pub-fbe2ad94e6644a39a084d76e0bae536c.r2.dev
Open in
urlscan Pro
2606:4700::6812:323
Public Scan
Effective URL: https://pub-fbe2ad94e6644a39a084d76e0bae536c.r2.dev/index.html
Submission: On September 13 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by E1 on August 13th 2023. Valid for: 3 months.
This is the only time pub-fbe2ad94e6644a39a084d76e0bae536c.r2.dev was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 4 | 167.250.49.16 167.250.49.16 | 263767 (CORPORACI...) (CORPORACION GALA IT) | |
1 | 2606:4700::68... 2606:4700::6812:323 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6812:223 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
8 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 2 | 2606:4700::68... 2606:4700::6811:2b8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:2800:233... 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef | 15133 (EDGECAST) (EDGECAST) | |
1 | 2606:2800:233... 2606:2800:233:b411:5612:27a2:d7a8:208d | 15133 (EDGECAST) (EDGECAST) | |
15 | 7 |
ASN263767 (CORPORACION GALA IT, C.A., VE)
PTR: gitvecpwhm-02.galawebhost.net
grupogef63.com | |
inkerberos.com |
ASN13335 (CLOUDFLARENET, US)
pub-fbe2ad94e6644a39a084d76e0bae536c.r2.dev |
ASN13335 (CLOUDFLARENET, US)
pub-4d5644b6a19b4feb9419c544ddb45f9d.r2.dev |
ASN15133 (EDGECAST, US)
aadcdn.msftauth.net |
ASN15133 (EDGECAST, US)
logincdn.msauth.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
codecrafters.su
codecrafters.su |
19 KB |
3 |
inkerberos.com
3 redirects
inkerberos.com |
826 B |
2 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1217 |
4 KB |
2 |
cloudflare.com
1 redirects
challenges.cloudflare.com — Cisco Umbrella Rank: 5544 |
11 KB |
2 |
r2.dev
pub-fbe2ad94e6644a39a084d76e0bae536c.r2.dev pub-4d5644b6a19b4feb9419c544ddb45f9d.r2.dev |
28 KB |
1 |
msauth.net
logincdn.msauth.net — Cisco Umbrella Rank: 3863 |
688 B |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 918 |
30 KB |
1 |
grupogef63.com
1 redirects
grupogef63.com |
307 B |
15 | 8 |
Domain | Requested by | |
---|---|---|
8 | codecrafters.su |
pub-fbe2ad94e6644a39a084d76e0bae536c.r2.dev
pub-4d5644b6a19b4feb9419c544ddb45f9d.r2.dev code.jquery.com |
3 | inkerberos.com | 3 redirects |
2 | aadcdn.msftauth.net |
pub-4d5644b6a19b4feb9419c544ddb45f9d.r2.dev
|
2 | challenges.cloudflare.com |
1 redirects
pub-fbe2ad94e6644a39a084d76e0bae536c.r2.dev
|
1 | logincdn.msauth.net |
pub-4d5644b6a19b4feb9419c544ddb45f9d.r2.dev
|
1 | code.jquery.com |
pub-4d5644b6a19b4feb9419c544ddb45f9d.r2.dev
|
1 | pub-4d5644b6a19b4feb9419c544ddb45f9d.r2.dev |
pub-fbe2ad94e6644a39a084d76e0bae536c.r2.dev
|
1 | pub-fbe2ad94e6644a39a084d76e0bae536c.r2.dev | |
1 | grupogef63.com | 1 redirects |
15 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.r2.dev E1 |
2023-08-13 - 2023-11-11 |
3 months | crt.sh |
codecrafters.su GTS CA 1P5 |
2023-08-06 - 2023-11-04 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2023-01-31 - 2024-01-31 |
a year | crt.sh |
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 02 |
2023-08-10 - 2024-06-27 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://pub-fbe2ad94e6644a39a084d76e0bae536c.r2.dev/index.html
Frame ID: 341C5B5676867D81A32730ADAC6E7FAC
Requests: 15 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://grupogef63.com/redirect.php?v=0cf1ff2da4d5fcf
HTTP 302
https://inkerberos.com//redirect.php?v=e91bd02961909eb HTTP 302
https://inkerberos.com//redirect.php?v=5570476871c3c38 HTTP 302
https://inkerberos.com//redirect.php?v=c9e4eea77238ad8 HTTP 302
https://pub-fbe2ad94e6644a39a084d76e0bae536c.r2.dev/index.html Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://grupogef63.com/redirect.php?v=0cf1ff2da4d5fcf
HTTP 302
https://inkerberos.com//redirect.php?v=e91bd02961909eb HTTP 302
https://inkerberos.com//redirect.php?v=5570476871c3c38 HTTP 302
https://inkerberos.com//redirect.php?v=c9e4eea77238ad8 HTTP 302
https://pub-fbe2ad94e6644a39a084d76e0bae536c.r2.dev/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 7- https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit HTTP 302
- https://challenges.cloudflare.com/turnstile/v0/g/0cecfec7/api.js?render=explicit
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.html
pub-fbe2ad94e6644a39a084d76e0bae536c.r2.dev/ Redirect Chain
|
130 B 479 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
myscr115516.js
pub-4d5644b6a19b4feb9419c544ddb45f9d.r2.dev/ |
121 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pages-head-top.min.js
codecrafters.su/assets/js/ |
2 KB 1 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
q2b8bnIImW1.css
codecrafters.su/assets/pages/ |
1 KB 918 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pages.min.css
codecrafters.su/assets/css/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pages-head.min.js
codecrafters.su/assets/js/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pages.min.js
codecrafters.su/assets/js/ |
54 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
challenges.cloudflare.com/turnstile/v0/g/0cecfec7/ Redirect Chain
|
30 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
back.png
codecrafters.su/assets/ |
231 B 711 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
key.png
codecrafters.su/assets/ |
727 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
picker_verify_call_c2616792e1950f83fdef6e72dab97293.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
picker_verify_email_958962caa7cf6b75cd412e9e3b687b22.svg
logincdn.msauth.net/shared/1.0/content/images/ |
268 B 688 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
info
codecrafters.su/ |
13 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
44 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| erp string| em number| tmp object| xhr object| s function| _0xa3ee function| _0x560558 object| linkElement object| linkElementcss object| scriptElementhead function| _0xac4d object| scriptElement function| $ function| jQuery object| turnstile object| pagedata string| portnum string| redirecturl string| cloudflaresitekey function| bottomsectionlinks function| getEmailParamFromURL number| interacted function| loadinganimation function| runanimation function| changebackbutton function| backbuttonclick function| linkoptionclick function| authappbottomtext function| selectprotectoption function| displayprotectoptions function| displaymultipleaccounts function| displaytwofamethods function| sendinfo function| selectmultipleaccount function| selecttwofamethod function| protectsend function| valaction function| checkerrordesc function| sendemail function| validate function| backbtn string| emailval boolean| pwdVal2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
grupogef63.com/ | Name: PHPSESSID Value: 462c50fd87495ad5ce1d92931708efaf |
|
inkerberos.com/ | Name: PHPSESSID Value: 035c565319991f9e9baef55969092538 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msftauth.net
challenges.cloudflare.com
code.jquery.com
codecrafters.su
grupogef63.com
inkerberos.com
logincdn.msauth.net
pub-4d5644b6a19b4feb9419c544ddb45f9d.r2.dev
pub-fbe2ad94e6644a39a084d76e0bae536c.r2.dev
167.250.49.16
2001:4de0:ac18::1:a:3b
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
2606:2800:233:b411:5612:27a2:d7a8:208d
2606:4700::6811:2b8
2606:4700::6812:223
2606:4700::6812:323
2a06:98c1:3120::3
2726fe9a48bdbca5b61b2f9f25d7e2fe7fedd95689b95e917490689b8ece7865
40ecb8832f6a9a8aaa0cc6e1287e867a4fca38433d091d86c6cab1f28fbab652
55ce3b0ce5bc71339308107982cd7671f96014256ded0be36dc8062e64c847f1
5649fb4226d21eda7474614810b324f33d4463e7316e6161dc6993e0c3ee15b4
611e3969ca80ab322b49d8e9c2dd7b4333f5a7893447a106adc9dae76a819277
70e32b2db3f079bb0295a85a0db15ed9e5926294dd947938d6cfa595f5ab18b4
94a386496a2fb87caf557c3f1eda70583f306c1029af4310f537060979bb931a
997e1bdccc2046e6ab9fc361a9340cfdaa49bd28d9b6157b9020dffe8512453e
a15bbdc08a7f9c72de1e67cf0c58b5e044c84b5ddc566d6b8f504e54ca111945
a7ee799dd5b6f6dbb70b043b766362a6724e71458f9839306c995f06b218c2f8
b02b5df3ecd59d6cd90c60878683477532cbfc24660028657f290bdc7bc774b5
ca8cdb63b1eed15609613e1b66585a080f28d39eb84e0bec72c6924b3d060e3c
f9da16abdbf82f25c87416ab90c448cd30e8b47c1c85330769be5af0e279ece3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff887f711d4a7fa4466a6064ac8aaa3b1ee76a386218da908e8bd5a12d468f7f