jhghgfgrdgfcnhfhtxngd.beauty Open in urlscan Pro
172.67.189.13 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://jhghgfgrdgfcnhfhtxngd.beauty/
Submission: On July 30 via api (July 30th 2024, 2:36:30 am UTC) from US — Scanned from US

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 1 countries across 7 domains to perform 14 HTTP transactions. The main IP is 172.67.189.13, located in United States and belongs to CLOUDFLARENET, US. The main domain is jhghgfgrdgfcnhfhtxngd.beauty.
TLS certificate: Issued by WE1 on July 19th 2024. Valid for: 3 months.

This is the only time jhghgfgrdgfcnhfhtxngd.beauty was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	172.67.189.13 172.67.189.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:f7cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42:200... 2a04:4e42:200::720	54113 (FASTLY) (FASTLY)
1	172.67.129.74 172.67.129.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.72.210 172.67.72.210	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1f10:4c5... 2600:1f10:4c55:e23d:5d5b:8bb5:8ae2:1fff	14618 (AMAZON-AES) (AMAZON-AES)
14	7

9 172.67.189.13 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

jhghgfgrdgfcnhfhtxngd.beauty	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f7cb (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::720 (United States)

ASN54113 (FASTLY, US)

images.prismic.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.129.74 (United States)

ASN13335 (CLOUDFLARENET, US)

www.bkacontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.72.210 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.icon-icons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f10:4c55:e23d:5d5b:8bb5:8ae2:1fff (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

www.iconarchive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	jhghgfgrdgfcnhfhtxngd.beauty 1 redirects jhghgfgrdgfcnhfhtxngd.beauty	257 KB
1	iconarchive.com www.iconarchive.com	170 KB
1	icon-icons.com cdn.icon-icons.com — Cisco Umbrella Rank: 197981	9 KB
1	bkacontent.com www.bkacontent.com	102 KB
1	prismic.io images.prismic.io — Cisco Umbrella Rank: 28555	2 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	60 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1314	5 KB
14	7

	Domain	Requested by
9	jhghgfgrdgfcnhfhtxngd.beauty	1 redirects jhghgfgrdgfcnhfhtxngd.beauty
1	www.iconarchive.com	jhghgfgrdgfcnhfhtxngd.beauty
1	cdn.icon-icons.com	jhghgfgrdgfcnhfhtxngd.beauty
1	www.bkacontent.com	jhghgfgrdgfcnhfhtxngd.beauty
1	images.prismic.io	jhghgfgrdgfcnhfhtxngd.beauty
1	connect.facebook.net	jhghgfgrdgfcnhfhtxngd.beauty
1	unpkg.com	jhghgfgrdgfcnhfhtxngd.beauty
14	7

This site contains no links.

Subject Issuer	Validity	Valid
jhghgfgrdgfcnhfhtxngd.beauty WE1	`2024-07-19` - `2024-10-17`	3 months	crt.sh
unpkg.com WE1	`2024-07-28` - `2024-10-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-08` - `2024-08-06`	3 months	crt.sh
images.prismic.io Certainly Intermediate R1	`2024-07-26` - `2024-08-25`	a month	crt.sh
bkacontent.com WE1	`2024-06-23` - `2024-09-21`	3 months	crt.sh
icon-icons.com WE1	`2024-06-18` - `2024-09-16`	3 months	crt.sh
iconarchive.com E5	`2024-06-14` - `2024-09-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://jhghgfgrdgfcnhfhtxngd.beauty/
Frame ID: D78048711613E1AAEBFDD91E84E451BB
Requests: 12 HTTP requests in this frame

Frame: https://jhghgfgrdgfcnhfhtxngd.beauty/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js
Frame ID: 63E8C28941255D74BC6AE8A5E49EAE89
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shop

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Cart

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

14
Requests

93 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

7
IPs

1
Countries

605 kB
Transfer

1190 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://jhghgfgrdgfcnhfhtxngd.beauty/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://jhghgfgrdgfcnhfhtxngd.beauty/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
jhghgfgrdgfcnhfhtxngd.beauty/ 3 KB
2 KB 788ms
590ms Document
text/html 172.67.189.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jhghgfgrdgfcnhfhtxngd.beauty/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.189.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 573b988a6024d01265297eb0e6af75d7d4f073f67314a69432e62aa241999020

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8ab1f5fc7d140cf7-LAX
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 30 Jul 2024 02:36:24 GMT
expires: Tue, 30 Jul 2024 02:36:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QZ3013KsvJb986g7JEAVlGrEz%2FAye5PPcPPYVy3DzoxMMmlsVSlVTzS2aRxWiTWxm0RhSpzTfqmFHjNwxmeQ5XEoI5m73erKQEf2QpS2Xqph3b9PzJcblAslePXGs4XajqmyNaKg1NL11yPVm%2F%2Bn"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 leaflet.css
unpkg.com/leaflet@1.9.4/dist/ 14 KB
5 KB 209ms
78ms Stylesheet
text/css 2606:4700::6811:f7cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/leaflet@1.9.4/dist/leaflet.css

Requested by

Host: jhghgfgrdgfcnhfhtxngd.beauty
URL: https://jhghgfgrdgfcnhfhtxngd.beauty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7837102824184820dfa198d1ebcd109ff6d0ff9a2672a074b9a1b4d147d04c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://jhghgfgrdgfcnhfhtxngd.beauty/
Origin: https://jhghgfgrdgfcnhfhtxngd.beauty
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:36:25 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 11513504
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HS9KSQAE4WP6RHXQWV633PH5-lax
server: cloudflare
etag: "39d6-7JKfEQDGZCzMXEJyz0zKEiUaml0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8ab1f6010d5f6a2e-LAX

GET
H3 200 main.7b75e40f.js Show response
jhghgfgrdgfcnhfhtxngd.beauty/wp/sweep_white_en_ecommerce_1_cra_66a62923faa6c195fe6543a4/static/js/ 439 KB
158 KB 75ms
74ms Script
application/javascript 172.67.189.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jhghgfgrdgfcnhfhtxngd.beauty/wp/sweep_white_en_ecommerce_1_cra_66a62923faa6c195fe6543a4/static/js/main.7b75e40f.js
Requested by: Host: jhghgfgrdgfcnhfhtxngd.beauty
URL: https://jhghgfgrdgfcnhfhtxngd.beauty/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.189.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d84ebc6331ed148e0637605c8a3d3301b47054fddd4ebc1a41d436faf4c5984a

Request headers

Referer: https://jhghgfgrdgfcnhfhtxngd.beauty/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:36:25 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13504
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 28 Jul 2024 11:19:43 GMT
server: cloudflare
etag: W/"66a6294f-6dc6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qiPrhjT66NLJ1WS0zNN6Iq9czH69eUkALspjqD8TtAPNPYq6HaoHrN5LKQM%2FabypbbYACLyL1gj9Yoht%2BPnNJkOPYyWsRcen9PiI%2FQcGWdDlIgHfN%2FOf%2B0CAlj4%2Bx1v5nLY1xd6XVm68cSYaIMv4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8ab1f60038780cf7-LAX
expires: Thu, 08 Aug 2024 22:51:21 GMT

GET
H3 200 main.1223bf75.css
jhghgfgrdgfcnhfhtxngd.beauty/wp/sweep_white_en_ecommerce_1_cra_66a62923faa6c195fe6543a4/static/css/ 26 KB
8 KB 74ms
74ms Stylesheet
text/css 172.67.189.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jhghgfgrdgfcnhfhtxngd.beauty/wp/sweep_white_en_ecommerce_1_cra_66a62923faa6c195fe6543a4/static/css/main.1223bf75.css
Requested by: Host: jhghgfgrdgfcnhfhtxngd.beauty
URL: https://jhghgfgrdgfcnhfhtxngd.beauty/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.189.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7912370fe2b1546f4aec65f4d5b461a3792727fbaf5b18e24d148763b09164

Request headers

Referer: https://jhghgfgrdgfcnhfhtxngd.beauty/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:36:25 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13504
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 28 Jul 2024 11:19:43 GMT
server: cloudflare
etag: W/"66a6294f-69f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vT%2FSzDK4%2BASw7L5FvohdLZzDLGToyiq0g99RFNhd6isT07DsTxHhAxfXp0bb3RFmPcDFMLPQXJYuy6kEytpyQkzXp0cQjU2%2B4Wu5nmHujH4hMy7B4qNunVOuhSskGYRUfLtGpOEGxjRfw93lJnO6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8ab1f60038790cf7-LAX
expires: Thu, 08 Aug 2024 22:51:21 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 479ms
122ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: jhghgfgrdgfcnhfhtxngd.beauty
URL: https://jhghgfgrdgfcnhfhtxngd.beauty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://jhghgfgrdgfcnhfhtxngd.beauty/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 Jul 2024 02:36:25 GMT
document-policy: force-load-at-top
x-fb-server-load: 24
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=118, rtx=0, c=12, mss=1297, tbw=2769, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 5H9p1hAyBfY2bDLLNWs/NkowiMMdEWyj3tRho/ONm+15Ff88hwYxdPZUcmgB7fHoTqJMx5PE5Vts3mD0EMJWUg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 698.f80afe6f.chunk.js Show response
jhghgfgrdgfcnhfhtxngd.beauty/wp/sweep_white_en_ecommerce_1_cra_66a62923faa6c195fe6543a4/static/js/ 14 KB
7 KB 79ms
78ms Script
application/javascript 172.67.189.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jhghgfgrdgfcnhfhtxngd.beauty/wp/sweep_white_en_ecommerce_1_cra_66a62923faa6c195fe6543a4/static/js/698.f80afe6f.chunk.js
Requested by: Host: jhghgfgrdgfcnhfhtxngd.beauty
URL: https://jhghgfgrdgfcnhfhtxngd.beauty/wp/sweep_white_en_ecommerce_1_cra_66a62923faa6c195fe6543a4/static/js/main.7b75e40f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.189.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60336484082c77ab471bebe717f67ca57e0b970e118b04974d6f942cb91ab748

Request headers

Referer: https://jhghgfgrdgfcnhfhtxngd.beauty/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:36:25 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13503
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 28 Jul 2024 11:19:43 GMT
server: cloudflare
etag: W/"66a6294f-380c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JQ5qkt1Ru1Y3ml4taot91raVguTr7vT5ezdU3dYgj8gz%2FK72Xso9r46gFaX%2F0smlN433Q35MpsueXHrp4TyXCoqBwqm4uxTaWGNivyvbVafhTIEns4840Fj87W9uCZZHylDDRpvioPNwJAbT6k56"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8ab1f6025a6f0cf7-LAX
expires: Thu, 08 Aug 2024 22:51:22 GMT

GET
H3

200

main.js Show response
jhghgfgrdgfcnhfhtxngd.beauty/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/ Frame 63E8
Redirect Chain

https://jhghgfgrdgfcnhfhtxngd.beauty/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://jhghgfgrdgfcnhfhtxngd.beauty/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?

8 KB
4 KB

79ms
79ms

Script
application/javascript

172.67.189.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jhghgfgrdgfcnhfhtxngd.beauty/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?

Requested by

Host: jhghgfgrdgfcnhfhtxngd.beauty
URL: https://jhghgfgrdgfcnhfhtxngd.beauty/

Protocol

Server

172.67.189.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a7f8e9ea0e188d35f1afc4c723cb2ac000cfbe418b05b8771500002f6391cd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:36:25 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GB3BGgKL7r5UL8m7Ea6Od5A4yy4zLJqTAdWPNm6sUK%2FWf63GmkHkGpzvWxFLwfSXd%2BIfQJUXqv4l3mkHn8lu9i%2Fyo75d8y3iw233AG4Ao7J2kajUlPcyrbGVwmp3QpAkD255ptRfgexNweTqOCIV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8ab1f602dad70cf7-LAX
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 30 Jul 2024 02:36:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q9ntH1fscwyHXvuMJBYnvguPAGUgQqYmpzeU%2BF9uxPAuEhHo%2BySioX2hZKtviZUKnAqnYzq6%2FBF8WT6kgUenDUPocUJ3kUWDlVdkINIZXH7md6YYF21tH6U08h9Up%2BQ56cELbFY8EnRyQhP8RA8H"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8ab1f6026a800cf7-LAX
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 82eb417e-7e0f-4964-bb40-87dbf5486f95_SE_Listenseitenbanner_Sale.jpg
images.prismic.io/seidensticker-b2c/ 2 KB
2 KB 240ms
63ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.prismic.io/seidensticker-b2c/82eb417e-7e0f-4964-bb40-87dbf5486f95_SE_Listenseitenbanner_Sale.jpg?auto=compress,format&rect=0,0,1440,979&w=1000&h=680

Requested by

Host: jhghgfgrdgfcnhfhtxngd.beauty
URL: https://jhghgfgrdgfcnhfhtxngd.beauty/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

24aa687271f2870c17177860b41357725e4f3d120af5b041ced7c4291a87b014

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://jhghgfgrdgfcnhfhtxngd.beauty/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:36:25 GMT
x-content-type-options: nosniff
age: 1005758
x-cache: HIT, HIT, HIT
x-imgix-id: 4053405f54e42706fe3b75ab442cd25e1acae4ef
cross-origin-resource-policy: cross-origin
content-length: 1915
x-served-by: cache-sjc1000106-SJC, cache-chi-kigq8000040-CHI, cache-lax-kwhp1940145-LAX
last-modified: Thu, 18 Jul 2024 11:13:47 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 Depositphotos_114292702_l-2015.jpg
www.bkacontent.com/wp-content/uploads/2020/06/ 102 KB
102 KB 217ms
75ms Image
image/jpeg 172.67.129.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.bkacontent.com/wp-content/uploads/2020/06/Depositphotos_114292702_l-2015.jpg

Requested by

Host: jhghgfgrdgfcnhfhtxngd.beauty
URL: https://jhghgfgrdgfcnhfhtxngd.beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.129.74 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e64723f15f21da3ffaed84ce924a951a34933e4984e0c8d972dec5184c0caf3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jhghgfgrdgfcnhfhtxngd.beauty/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:36:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3167013
alt-svc: h3=":443"; ma=86400
content-length: 104290
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Aug 2022 21:22:56 GMT
server: cloudflare
expect-ct: max-age=7776000, enforce
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s5caEukXuFJY5ct33XRzyOK513jaT%2BV%2FHXocZXEfjHdZ66urM3I7hayWfNq6U4O4ARnfGrNUa2vFkyhIIuPacegPPkaKCpEGThrmJikG2pks6KMU0s6NKuCmfYNK8XYV1ND5AgI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ab1f603ee527d7d-LAX
expires: Mon, 21 Oct 2024 10:52:52 GMT

GET
H3 200 uhESwisHehs9qOC.jpg
jhghgfgrdgfcnhfhtxngd.beauty/wp/sweep_white_en_ecommerce_1_cra_66a62923faa6c195fe6543a4/images/ 50 KB
50 KB 77ms
76ms Image
image/jpeg 172.67.189.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jhghgfgrdgfcnhfhtxngd.beauty/wp/sweep_white_en_ecommerce_1_cra_66a62923faa6c195fe6543a4/images/uhESwisHehs9qOC.jpg
Requested by: Host: jhghgfgrdgfcnhfhtxngd.beauty
URL: https://jhghgfgrdgfcnhfhtxngd.beauty/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.189.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 490a37ad7677c58a4e9fff520eb7c6795e80b456b5315a4407bfe9206c5eb130

Request headers

Referer: https://jhghgfgrdgfcnhfhtxngd.beauty/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:36:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13501
alt-svc: h3=":443"; ma=86400
content-length: 50845
last-modified: Sun, 28 Jul 2024 11:19:43 GMT
server: cloudflare
etag: "66a6294f-c69d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9nHMMJvy%2FRLnHmvQj7nLFyc6qjii2nxl8SZMdHINlgM6ugUmZqOyZ8oCZ8BJ5T1GM1NuNtYvnILBotPdldxMU%2BWPEHyB7p2XbYAVz4KCLnf6J5zS7tTB8P8LQ%2FlQ5mvZx%2BEyo8U6PzZKIzUFzmxF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=864000
accept-ranges: bytes
cf-ray: 8ab1f6030aff0cf7-LAX
expires: Thu, 08 Aug 2024 22:51:24 GMT

GET
H3 200 1490135017-visa_82256.png
cdn.icon-icons.com/icons2/1186/PNG/512/ 8 KB
9 KB 207ms
79ms Image
image/webp 172.67.72.210
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.icon-icons.com/icons2/1186/PNG/512/1490135017-visa_82256.png
Requested by: Host: jhghgfgrdgfcnhfhtxngd.beauty
URL: https://jhghgfgrdgfcnhfhtxngd.beauty/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.72.210 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: f1f3bc08ee324e6223c6b42e40edd1de286f2686e5bb8adbceba3781e357ce93

Request headers

Referer: https://jhghgfgrdgfcnhfhtxngd.beauty/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:36:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 874454
cf-polished: origFmt=png, origSize=19074
x-powered-by: PleskLin
content-disposition: inline; filename="1490135017-visa_82256.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8320
cf-bgj: imgq:100,h2pri
last-modified: Tue, 21 Mar 2017 17:25:10 GMT
server: cloudflare
etag: "58d161f6-4a82"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HkFYkgXus3xcrMobJyEWOIdcevJ28Za6Ead2QnL6ry%2B%2FAcWcza02O9Mh9ZLf5gEca6N2mLMuOB0LiBcc9mHIORp8%2B8nb1UtnuCWKBJFppnPRe7XevxWU8EpkjcU7eGnqRv3yzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8ab1f603cf027ba9-LAX
expires: Sun, 18 Aug 2024 23:42:11 GMT

GET
H2 200 Master-Card.ico
www.iconarchive.com/download/i76278/designbolts/credit-card-payment/ 169 KB
170 KB 679ms
347ms Image
application/octet-stream 2600:1f10:4c55:e23d:5d5b:8bb5:8ae2:1fff
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.iconarchive.com/download/i76278/designbolts/credit-card-payment/Master-Card.ico
Requested by: Host: jhghgfgrdgfcnhfhtxngd.beauty
URL: https://jhghgfgrdgfcnhfhtxngd.beauty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f10:4c55:e23d:5d5b:8bb5:8ae2:1fff Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 50b254e22a05e2e489238a25ebb378a9cc36382ce5f7d8106551d2af5cce2b01

Request headers

Referer: https://jhghgfgrdgfcnhfhtxngd.beauty/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: public
date: Tue, 30 Jul 2024 02:36:25 GMT
response: 200
server: nginx/1.14.2
display: staticcontent_sol
content-description: File Transfer
vary: Accept-Encoding,Origin
x-ezoic-cdn: Bypass
content-type: application/octet-stream
x-middleton-display: staticcontent_sol
cache-control: must-revalidate
content-disposition: attachment; filename="Designbolts-Credit-Card-Payment-Master-Card.ico"
x-middleton-response: 200
expires: Mon, 29 Jul 2024 02:36:26 UTC

POST
H3 200 8ab1f5fc7d140cf7 Show response
jhghgfgrdgfcnhfhtxngd.beauty/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 63E8 0
711 B 83ms
75ms XHR
text/plain 172.67.189.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jhghgfgrdgfcnhfhtxngd.beauty/cdn-cgi/challenge-platform/h/b/jsd/r/8ab1f5fc7d140cf7
Requested by: Host: jhghgfgrdgfcnhfhtxngd.beauty
URL: https://jhghgfgrdgfcnhfhtxngd.beauty/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.189.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Jul 2024 02:36:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GN6tw8IZ54T0m250GUF2ANqyEsxWco8LRu%2BXggPOP4sXI2F9PioTg5GxqZCep3IglWRmKdt%2F86Jfgy02NqNmz69xBiHP2ZOzjtBpx%2BaD15mKhwDtHWUg4VEcnCzelHfrixxcY8Tk1IlRTwEeCngL"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8ab1f6041bb40cf7-LAX
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 favicon.ico
jhghgfgrdgfcnhfhtxngd.beauty/wp/sweep_white_en_ecommerce_1_cra_66a62923faa6c195fe6543a4/ 131 KB
28 KB 77ms
77ms Other
image/x-icon 172.67.189.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jhghgfgrdgfcnhfhtxngd.beauty/wp/sweep_white_en_ecommerce_1_cra_66a62923faa6c195fe6543a4/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.189.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 575782ac2966882942ea18b23c874af45effaa4ffdef4756a128b5d2b91fc060

Request headers

Referer: https://jhghgfgrdgfcnhfhtxngd.beauty/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 02:36:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13504
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 28 Jul 2024 11:19:43 GMT
server: cloudflare
etag: W/"66a6294f-20b5e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n8qwW8qnOKMvkzdjlcOmAUDetTsUHudyNot9M6jItoRdM4Jkm7kOHF%2FdYJdWtahv8Gtju7SAC7zG4kG3yEzu%2FXYIEzA57AH8MdQlKs0PgsPcJI15xxJwHbWk1JHY%2BFCErRlx5YhM3dlHyTYtixcS"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: max-age=864000
cf-ray: 8ab1f60998310cf7-LAX
expires: Thu, 08 Aug 2024 22:51:22 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
jhghgfgrdgfcnhfhtxngd.beauty/	1970-01-20 23:09:45	Name: _subid Value: 1kjvodf2mfi7m
jhghgfgrdgfcnhfhtxngd.beauty/	1970-01-21 08:01:06	Name: b595c Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI0NjkwXCI6MTcyMjMwNjk4NH0sXCJjYW1wYWlnbnNcIjp7XCI0Mzg5XCI6MTcyMjMwNjk4NH0sXCJ0aW1lXCI6MTcyMjMwNjk4NH0ifQ.-UXrVUvV694Rwug0HhhCRhjrgFUgxv0VLz3rpILM9RI
.jhghgfgrdgfcnhfhtxngd.beauty/	1970-01-21 07:10:42	Name: cf_clearance Value: eb8ThIAXM3Dk1vO5u4R_UMjxvYP.dhVRU29TTtf2Kbw-1722306985-1.0.1.1-jRzvDdFV2xzOvXFss488Kdpa2UUvaD2hlgkly382Af5RPSWLqqLophL5Ubt_5.WO1lL0NLL3AeZ6Y7sKFAkZWw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.icon-icons.com
connect.facebook.net
images.prismic.io
jhghgfgrdgfcnhfhtxngd.beauty
unpkg.com
www.bkacontent.com
www.iconarchive.com
172.67.129.74
172.67.189.13
172.67.72.210
2600:1f10:4c55:e23d:5d5b:8bb5:8ae2:1fff
2606:4700::6811:f7cb
2a03:2880:f003:100:face:b00c:0:3
2a04:4e42:200::720
1e64723f15f21da3ffaed84ce924a951a34933e4984e0c8d972dec5184c0caf3
24aa687271f2870c17177860b41357725e4f3d120af5b041ced7c4291a87b014
490a37ad7677c58a4e9fff520eb7c6795e80b456b5315a4407bfe9206c5eb130
50b254e22a05e2e489238a25ebb378a9cc36382ce5f7d8106551d2af5cce2b01
573b988a6024d01265297eb0e6af75d7d4f073f67314a69432e62aa241999020
575782ac2966882942ea18b23c874af45effaa4ffdef4756a128b5d2b91fc060
5a7f8e9ea0e188d35f1afc4c723cb2ac000cfbe418b05b8771500002f6391cd9
60336484082c77ab471bebe717f67ca57e0b970e118b04974d6f942cb91ab748
8c7912370fe2b1546f4aec65f4d5b461a3792727fbaf5b18e24d148763b09164
a7837102824184820dfa198d1ebcd109ff6d0ff9a2672a074b9a1b4d147d04c6
d84ebc6331ed148e0637605c8a3d3301b47054fddd4ebc1a41d436faf4c5984a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
f1f3bc08ee324e6223c6b42e40edd1de286f2686e5bb8adbceba3781e357ce93

jhghgfgrdgfcnhfhtxngd.beauty Open in urlscan Pro 172.67.189.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

57 %IPv6

7 Domains

7 Subdomains

7 IPs

1 Countries

605 kBTransfer

1190 kBSize

3 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

3 Cookies

Indicators

jhghgfgrdgfcnhfhtxngd.beauty Open in urlscan Pro
172.67.189.13 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

7
IPs

1
Countries

605 kB
Transfer

1190 kB
Size

3
Cookies

14 HTTP transactions
0 data transactions