc: h3=":443"; ma=86400

POST
H3 200 84a37ce3ada09acc Show response
zrcrivuncddndhj.buzz/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 7937 0
615 B 58ms
56ms XHR
text/plain 2606:4700:3034::ac43:b435
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zrcrivuncddndhj.buzz/cdn-cgi/challenge-platform/h/g/jsd/r/84a37ce3ada09acc
Requested by: Host: zrcrivuncddndhj.buzz
URL: https://zrcrivuncddndhj.buzz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:b435 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 23 Jan 2024 22:31:39 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVBysgviIAlG51LFOd3JrAy4wEDeXRzCP17bTLn7E8zDS0HFXsJ0%2BnOb6G%2FrRioi69Xw75Ci3bPFJqSFAhXNgawk%2FrF32Jn1Jj6XKn9bQQ8vSrnoMLEiI%2BN4XJDW17q8YrEuej7W%2BdbuZGHoGpFv2bShzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 84a37cf92cea21bb-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 Depositphotos_114292702_l-2015.jpg
www.bkacontent.com/wp-content/uploads/2020/06/ 102 KB
103 KB 188ms
83ms Image
image/jpeg 2606:4700:3030::6815:28d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bkacontent.com/wp-content/uploads/2020/06/Depositphotos_114292702_l-2015.jpg

Requested by

Host: zrcrivuncddndhj.buzz
URL: https://zrcrivuncddndhj.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:28d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e64723f15f21da3ffaed84ce924a951a34933e4984e0c8d972dec5184c0caf3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zrcrivuncddndhj.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:31:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 104290
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Aug 2022 21:22:56 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7uAmBZ4dfq8xgu3mIobxR50l%2FvHMVEAhkIWWN4n90LjUOIgtOMntMMBu%2BDJeo09ejr8twXzN2J5oV5LCovdSnUCh%2FQlB6pO6NgQXID2PEJqz%2FAYZIqprC1tD%2Bl277Wwz44iT5dZR80BHXAB2NtDNfo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84a37cf9fb0c25b5-MIA
expires: Wed, 22 May 2024 22:31:39 GMT

GET
H3 200 yCeB7orH2pTEOri.jpg
zrcrivuncddndhj.buzz/wp/sweep_white_en_ecommerce_2_cra_65afaa9dae4bdd773b525182/images/ 20 KB
21 KB 520ms
518ms Image
image/jpeg 2606:4700:3034::ac43:b435
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zrcrivuncddndhj.buzz/wp/sweep_white_en_ecommerce_2_cra_65afaa9dae4bdd773b525182/images/yCeB7orH2pTEOri.jpg
Requested by: Host: zrcrivuncddndhj.buzz
URL: https://zrcrivuncddndhj.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:b435 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54b63dec35dc9e2186411a5e8a27717f3562256d37c1575d36986f92eaf029ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zrcrivuncddndhj.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:31:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 20840
last-modified: Tue, 23 Jan 2024 12:02:12 GMT
server: cloudflare
etag: "65afaac4-5168"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1yZmGn8E5HEaAZKvbRpUilpfzQSQhqGLAmUx72VXIIcx6dPHbTYFYzYEU7pS1dsBAUyYxGS6Z2mReoq9TysvhxjllLz4jFIoWdfQSZciVZ77iBaj2ckOwnufITQZtLO6yWJh%2FpRPKP9MGavjhwZnSdYWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 84a37cf95d2921bb-MIA
expires: Fri, 02 Feb 2024 22:31:39 GMT

GET
H2 200 1490135017-visa_82256.png
cdn.icon-icons.com/icons2/1186/PNG/512/ 19 KB
19 KB 245ms
113ms Image
image/png 2a0b:4d07:2::3
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.icon-icons.com/icons2/1186/PNG/512/1490135017-visa_82256.png
Requested by: Host: zrcrivuncddndhj.buzz
URL: https://zrcrivuncddndhj.buzz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:2::3 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn / PleskLin
Resource Hash: d8af613c1ed94ff297acb61091dfdeb017daf55542125623d7dfbacc2d729cd3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zrcrivuncddndhj.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:31:39 GMT
last-modified: Tue, 21 Mar 2017 17:25:10 GMT
server: keycdn
x-edge-location: usmi
etag: "58d161f6-4a82"
x-powered-by: PleskLin
x-cache: MISS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536360
accept-ranges: bytes
link: <https://icon-icons.com/icons2/1186/PNG/512/1490135017-visa_82256.png>; rel="canonical"
content-length: 19074
x-shield: active
expires: Wed, 22 Jan 2025 22:37:39 GMT

GET
H2 200 Master-Card.ico
www.iconarchive.com/download/i76278/designbolts/credit-card-payment/ 169 KB
32 KB 446ms
275ms Image
application/octet-stream 2600:1f10:4c55:e23e:87d2:54d6:c043:8794
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconarchive.com/download/i76278/designbolts/credit-card-payment/Master-Card.ico
Requested by: Host: zrcrivuncddndhj.buzz
URL: https://zrcrivuncddndhj.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f10:4c55:e23e:87d2:54d6:c043:8794 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 50b254e22a05e2e489238a25ebb378a9cc36382ce5f7d8106551d2af5cce2b01

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zrcrivuncddndhj.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 22:31:40 GMT
content-encoding: br
display: staticcontent_sol
content-description: File Transfer
x-ezoic-cdn: Bypass
x-middleton-display: staticcontent_sol
content-disposition: attachment; filename="Designbolts-Credit-Card-Payment-Master-Card.ico"
x-middleton-response: 200
pragma: public
response: 200
server: nginx/1.14.2
x-origin-cache-control: must-revalidate
vary: Accept-Encoding,Origin
content-type: application/octet-stream
cache-control: must-revalidate
expires: Mon, 22 Jan 2024 22:31:40 UTC

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
zrcrivuncddndhj.buzz/	1970-01-20 18:38:47	Name: _subid Value: 3jrdfhg29c4vt
zrcrivuncddndhj.buzz/	1970-01-21 03:30:09	Name: b595c Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjIxNTk5XCI6MTcwNjA0OTA5Nn0sXCJjYW1wYWlnbnNcIjp7XCI0MDUyXCI6MTcwNjA0OTA5Nn0sXCJ0aW1lXCI6MTcwNjA0OTA5Nn0ifQ.p1N77b41LxRGJb2wpjRXbrfN-6q5xczVGhfrLrZoC-M
.zrcrivuncddndhj.buzz/	1970-01-21 02:39:45	Name: cf_clearance Value: rRNHjNI7Rw_h9dGkJYzi4VDQmB3mB12FNaVtfQbnHq8-1706049099-1-ARoq0AuIMmXyqWyJE0nDKsTNc8knDpQcvKomhgACMhhQmKeVno/jq7RbCltrBjgYTZQGANQMRSKJt7GkpLxYFYE=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.icon-icons.com
connect.facebook.net
unpkg.com
www.bkacontent.com
www.iconarchive.com
zrcrivuncddndhj.buzz
2600:1f10:4c55:e23e:87d2:54d6:c043:8794
2606:4700:3030::6815:28d
2606:4700:3034::ac43:b435
2606:4700::6810:7baf
2a03:2880:f012:10c:face:b00c:0:3
2a0b:4d07:2::3
12506234d0686f3c50f83bb305b2edd7337c9b64aadf04d0d7023090ee3253f2
1e64723f15f21da3ffaed84ce924a951a34933e4984e0c8d972dec5184c0caf3
3151545d9fdcc189eeef0f761e4b986c891cbb56b6324a0017abba63c0e9b19f
50b254e22a05e2e489238a25ebb378a9cc36382ce5f7d8106551d2af5cce2b01
54b63dec35dc9e2186411a5e8a27717f3562256d37c1575d36986f92eaf029ce
74f6b2b975944800f1566e81aaed5cc5dcb7a7170eafd4cdd3e205f88f8e1f5f
a7837102824184820dfa198d1ebcd109ff6d0ff9a2672a074b9a1b4d147d04c6
a967d6f5f4bedf946810089ea308d1a4c34277335965c624761d8e1716323bf9
d8af613c1ed94ff297acb61091dfdeb017daf55542125623d7dfbacc2d729cd3
d8b454612d9b91a8eb0cbb7daf3e59e44291de40eecbac2af36abb56dadffb5b
dadc97ee1b2127260667cd6866c5fb2c754ae0bae189a95618476ff41e6d1322
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

zrcrivuncddndhj.buzz Open in urlscan Pro 2606:4700:3034::ac43:b435 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

92 %HTTPS

100 %IPv6

6 Domains

6 Subdomains

6 IPs

2 Countries

386 kBTransfer

1023 kBSize

3 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

3 Cookies

Indicators

zrcrivuncddndhj.buzz Open in urlscan Pro
2606:4700:3034::ac43:b435 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

386 kB
Transfer

1023 kB
Size

3
Cookies

12 HTTP transactions
0 data transactions