pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev Open in urlscan Pro
2606:4700::6812:223 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://vk.cc/cvlmvB
Effective URL:
https://pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev/dot.html
Submission Tags: falconsandbox
Submission: On March 18 via api (March 18th 2024, 2:48:57 am UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 8 domains to perform 11 HTTP transactions. The main IP is 2606:4700::6812:223, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev.
TLS certificate: Issued by E1 on February 6th 2024. Valid for: 3 months.

This is the only time pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 4	87.240.132.72 87.240.132.72	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	87.240.132.67 87.240.132.67	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1 1	152.89.61.240 152.89.61.240	30860 (YURTEH-AS) (YURTEH-AS)
2	2606:4700::68... 2606:4700::6812:223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2606:4700::68... 2606:4700::6811:3b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:ec80:300... 2a02:ec80:300:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
4	77.105.166.251 77.105.166.251	210644 (AEZA-AS) (AEZA-AS)
11	6

4 87.240.132.72 (Russian Federation) 4 redirects

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv72-132-240-87.vk.com

vk.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vkontakte.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.132.67 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv67-132-240-87.vk.com

away.vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.89.61.240 (Ukraine) 1 redirects

ASN30860 (YURTEH-AS, UA)
PTR: cpanel16.v-sys.org

www.potaho.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:223 (United States)

ASN13335 (CLOUDFLARENET, US)

pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pub-cb72f4af1674441897427b55eaf679a1.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:3b8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:ec80:300:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.105.166.251 (Paris, France)

ASN210644 (AEZA-AS, GB)
PTR: probable-bee.aeza.network

taobaotop10.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	taobaotop10.com taobaotop10.com	1 KB
3	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 4344	13 KB
3	vk.com 2 redirects vk.com — Cisco Umbrella Rank: 7269 away.vk.com — Cisco Umbrella Rank: 138318	2 KB
2	r2.dev pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev pub-cb72f4af1674441897427b55eaf679a1.r2.dev	195 KB
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 2947	40 KB
1	potaho.com 1 redirects www.potaho.com	229 B
1	vkontakte.ru 1 redirects vkontakte.ru — Cisco Umbrella Rank: 229947	591 B
1	vk.cc 1 redirects vk.cc — Cisco Umbrella Rank: 663065	564 B
11	8

	Domain	Requested by
4	taobaotop10.com	pub-cb72f4af1674441897427b55eaf679a1.r2.dev
3	challenges.cloudflare.com	1 redirects pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev challenges.cloudflare.com
2	vk.com	2 redirects
1	pub-cb72f4af1674441897427b55eaf679a1.r2.dev	pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev
1	upload.wikimedia.org	pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev
1	pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev	away.vk.com
1	www.potaho.com	1 redirects
1	away.vk.com
1	vkontakte.ru	1 redirects
1	vk.cc	1 redirects
11	10

This site contains no links.

Subject Issuer	Validity	Valid
*.vk.com GlobalSign ECC OV SSL CA 2018	`2024-02-14` - `2025-03-02`	a year	crt.sh
*.r2.dev E1	`2024-02-06` - `2024-05-06`	3 months	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-18` - `2024-10-16`	a year	crt.sh
taobaotop10.com R3	`2024-02-16` - `2024-05-16`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2023-08-18` - `2024-08-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev/dot.html
Frame ID: B105A6CA49B900FFC1A2AE258AF5E312
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/l89hd/0x4AAAAAAAI2C02IF2knOc55/auto/normal
Frame ID: E8583273634C8ABB475B38DC1010EDC8
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/oqcbb/0x4AAAAAAAI2C02IF2knOc55/auto/normal
Frame ID: 5244DFBE27F765835B7BA52F748A04C1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Checking ...

Page URL History Show full URLs

https://vk.cc/cvlmvB HTTP 302
https://vkontakte.ru/away.php?cc_key=cvlmvB&to=https%3A%2F%2Fwww.potaho.com%3Fw5r4qw65r4 HTTP 301
https://vk.com/login?act=vkcomredirect&to=YXdheS5waHA/Y2Nfa2V5PWN2bG12QiZ0bz1odHRwcyUzQSUyR... HTTP 301
https://vk.com/away.php?cc_key=cvlmvB&to=https%3A%2F%2Fwww.potaho.com%3Fw5r4qw65r4 HTTP 302
https://away.vk.com/away.php?rh=b0411283-e434-432b-b7a5-2b4e93b2a276 Page URL
https://www.potaho.com/?w5r4qw65r4 HTTP 302
https://pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev/dot.html Page URL

Page Statistics

11
Requests

82 %
HTTPS

43 %
IPv6

8
Domains

10
Subdomains

6
IPs

4
Countries

249 kB
Transfer

273 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://vk.cc/cvlmvB HTTP 302
https://vkontakte.ru/away.php?cc_key=cvlmvB&to=https%3A%2F%2Fwww.potaho.com%3Fw5r4qw65r4 HTTP 301
https://vk.com/login?act=vkcomredirect&to=YXdheS5waHA/Y2Nfa2V5PWN2bG12QiZ0bz1odHRwcyUzQSUyRiUyRnd3dy5wb3RhaG8uY29tJTNGdzVyNHF3NjVyNA-- HTTP 301
https://vk.com/away.php?cc_key=cvlmvB&to=https%3A%2F%2Fwww.potaho.com%3Fw5r4qw65r4 HTTP 302
https://away.vk.com/away.php?rh=b0411283-e434-432b-b7a5-2b4e93b2a276 Page URL
https://www.potaho.com/?w5r4qw65r4 HTTP 302
https://pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev/dot.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://vk.cc/cvlmvB HTTP 302
https://vkontakte.ru/away.php?cc_key=cvlmvB&to=https%3A%2F%2Fwww.potaho.com%3Fw5r4qw65r4 HTTP 301
https://vk.com/login?act=vkcomredirect&to=YXdheS5waHA/Y2Nfa2V5PWN2bG12QiZ0bz1odHRwcyUzQSUyRiUyRnd3dy5wb3RhaG8uY29tJTNGdzVyNHF3NjVyNA-- HTTP 301
https://vk.com/away.php?cc_key=cvlmvB&to=https%3A%2F%2Fwww.potaho.com%3Fw5r4qw65r4 HTTP 302
https://away.vk.com/away.php?rh=b0411283-e434-432b-b7a5-2b4e93b2a276

Request Chain 1

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit HTTP 302
https://challenges.cloudflare.com/turnstile/v0/b/ace796eb5511/api.js?render=explicit

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

away.php
away.vk.com/
Redirect Chain

https://vk.cc/cvlmvB
https://vkontakte.ru/away.php?cc_key=cvlmvB&to=https%3A%2F%2Fwww.potaho.com%3Fw5r4qw65r4
https://vk.com/login?act=vkcomredirect&to=YXdheS5waHA/Y2Nfa2V5PWN2bG12QiZ0bz1odHRwcyUzQSUyRiUyRnd3dy5wb3RhaG8uY29tJTNGdzVyNHF3NjVyNA--
https://vk.com/away.php?cc_key=cvlmvB&to=https%3A%2F%2Fwww.potaho.com%3Fw5r4qw65r4
https://away.vk.com/away.php?rh=b0411283-e434-432b-b7a5-2b4e93b2a276

446 B
819 B

283ms
80ms

Document
text/html

87.240.132.67
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://away.vk.com/away.php?rh=b0411283-e434-432b-b7a5-2b4e93b2a276

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.132.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv67-132-240-87.vk.com

Software

kittenx / KPHP/7.4.116099

Resource Hash

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: X-Frontend
cache-control: no-store
content-encoding: gzip
content-length: 276
content-type: text/html; charset=windows-1251
date: Mon, 18 Mar 2024 02:48:50 GMT
server: kittenx
x-frame-options: DENY
x-frontend: front922400
x-powered-by: KPHP/7.4.116099
x-trace-id: 9j6DT4Gp39hkuTyDSvaVDL7lxZqrgQ

Redirect headers

access-control-expose-headers: X-Frontend
cache-control: no-store
content-encoding: gzip
content-length: 20
content-type: text/html; charset=windows-1251
date: Mon, 18 Mar 2024 02:48:50 GMT
location: https://away.vk.com/away.php?rh=b0411283-e434-432b-b7a5-2b4e93b2a276
origin-agent-cluster: ?0
server: kittenx
strict-transport-security: max-age=15768000
x-frame-options: DENY
x-frontend: front920104
x-powered-by: KPHP/7.4.116099
x-trace-id: M_WkCvdHZejn6Zs7rh3wV96EC3mFeA

GET
H/1.1

200
OK

Primary Request dot.html Show response
pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev/
Redirect Chain

https://www.potaho.com/?w5r4qw65r4
https://pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev/dot.html

36 KB
36 KB

496ms
394ms

Document
text/html

2606:4700::6812:223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev/dot.html
Requested by: Host: away.vk.com
URL: https://away.vk.com/away.php?rh=b0411283-e434-432b-b7a5-2b4e93b2a276
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 072cdd8e5f260cb5b4812b1bb918c9c533f14edc0d79982b8464ccc3c66f8f2e

Request headers

Referer: https://away.vk.com/away.php?rh=b0411283-e434-432b-b7a5-2b4e93b2a276
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
CF-RAY: 8661e7f8de9930ed-FRA
Connection: keep-alive
Content-Length: 36449
Content-Type: text/html
Date: Mon, 18 Mar 2024 02:48:51 GMT
ETag: "042434c9c0d58dda7aa850a5a2a41f20"
Last-Modified: Mon, 11 Mar 2024 15:04:51 GMT
Server: cloudflare
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 18 Mar 2024 02:48:51 GMT
Location: https://pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev/dot.html
Server: nginx

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/b/ace796eb5511/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
https://challenges.cloudflare.com/turnstile/v0/b/ace796eb5511/api.js?render=explicit

39 KB
13 KB

60ms
59ms

Script
application/javascript

2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/ace796eb5511/api.js?render=explicit
Requested by: Host: pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev
URL: https://pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev/dot.html
Protocol: H2
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b4cbd7d8b97f8143bc9cf69201bc8e8e66420ce1d217ac8ebec246ff5489b7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 18 Mar 2024 02:48:51 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8661e7fc1dc34d8f-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 18 Mar 2024 02:48:51 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
location: /turnstile/v0/b/ace796eb5511/api.js?render=explicit
cache-control: max-age=300, public
cross-origin-resource-policy: cross-origin
cf-ray: 8661e7fbdd984d8f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 1200px-Cloudflare_Logo.png
upload.wikimedia.org/wikipedia/commons/thumb/9/94/Cloudflare_Logo.png/ 39 KB
40 KB 191ms
82ms Image
image/png 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/9/94/Cloudflare_Logo.png/1200px-Cloudflare_Logo.png?20211125225208

Requested by

Host: pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev
URL: https://pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev/dot.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

envoy /

Resource Hash

292ca7b17e46e208aa117de746d64e4724e83b3d5ac9d70e2f841e2cc03eb94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 12:34:42 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 51249
x-cache-status: hit-front
x-cache: cp3075 hit, cp3075 hit/19
content-disposition: inline;filename*=UTF-8''Cloudflare_Logo.png
server-timing: cache;desc="hit-front", host;desc="cp3075"
content-length: 39856
x-client-ip: 2a01:4a0:1338:92::8
last-modified: Fri, 13 May 2022 07:55:33 GMT
server: envoy
etag: a0b27ae4e940fbf1ec6bdb72da4601e3
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK index-EdAE6GUO.js Show response
pub-cb72f4af1674441897427b55eaf679a1.r2.dev/ 158 KB
159 KB 1079ms
970ms Script
text/javascript 2606:4700::6812:223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-cb72f4af1674441897427b55eaf679a1.r2.dev/index-EdAE6GUO.js
Requested by: Host: pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev
URL: https://pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev/dot.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acdb99f20b8b22ad7a901f81339fe4747b9b1532046e077e7a08d71c20d37dd6

Request headers

Referer: https://pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev/
Origin: https://pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 18 Mar 2024 02:48:52 GMT
Last-Modified: Thu, 15 Feb 2024 18:53:07 GMT
Server: cloudflare
ETag: "99a8c60ed8fa39b9533a10013bd87904"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8661e7fbfeae190f-FRA
Content-Length: 162097

GET
H/1.1 200
OK / Show response
taobaotop10.com/socket.io/ 118 B
348 B 185ms
50ms XHR
text/plain 77.105.166.251
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://taobaotop10.com/socket.io/?EIO=4&transport=polling&t=OvFTZsH
Requested by: Host: pub-cb72f4af1674441897427b55eaf679a1.r2.dev
URL: https://pub-cb72f4af1674441897427b55eaf679a1.r2.dev/index-EdAE6GUO.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.105.166.251 Paris, France, ASN210644 (AEZA-AS, GB),
Reverse DNS: probable-bee.aeza.network
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f27b413f5a856db798be3ae7ab16bc0ac34c3724b5191cd1863fbaa3e3862e4f

Request headers

Accept: */*
Referer: https://pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 18 Mar 2024 02:48:53 GMT
cache-control: no-store
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 118
Content-Type: text/plain; charset=UTF-8

POST
H/1.1 200
OK / Show response
taobaotop10.com/socket.io/ 2 B
214 B 45ms
45ms XHR
text/html 77.105.166.251
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://taobaotop10.com/socket.io/?EIO=4&transport=polling&t=OvFTZvC&sid=sumas0KypcEawpcsAAdi
Requested by: Host: pub-cb72f4af1674441897427b55eaf679a1.r2.dev
URL: https://pub-cb72f4af1674441897427b55eaf679a1.r2.dev/index-EdAE6GUO.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.105.166.251 Paris, France, ASN210644 (AEZA-AS, GB),
Reverse DNS: probable-bee.aeza.network
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept: */*
Referer: https://pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 18 Mar 2024 02:48:53 GMT
cache-control: no-store
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 2
Content-Type: text/html

GET
H/1.1 200
OK / Show response
taobaotop10.com/socket.io/ 32 B
261 B 91ms
46ms XHR
text/plain 77.105.166.251
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://taobaotop10.com/socket.io/?EIO=4&transport=polling&t=OvFTZvD&sid=sumas0KypcEawpcsAAdi
Requested by: Host: pub-cb72f4af1674441897427b55eaf679a1.r2.dev
URL: https://pub-cb72f4af1674441897427b55eaf679a1.r2.dev/index-EdAE6GUO.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.105.166.251 Paris, France, ASN210644 (AEZA-AS, GB),
Reverse DNS: probable-bee.aeza.network
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ed082592e64a7e7061ea71525c31bd3e29263762401209f91d4558c6b08d9be3

Request headers

Accept: */*
Referer: https://pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 18 Mar 2024 02:48:53 GMT
cache-control: no-store
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 32
Content-Type: text/plain; charset=UTF-8

GET
H/1.1 200
OK / Show response
taobaotop10.com/socket.io/ 1 B
229 B 189ms
189ms XHR
text/plain 77.105.166.251
AEZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://taobaotop10.com/socket.io/?EIO=4&transport=polling&t=OvFTZwg&sid=sumas0KypcEawpcsAAdi
Requested by: Host: pub-cb72f4af1674441897427b55eaf679a1.r2.dev
URL: https://pub-cb72f4af1674441897427b55eaf679a1.r2.dev/index-EdAE6GUO.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.105.166.251 Paris, France, ASN210644 (AEZA-AS, GB),
Reverse DNS: probable-bee.aeza.network
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

Accept: */*
Referer: https://pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 18 Mar 2024 02:48:53 GMT
cache-control: no-store
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 1
Content-Type: text/plain; charset=UTF-8

GET normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/l89hd/0x4AAAAAAAI2C02IF2knOc55/auto/ Frame E858 0
0

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/oqcbb/0x4AAAAAAAI2C02IF2knOc55/auto/ Frame 5244 0
0 53ms
53ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/oqcbb/0x4AAAAAAAI2C02IF2knOc55/auto/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Referer: https://pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8661e8046eef972c-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 18 Mar 2024 02:48:53 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/l89hd/0x4AAAAAAAI2C02IF2knOc55/auto/normal

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vkontakte.ru/	1970-01-21 03:57:46	Name: remixstlid Value: 9071825040825296555_KGnOe3InO7xDGmaMkZNXowQoxoIZM0WFry5bkTzCKRX
.vk.com/	1970-01-21 03:49:41	Name: remixlang Value: 6
.vk.com/	1970-01-21 03:57:46	Name: remixstlid Value: 9121646111703222760_KStkuOAk5x8Q9Ae4OMDZm6wPWrl9RdWTldfIDQuTOaP
.vk.com/	1969-12-31 23:59:59	Name: remixvkcom Value: 1
.vk.com/	1970-01-21 04:05:58	Name: remixua Value: -1%7C-1%7C202%7C778983455

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

away.vk.com
challenges.cloudflare.com
pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev
pub-cb72f4af1674441897427b55eaf679a1.r2.dev
taobaotop10.com
upload.wikimedia.org
vk.cc
vk.com
vkontakte.ru
www.potaho.com
challenges.cloudflare.com
152.89.61.240
2606:4700::6811:3b8
2606:4700::6812:223
2a02:ec80:300:ed1a::2:b
77.105.166.251
87.240.132.67
87.240.132.72
072cdd8e5f260cb5b4812b1bb918c9c533f14edc0d79982b8464ccc3c66f8f2e
1b4cbd7d8b97f8143bc9cf69201bc8e8e66420ce1d217ac8ebec246ff5489b7f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
292ca7b17e46e208aa117de746d64e4724e83b3d5ac9d70e2f841e2cc03eb94b
acdb99f20b8b22ad7a901f81339fe4747b9b1532046e077e7a08d71c20d37dd6
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
ed082592e64a7e7061ea71525c31bd3e29263762401209f91d4558c6b08d9be3
f27b413f5a856db798be3ae7ab16bc0ac34c3724b5191cd1863fbaa3e3862e4f

pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev Open in urlscan Pro 2606:4700::6812:223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

82 %HTTPS

43 %IPv6

8 Domains

10 Subdomains

6 IPs

4 Countries

249 kBTransfer

273 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

5 Cookies

Security Headers

Indicators

pub-86e47bfbf41f4147a1b6ad1b219403d9.r2.dev Open in urlscan Pro
2606:4700::6812:223 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

82 %
HTTPS

43 %
IPv6

8
Domains

10
Subdomains

6
IPs

4
Countries

249 kB
Transfer

273 kB
Size

5
Cookies

11 HTTP transactions
0 data transactions