r4s5t6u7v8w9x0.d0f6.ru Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://wgh87oq.grupopedrabonita.com.br/trp/
Effective URL:
https://r4s5t6u7v8w9x0.d0f6.ru/s6Z4v2L/
Submission: On July 20 via manual (July 20th 2023, 1:15:05 am UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 15 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is r4s5t6u7v8w9x0.d0f6.ru.
TLS certificate: Issued by GTS CA 1P5 on July 12th 2023. Valid for: 3 months.

This is the only time r4s5t6u7v8w9x0.d0f6.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	192.185.216.184 192.185.216.184	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
1 9	2606:4700::68... 2606:4700::6811:3b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
15	6

1 192.185.216.184 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: srv54-ip11.prodns.com.br

wgh87oq.grupopedrabonita.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

r4s5t6u7v8w9x0.d0f6.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6811:3b8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 6195	163 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 367	25 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 710	30 KB
1	d0f6.ru r4s5t6u7v8w9x0.d0f6.ru	2 KB
1	grupopedrabonita.com.br wgh87oq.grupopedrabonita.com.br	254 B
15	5

	Domain	Requested by
9	challenges.cloudflare.com	1 redirects r4s5t6u7v8w9x0.d0f6.ru challenges.cloudflare.com
1	cdn.jsdelivr.net	wgh87oq.grupopedrabonita.com.br
1	code.jquery.com	wgh87oq.grupopedrabonita.com.br
1	r4s5t6u7v8w9x0.d0f6.ru	wgh87oq.grupopedrabonita.com.br
1	wgh87oq.grupopedrabonita.com.br
15	5

This site contains no links.

Subject Issuer	Validity	Valid
*.grupopedrabonita.com.br R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
d0f6.ru GTS CA 1P5	`2023-07-12` - `2023-10-10`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://r4s5t6u7v8w9x0.d0f6.ru/s6Z4v2L/
Frame ID: B8EA145D3B94A195D8F361CF85B23A7F
Requests: 6 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hxnmw/0x4AAAAAAAHUIK5EWCHaw7qJ/auto/normal
Frame ID: 3D710AAD76FBF7B1544302696DCBA82A
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://wgh87oq.grupopedrabonita.com.br/trp/ Page URL
https://r4s5t6u7v8w9x0.d0f6.ru/s6Z4v2L/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

15
Requests

73 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

221 kB
Transfer

573 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wgh87oq.grupopedrabonita.com.br/trp/ Page URL
https://r4s5t6u7v8w9x0.d0f6.ru/s6Z4v2L/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/49c24b54/api.js

15 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
wgh87oq.grupopedrabonita.com.br/trp/ 106 B
254 B 835ms
168ms Document
text/html 192.185.216.184
NETWORK-SOLUTIONS...

General

Check archive.org

Show headers Download Go to

Full URL: https://wgh87oq.grupopedrabonita.com.br/trp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.216.184 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS: srv54-ip11.prodns.com.br
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 117
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 01:14:59 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 Primary Request / Show response
r4s5t6u7v8w9x0.d0f6.ru/s6Z4v2L/ 3 KB
2 KB 768ms
689ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://r4s5t6u7v8w9x0.d0f6.ru/s6Z4v2L/
Requested by: Host: wgh87oq.grupopedrabonita.com.br
URL: https://wgh87oq.grupopedrabonita.com.br/trp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.8
Resource Hash: 21025fc323de524552aa05df319b17a578e64c091486cefab93b71859500d4a6

Request headers

Referer: https://wgh87oq.grupopedrabonita.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7e9759baefdc3611-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 20 Jul 2023 01:15:00 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOzF6TtNU9vAMw28VXaNixLSK8L8OepqwXUcqKSo8PEkN8%2FQSCqkL3b9wuWUcJMnaeiqYy%2BMBPDFrlzNpuY1xnmDR3%2Fy4kZZ23e9Hc7hRbmBTpvYElPOZtVz0IjHan6zgmw9y5kXFL%2FNv6t09a3nPrwON5mY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/8.2.8
x-turbo-charged-by: LiteSpeed

GET
DATA 200
OK truncated Show response
/ 130 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51c9f5098b2de362288889a34de530f458586dd017fa29eb9af91ab1e214881d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 86ms
30ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: wgh87oq.grupopedrabonita.com.br
URL: https://wgh87oq.grupopedrabonita.com.br/trp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://r4s5t6u7v8w9x0.d0f6.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 20 Jul 2023 01:15:00 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1689815700.dop233.fr8.t,1689815700.cds132.fr8.hn,1689815700.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/49c24b54/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js
https://challenges.cloudflare.com/turnstile/v0/g/49c24b54/api.js

22 KB
8 KB

44ms
43ms

Script
application/javascript

2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/49c24b54/api.js
Requested by: Host: r4s5t6u7v8w9x0.d0f6.ru
URL: https://r4s5t6u7v8w9x0.d0f6.ru/s6Z4v2L/
Protocol: H2
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbca23300b3beeefb7ca7cb3ee5f511e62191546966be51093ab11b5d9b7004b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r4s5t6u7v8w9x0.d0f6.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 01:15:00 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7e9759bfdac64d4c-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 20 Jul 2023 01:15:00 GMT
server: cloudflare
vary: accept-encoding
location: /turnstile/v0/g/49c24b54/api.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7e9759bfaab34d4c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
25 KB 104ms
29ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: wgh87oq.grupopedrabonita.com.br
URL: https://wgh87oq.grupopedrabonita.com.br/trp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://r4s5t6u7v8w9x0.d0f6.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Jul 2023 01:15:00 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3338942
x-jsd-version: 5.0.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25360
x-served-by: cache-fra-eddf8230097-FRA, cache-muc13950-MUC
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hxnmw/0x4AAAAAAAHUIK5EWCHaw7qJ/auto/ Frame 3D71 24 KB
8 KB 34ms
34ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hxnmw/0x4AAAAAAAHUIK5EWCHaw7qJ/auto/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b28c7338a2c5273419c692468b3d14693e0173ee38236a92645621a129f8774e

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: https://r4s5t6u7v8w9x0.d0f6.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7e9759c03aac68fd-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jul 2023 01:15:00 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 3D71 167 KB
58 KB 29ms
29ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e9759c03aac68fd
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hxnmw/0x4AAAAAAAHUIK5EWCHaw7qJ/auto/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e2b0eb4d894a01d74d3c0b5b8889a1bfd0f1cea07dbdf2ec51be2d1dd46ccb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hxnmw/0x4AAAAAAAHUIK5EWCHaw7qJ/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 01:15:00 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7e9759c0aae068fd-FRA
alt-svc: h3=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

GET
BLOB 200
OK 931a5c00-e0f5-4baa-afb9-bf0d87fdcaf6
https://challenges.cloudflare.com/ Frame 3D71 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/931a5c00-e0f5-4baa-afb9-bf0d87fdcaf6
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hxnmw/0x4AAAAAAAHUIK5EWCHaw7qJ/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 200 8f8d0aaa5f5e399 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/645002325:1689812079:WgYNcX0yTGfoH1rVH6U6SQR8vCQHcH31_wQpZBNuNpk/7e9759c03aac68fd/ Frame 3D71 102 KB
77 KB 69ms
69ms XHR
text/plain 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/645002325:1689812079:WgYNcX0yTGfoH1rVH6U6SQR8vCQHcH31_wQpZBNuNpk/7e9759c03aac68fd/8f8d0aaa5f5e399
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e9759c03aac68fd
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db016dd2c03ae394a9e6a29bb8ab359abb3df2cdd7545238abe375dbff3140dd

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hxnmw/0x4AAAAAAAHUIK5EWCHaw7qJ/auto/normal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
CF-Challenge: 8f8d0aaa5f5e399
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: agTrF9A4+I1ts3LO/mwFLcct47Ka8mE++yT+d/XjMeU8Lrx671IwLV2gRCiv9T9Zmzm7Ye51+AwlaHB7QMafeFI4asetmw3u3r03q8FuizsjC2TRaiVyQzG7MkMRZCfbDekOcHNZ4NGOD2j3voOh94JsVukN/gDrnAPfOmAOMDeJtZHy5I603FrGfG/w3rlSIM7X8Hr3wlQsOt5dwNeYyHBVQKDhnhguCMSp2xeYZtZgTVf7nNesGVBxy7qMYPbV1V9TmQwNgkZUmNFDTQIvscDwFIH2ugOCMxZfiSrjpVC31SNgoRefyQh6x6qk5TY/owuiHGIEt/K6hk5bjISA6nnx3DRdzo+Xj/837ty9X0cTBvTzACQEyHRYhOdxM80zXGhzCFjYK7PyBBGzmcXLEnlEzK/3374oAZthryII8SoUsSUNjvQS/K8N0nzvsQN1$0vlxj2dQvv6kJV4w5ijPaQ==
date: Thu, 20 Jul 2023 01:15:00 GMT
content-encoding: br
server: cloudflare
cf-ray: 7e9759c1ebda68fd-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
BLOB 200
OK dadc3ebe-1699-4689-8567-53210d20a592
https://challenges.cloudflare.com/ Frame 3D71 99 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/dadc3ebe-1699-4689-8567-53210d20a592
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hxnmw/0x4AAAAAAAHUIK5EWCHaw7qJ/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Length: 99
Content-Type: text/javascript

GET
H3 200 Af6VMm6TpkDAit2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/7e9759c03aac68fd/1689815700790/ Frame 3D71 61 B
147 B 27ms
26ms Image
image/png 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/7e9759c03aac68fd/1689815700790/Af6VMm6TpkDAit2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32911cddbb1b29d275f904f616adedfa61cb017754fdf1e838b64a1ed890d954

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hxnmw/0x4AAAAAAAHUIK5EWCHaw7qJ/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 01:15:01 GMT
server: cloudflare
cf-ray: 7e9759c48e1268fd-FRA
alt-svc: h3=":443"; ma=86400
content-type: image/png

GET
H3 200 gJPBFzmuGpHkmFC
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/7e9759c03aac68fd/1689815700791/ Frame 3D71 61 B
147 B 28ms
28ms Image
image/png 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/7e9759c03aac68fd/1689815700791/gJPBFzmuGpHkmFC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7da1e908e430a7e7bfb971c5f10ff10fc33a031bbfaa33435ef5fb5f8827ed8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hxnmw/0x4AAAAAAAHUIK5EWCHaw7qJ/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 01:15:01 GMT
server: cloudflare
cf-ray: 7e9759c4ce7168fd-FRA
alt-svc: h3=":443"; ma=86400
content-type: image/png

GET
H3 401 2hXLBPnYAGWc7Bm Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e9759c03aac68fd/1689815700792/aab40f3287a4c4ac1967ea58bfa92d1b46e69b463dc0d62d7596515e697363ee/ Frame 3D71 1 B
631 B 27ms
26ms Fetch
text/plain 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e9759c03aac68fd/1689815700792/aab40f3287a4c4ac1967ea58bfa92d1b46e69b463dc0d62d7596515e697363ee/2hXLBPnYAGWc7Bm
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e9759c03aac68fd
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hxnmw/0x4AAAAAAAHUIK5EWCHaw7qJ/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 01:15:01 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gqrQPMoekxKwZZ-pYv6ktG0bmm0Y9wNYtdZZRXmlzY-4AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAxZ1YkzjljZnBl4EjkGkgLJYi23wb8Jswf8zKYPPM85j0nCkawqlMc5VrTdrv4Ev9OgTSZDsnT9h0xeCjJl8r1IvPorSYVOtpPkXAsJsF4qkWsiagHZldCP60SsllIjwYpp-ozS6T3x0Xzp8Zy27QcRTpyS9wckHYYnAkeGtLnO09ejgTgwt_Gth7PN-AdmzzyIoSrERMNsfJ8ICLm-qv36xCXUZqt9MSYNwwxQi2q7gbwvHGVzisaNQ0ejzDDXKS5PBETsG1Q6L_rhvjZcrGWFMm16XU6dbCWo4CkdJXSEO49qpLYrFlSBVp3Vlps82PxWSEfli_2FtKe3JpGSibuQIDAQAB, max-age=20
server: cloudflare
cf-ray: 7e9759c52edb68fd-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
BLOB 200
OK eea49ff4-bb62-4e6a-836b-75440dd45cf5
https://challenges.cloudflare.com/ Frame 3D71 99 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/eea49ff4-bb62-4e6a-836b-75440dd45cf5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hxnmw/0x4AAAAAAAHUIK5EWCHaw7qJ/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Content-Length: 99
Content-Type: text/javascript

POST
H3 200 8f8d0aaa5f5e399 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/645002325:1689812079:WgYNcX0yTGfoH1rVH6U6SQR8vCQHcH31_wQpZBNuNpk/7e9759c03aac68fd/ Frame 3D71 15 KB
11 KB 53ms
49ms XHR
text/plain 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/645002325:1689812079:WgYNcX0yTGfoH1rVH6U6SQR8vCQHcH31_wQpZBNuNpk/7e9759c03aac68fd/8f8d0aaa5f5e399
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e9759c03aac68fd
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8660f81b1050b960747de56bc1cf4aac1612e45708f95a851cbd39c62e4bba2

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hxnmw/0x4AAAAAAAHUIK5EWCHaw7qJ/auto/normal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
CF-Challenge: 8f8d0aaa5f5e399
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: umJwv48JnDdIuxmfuFlF5YR2XELzvhGoZqSB88o5Qyeu/Xzr7jVJoVBbJAFjQNY1$SnKybRkmdoOruXVVe8Obxw==
date: Thu, 20 Jul 2023 01:15:01 GMT
content-encoding: br
server: cloudflare
cf-ray: 7e9759c7787968fd-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			wgh87oq.grupopedrabonita.com.br/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8fd74ad82e1d75accbd91fb86c607573
			r4s5t6u7v8w9x0.d0f6.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: l85ddbju7idt3mhhsie8mmo6sk

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoImh0bWwiKS5nZXRBdHRyaWJ1dGUoInZhbHVlIikpKSkpO25veD0iN3c5Y3JgaWVfaiYmJjdrNm5fMTEiOw== Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoImh0bWwiKS5nZXRBdHRyaWJ1dGUoInZhbHVlIikpKSkpO25veD0iN3c5Y3JgaWVfaiYmJjdrNm5fMTEiOw== Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://challenges.cloudflare.com/turnstile/v0/api.js Message: Unrecognized origin: 'fullscreen'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e9759c03aac68fd/1689815700792/aab40f3287a4c4ac1967ea58bfa92d1b46e69b463dc0d62d7596515e697363ee/2hXLBPnYAGWc7Bm Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
challenges.cloudflare.com
code.jquery.com
r4s5t6u7v8w9x0.d0f6.ru
wgh87oq.grupopedrabonita.com.br
192.185.216.184
2001:4de0:ac18::1:a:2b
2606:4700::6811:3b8
2a04:4e42:600::485
2a06:98c1:3121::3
21025fc323de524552aa05df319b17a578e64c091486cefab93b71859500d4a6
32911cddbb1b29d275f904f616adedfa61cb017754fdf1e838b64a1ed890d954
4e2b0eb4d894a01d74d3c0b5b8889a1bfd0f1cea07dbdf2ec51be2d1dd46ccb1
51c9f5098b2de362288889a34de530f458586dd017fa29eb9af91ab1e214881d
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194
b28c7338a2c5273419c692468b3d14693e0173ee38236a92645621a129f8774e
d7da1e908e430a7e7bfb971c5f10ff10fc33a031bbfaa33435ef5fb5f8827ed8
d8660f81b1050b960747de56bc1cf4aac1612e45708f95a851cbd39c62e4bba2
db016dd2c03ae394a9e6a29bb8ab359abb3df2cdd7545238abe375dbff3140dd
dbca23300b3beeefb7ca7cb3ee5f511e62191546966be51093ab11b5d9b7004b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

r4s5t6u7v8w9x0.d0f6.ru Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

73 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

6 IPs

2 Countries

221 kBTransfer

573 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

2 Cookies

5 Console Messages

Indicators

r4s5t6u7v8w9x0.d0f6.ru Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

73 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

221 kB
Transfer

573 kB
Size

2
Cookies

15 HTTP transactions
1 data transactions