r4s5t6u7v8w9x0.d0f6.ru
Open in
urlscan Pro
2a06:98c1:3121::3
Public Scan
Effective URL: https://r4s5t6u7v8w9x0.d0f6.ru/s6Z4v2L/
Submission: On July 20 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on July 12th 2023. Valid for: 3 months.
This is the only time r4s5t6u7v8w9x0.d0f6.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 192.185.216.184 192.185.216.184 | 19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING) | |
1 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:2b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
1 9 | 2606:4700::68... 2606:4700::6811:3b8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42:600... 2a04:4e42:600::485 | 54113 (FASTLY) (FASTLY) | |
15 | 6 |
ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: srv54-ip11.prodns.com.br
wgh87oq.grupopedrabonita.com.br |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
cloudflare.com
1 redirects
challenges.cloudflare.com — Cisco Umbrella Rank: 6195 |
163 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 367 |
25 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 710 |
30 KB |
1 |
d0f6.ru
r4s5t6u7v8w9x0.d0f6.ru |
2 KB |
1 |
grupopedrabonita.com.br
wgh87oq.grupopedrabonita.com.br |
254 B |
15 | 5 |
Domain | Requested by | |
---|---|---|
9 | challenges.cloudflare.com |
1 redirects
r4s5t6u7v8w9x0.d0f6.ru
challenges.cloudflare.com |
1 | cdn.jsdelivr.net |
wgh87oq.grupopedrabonita.com.br
|
1 | code.jquery.com |
wgh87oq.grupopedrabonita.com.br
|
1 | r4s5t6u7v8w9x0.d0f6.ru |
wgh87oq.grupopedrabonita.com.br
|
1 | wgh87oq.grupopedrabonita.com.br | |
15 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.grupopedrabonita.com.br R3 |
2023-06-13 - 2023-09-11 |
3 months | crt.sh |
d0f6.ru GTS CA 1P5 |
2023-07-12 - 2023-10-10 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
challenges.cloudflare.com Cloudflare Inc ECC CA-3 |
2022-09-18 - 2023-09-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://r4s5t6u7v8w9x0.d0f6.ru/s6Z4v2L/
Frame ID: B8EA145D3B94A195D8F361CF85B23A7F
Requests: 6 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hxnmw/0x4AAAAAAAHUIK5EWCHaw7qJ/auto/normal
Frame ID: 3D710AAD76FBF7B1544302696DCBA82A
Requests: 10 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://wgh87oq.grupopedrabonita.com.br/trp/ Page URL
- https://r4s5t6u7v8w9x0.d0f6.ru/s6Z4v2L/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://wgh87oq.grupopedrabonita.com.br/trp/ Page URL
- https://r4s5t6u7v8w9x0.d0f6.ru/s6Z4v2L/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
- https://challenges.cloudflare.com/turnstile/v0/g/49c24b54/api.js
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
wgh87oq.grupopedrabonita.com.br/trp/ |
106 B 254 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
r4s5t6u7v8w9x0.d0f6.ru/s6Z4v2L/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
130 B 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
challenges.cloudflare.com/turnstile/v0/g/49c24b54/ Redirect Chain
|
22 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ |
152 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/hxnmw/0x4AAAAAAAHUIK5EWCHaw7qJ/auto/ Frame 3D71 |
24 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 3D71 |
167 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
931a5c00-e0f5-4baa-afb9-bf0d87fdcaf6
https://challenges.cloudflare.com/ Frame 3D71 |
13 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
8f8d0aaa5f5e399
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/645002325:1689812079:WgYNcX0yTGfoH1rVH6U6SQR8vCQHcH31_wQpZBNuNpk/7e9759c03aac68fd/ Frame 3D71 |
102 KB 77 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
dadc3ebe-1699-4689-8567-53210d20a592
https://challenges.cloudflare.com/ Frame 3D71 |
99 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Af6VMm6TpkDAit2
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/7e9759c03aac68fd/1689815700790/ Frame 3D71 |
61 B 147 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gJPBFzmuGpHkmFC
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/7e9759c03aac68fd/1689815700791/ Frame 3D71 |
61 B 147 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2hXLBPnYAGWc7Bm
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e9759c03aac68fd/1689815700792/aab40f3287a4c4ac1967ea58bfa92d1b46e69b463dc0d62d7596515e697363ee/ Frame 3D71 |
1 B 631 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
eea49ff4-bb62-4e6a-836b-75440dd45cf5
https://challenges.cloudflare.com/ Frame 3D71 |
99 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
8f8d0aaa5f5e399
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/645002325:1689812079:WgYNcX0yTGfoH1rVH6U6SQR8vCQHcH31_wQpZBNuNpk/7e9759c03aac68fd/ Frame 3D71 |
15 KB 11 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend string| nox function| $ function| jQuery function| x object| turnstile2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
wgh87oq.grupopedrabonita.com.br/ | Name: PHPSESSID Value: 8fd74ad82e1d75accbd91fb86c607573 |
|
r4s5t6u7v8w9x0.d0f6.ru/ | Name: PHPSESSID Value: l85ddbju7idt3mhhsie8mmo6sk |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
challenges.cloudflare.com
code.jquery.com
r4s5t6u7v8w9x0.d0f6.ru
wgh87oq.grupopedrabonita.com.br
192.185.216.184
2001:4de0:ac18::1:a:2b
2606:4700::6811:3b8
2a04:4e42:600::485
2a06:98c1:3121::3
21025fc323de524552aa05df319b17a578e64c091486cefab93b71859500d4a6
32911cddbb1b29d275f904f616adedfa61cb017754fdf1e838b64a1ed890d954
4e2b0eb4d894a01d74d3c0b5b8889a1bfd0f1cea07dbdf2ec51be2d1dd46ccb1
51c9f5098b2de362288889a34de530f458586dd017fa29eb9af91ab1e214881d
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194
b28c7338a2c5273419c692468b3d14693e0173ee38236a92645621a129f8774e
d7da1e908e430a7e7bfb971c5f10ff10fc33a031bbfaa33435ef5fb5f8827ed8
d8660f81b1050b960747de56bc1cf4aac1612e45708f95a851cbd39c62e4bba2
db016dd2c03ae394a9e6a29bb8ab359abb3df2cdd7545238abe375dbff3140dd
dbca23300b3beeefb7ca7cb3ee5f511e62191546966be51093ab11b5d9b7004b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e