5956g.com Open in urlscan Pro
188.114.97.9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rbher.com/
Effective URL:
https://5956g.com/download?&from=rbher.com
Submission: On August 30 via api (August 30th 2024, 1:52:39 pm UTC) from US — Scanned from DE

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 28 HTTP transactions. The main IP is 188.114.97.9, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is 5956g.com.
TLS certificate: Issued by WE1 on August 24th 2024. Valid for: 3 months.

This is the only time 5956g.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	172.66.47.197 172.66.47.197	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	188.114.97.9 188.114.97.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	104.18.95.41 104.18.95.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	4

19 172.66.47.197 (United States)

ASN13335 (CLOUDFLARENET, US)

rbher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.114.97.9 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

5956g.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.95.41 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	rbher.com rbher.com	254 KB
6	5956g.com 5956g.com	33 KB
4	cloudflare.com 1 redirects cdnjs.cloudflare.com — Cisco Umbrella Rank: 336 challenges.cloudflare.com — Cisco Umbrella Rank: 3877	97 KB
28	3

	Domain	Requested by
19	rbher.com	rbher.com
6	5956g.com	rbher.com 5956g.com
2	challenges.cloudflare.com	1 redirects 5956g.com
2	cdnjs.cloudflare.com	5956g.com cdnjs.cloudflare.com
28	4

This site contains no links.

Subject Issuer	Validity	Valid
rbher.com WE1	`2024-08-27` - `2024-11-25`	3 months	crt.sh
5956g.com WE1	`2024-08-24` - `2024-11-22`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://5956g.com/download?&from=rbher.com
Frame ID: 66A4F1C9DB42E31C71583C81B132D051
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://rbher.com/ Page URL
https://5956g.com/download?&from=rbher.com Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

28
Requests

96 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

384 kB
Transfer

3117 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rbher.com/ Page URL
https://5956g.com/download?&from=rbher.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 / Show response
rbher.com/ 5 KB
2 KB 1942ms
485ms Document
text/html 172.66.47.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rbher.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.47.197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Nuxt
Resource Hash: c772b811ed4169c56e35b5d07d6e4fc7137869d862b59783a7540bedfd302e13

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 8bb543001fe4ca48-HAM
content-encoding: br
content-type: text/html;charset=utf-8
date: Fri, 30 Aug 2024 13:52:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7kCp7ZQXga56yME8fbfyNlH%2BVhkqOtgz0KA3noptUw%2Fb%2FZhbymM3nFCgBJnAK70AjMfJI1iZ15FlxSADtM32JTeqiBXy3UKcY7UvNJaUOT4iTo6w0IGeTVEIbFg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Nuxt

GET
H3 200 CSxiM0f3.js Show response
rbher.com/_nuxt/ 96 KB
40 KB 92ms
87ms Script
application/javascript 172.66.47.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rbher.com/_nuxt/CSxiM0f3.js

Requested by

Host: rbher.com
URL: https://rbher.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc78fbb07fbd2647d1f570e45076a770d7a1e03ed98d2d207e82f0e9ab06a6a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbher.com/
Origin: https://rbher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"99da7c7494d3c440694333ad4525988f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N6OrBOyTkYl2GqiifwYs1N%2BtVi2enh7UGDV2Md6nYEtbCMe%2FaNQak9vNkZ9Gh57ZWZvBB0m%2Bxhgfw9%2BSyFqSs9u%2BJ90Tc4kJDd64l8yWL6DYvyiU%2BRe2jI4oK4w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8bb543035bd4ca48-HAM
alt-svc: h3=":443"; ma=86400

GET
H3 200 BGL1OvO6-legacy.js Show response
rbher.com/_nuxt/ 89 KB
37 KB 141ms
136ms Script
application/javascript 172.66.47.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rbher.com/_nuxt/BGL1OvO6-legacy.js

Requested by

Host: rbher.com
URL: https://rbher.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b05c11a87310cfab4fa8358f2bebbc890524247f1746a718e7750afec0fd4cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbher.com/
Origin: https://rbher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a245b589168e00b525a0298fdad77af9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kE%2F5P2NcPbEKKo8m8jRFUWkUCRNqnNIJcyxM13n6EDPonZOrrMnZe4C%2BID267GE%2F4k07snt0Yrd6AP3armbeDjufh3WzNvCsS%2FKTbsgt5m%2Feib36EQ2A7wxvrO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8bb543035bd5ca48-HAM
alt-svc: h3=":443"; ma=86400

GET
H3 200 CG9Spi7C-legacy.js Show response
rbher.com/_nuxt/ 148 KB
56 KB 141ms
136ms Script
application/javascript 172.66.47.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rbher.com/_nuxt/CG9Spi7C-legacy.js

Requested by

Host: rbher.com
URL: https://rbher.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6959c8da840c14b762b1ef97579964be3ee517212082a05e7f10282eb03ad6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbher.com/
Origin: https://rbher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"33a606a22bc0ac9e34563192887c64f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=660sigyi5DP0UaAXxUp2ReinvtKTOWGuCI3keOs1k8MTwobQIji2wAZfwY%2FsPjEKrFGM1tC5cqbXhdJ%2FuU4IEWlKQP8yn%2FKjeiwo8QUd0OcLRrma6VAML5H1b7o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8bb543035bd8ca48-HAM
alt-svc: h3=":443"; ma=86400

GET
H3 200 BtHI0xCd.js Show response
rbher.com/_nuxt/ 151 KB
59 KB 140ms
135ms Script
application/javascript 172.66.47.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rbher.com/_nuxt/BtHI0xCd.js

Requested by

Host: rbher.com
URL: https://rbher.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8028c7bce55c55291f2555e73af0b7b4bfdf2f3cb5f6a1124e273a432c87ea5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbher.com/
Origin: https://rbher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"62d22af4737b6992cba8fc090f88da21"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kCV50RFzFPis2kWtCQwwkKywtgMv9QZunjAb4HT9%2FPPgefzZQOzFd%2BFqFkxH4suTd4nQZR7tGNNXLyRCxR0h8dZLwptBx8JEovoDHgULg%2BOSFsm2E5ZBNMLSW%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8bb543035bd9ca48-HAM
alt-svc: h3=":443"; ma=86400

GET
H3 200 BdP6-nu5.js Show response
rbher.com/_nuxt/ 20 KB
10 KB 169ms
164ms Script
application/javascript 172.66.47.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rbher.com/_nuxt/BdP6-nu5.js

Requested by

Host: rbher.com
URL: https://rbher.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4d7a6340b2ef09a3e70d4e781c5a624ba94564690daf9086c4144137e99664d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbher.com/
Origin: https://rbher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"970710e93fdacdc868df7dee71dc77fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qxO%2F58akwxivS%2B27zKlEmPd%2BQdjzix9i9Bmk5WzYIy3BVUmwMTRlGjXd03Z9JZXJBYy45iJOpLvgZtNGcmMOmXcgn5IMysCWdN6TJ8AEf9FwI64t1M%2BvSDyHGxM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8bb543035bdaca48-HAM
alt-svc: h3=":443"; ma=86400

GET
H3 200 B-Ymw88D.js Show response
rbher.com/_nuxt/ 13 KB
6 KB 297ms
292ms Script
application/javascript 172.66.47.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rbher.com/_nuxt/B-Ymw88D.js

Requested by

Host: rbher.com
URL: https://rbher.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42a6cb9337ea85c153dcae7a2d7e81d205d943e9fa4666f43ad57e514a8bcf65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbher.com/
Origin: https://rbher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"f69b20993bfdf5ba8958392fbc00a6ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i4RupcWG9%2F%2BxFJrLZIfCGjq12tlDWKbOuGQ1EY539iB81y%2FHkqG6JJ6XjwzELBQhnfsVluVPEq89IYbkX9WfXLI1Nz%2BEyVfuypLA5OOVOPH%2B6PTL7SVreCbtb8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8bb543035bdbca48-HAM
alt-svc: h3=":443"; ma=86400

GET
H3 200 BeWpKS1A.js Show response
rbher.com/_nuxt/ 384 B
726 B 295ms
290ms Script
application/javascript 172.66.47.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rbher.com/_nuxt/BeWpKS1A.js

Requested by

Host: rbher.com
URL: https://rbher.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39568c83d5637c295d6dc1df5f44f4a796a938e5871beb922edcacb45394206a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbher.com/
Origin: https://rbher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6e3b21cc4a11c17c2708454ecd159f4b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c40n7azTyRTsKnGIo3eBBE46uhKmP6lsD0teihoh8BXugdP7kcWnOwJcq3iJfwlhSRT24IDcISuECp0CHn5XuvI3Xtdmi55JlfYkCXOzDJr3rYpmzvRDoN7dvYA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8bb543035bdcca48-HAM
alt-svc: h3=":443"; ma=86400

GET
H3 200 CUi3Cwae-legacy.js
rbher.com/_nuxt/ 0
10 KB 89ms
78ms Other
application/javascript 172.66.47.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rbher.com/_nuxt/CUi3Cwae-legacy.js

Requested by

Host: rbher.com
URL: https://rbher.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbher.com/
Origin: https://rbher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"18c763eeb952f40d8fb64b2d51b2c6cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e2Z9ImQA%2FiEO4uXuKjHKMGZ2ODBKT91Lm5z9DewbFP5RPOQM%2BnsEm2uyUC%2FIXCN%2Bk%2Ftiptw3TnxcfjUt6WxR6m6DTV80ibMMIIfTNMI1FKqolazD3nU2WBM4EKY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8bb54305cf12ca48-HAM
alt-svc: h3=":443"; ma=86400

GET
H3 200 BwQyFjNp-legacy.js
rbher.com/_nuxt/ 0
6 KB 96ms
91ms Other
application/javascript 172.66.47.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rbher.com/_nuxt/BwQyFjNp-legacy.js

Requested by

Host: rbher.com
URL: https://rbher.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbher.com/
Origin: https://rbher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"09156250153c2fb6547cf1ec70820630"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=95pVNXe%2BXLpBj%2FC96XuCWrK1geDL4Z9cO4RpyB0aSGBx%2BVuXIpUzAyLpmKe5RfqVezgpTpYkfHUjMKRGAEJ7T2MB8o5xyUxpJa%2BFE%2BijtSN03iujdzQZ9wq%2BwrI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8bb543066ffdca48-HAM
alt-svc: h3=":443"; ma=86400

GET
H3 200 B9EL1Zng-legacy.js
rbher.com/_nuxt/ 0
783 B 117ms
111ms Other
application/javascript 172.66.47.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rbher.com/_nuxt/B9EL1Zng-legacy.js

Requested by

Host: rbher.com
URL: https://rbher.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbher.com/
Origin: https://rbher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ce966a4226274ed6ce40661e9560bf0b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T5Q%2BJOD9IT0PHSN1nN3be5UlZp%2B1sJyMPHH%2BJKcFCfnTa6OQvqkgSnu7blJyM0guCUH%2B0zItH5HVhy%2FgYGcggDzR%2FUmCW6r8STK5O6%2BwCyqV5TgLIYWBZojcjbs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8bb543066803ca48-HAM
alt-svc: h3=":443"; ma=86400

GET
H3 200 4_m7u5P1-legacy.js
rbher.com/_nuxt/ 0
13 KB 115ms
110ms Other
application/javascript 172.66.47.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rbher.com/_nuxt/4_m7u5P1-legacy.js

Requested by

Host: rbher.com
URL: https://rbher.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbher.com/
Origin: https://rbher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3dbc78fa568d7fac256a368789844ec0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YsskDheJEn1ak6Dx9340RkvoHl2ys6riJZmajBcbCwArIOmlvvTb8PloInFfI3q2HnHNRFq9u3RXLSurDkZ8qv%2FyJXXkMxTus6rY8X9zPPyZzPoiP%2B%2B%2BrqGS2Mk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8bb543066806ca48-HAM
alt-svc: h3=":443"; ma=86400

GET
H3 200 BPzrscTy-legacy.js
rbher.com/_nuxt/ 0
4 KB 177ms
173ms Other
application/javascript 172.66.47.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rbher.com/_nuxt/BPzrscTy-legacy.js

Requested by

Host: rbher.com
URL: https://rbher.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbher.com/
Origin: https://rbher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"bfe5ea7ba2970d0fabdd4a8977e845a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lcjJ4FFr7QoazJtfybIY57wqr3MnOz3zoDtaYl48BLtQoQL2zWOGD2cLE2tj%2BGDPCHhCr0kDdw%2BTS92gn5%2FDuOCLH03vPgPTFMV0mhxiinwWn%2F5gRBWMKRumN38%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8bb543066809ca48-HAM
alt-svc: h3=":443"; ma=86400

GET
H3 200 DD0pSYJd-legacy.js
rbher.com/_nuxt/ 0
2 KB 91ms
90ms Other
application/javascript 172.66.47.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rbher.com/_nuxt/DD0pSYJd-legacy.js

Requested by

Host: rbher.com
URL: https://rbher.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbher.com/
Origin: https://rbher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1876c4e1267fb2d6706106ca9dbcb6e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WEcOdSLKq5zKJa%2FWI2k57OhB2EcAXt03bCM%2Fhxioxn%2FAZXF4LonkO4MFfEDWnZwWHhDGMg9Vsg%2B%2FMWJHKYVTsEi5zw0lfkNdnTIEub6d4zePg4dFYi4MenEkJgo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8bb54306680bca48-HAM
alt-svc: h3=":443"; ma=86400

GET
H3 200 C5b_QjHL.js
rbher.com/_nuxt/ 0
4 KB 118ms
117ms Other
application/javascript 172.66.47.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rbher.com/_nuxt/C5b_QjHL.js

Requested by

Host: rbher.com
URL: https://rbher.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbher.com/
Origin: https://rbher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"540aabe8af748d667b6cab9763f4a34d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BuvtkhfhtoJCpxt%2BNtjyB9FvyEyKAd5ZaeLI%2Fc7gDFS5GuIaSksq72PdXKd0i0VpHR4K7bsh9PX6aEq%2BRmzvDzQLXZo%2BxYTqHS%2BMohwZ8rpmRwZk%2BR6t%2F43zyU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8bb54306680fca48-HAM
alt-svc: h3=":443"; ma=86400

GET
H3 200 DWobxI-j.js
rbher.com/_nuxt/ 0
2 KB 95ms
92ms Other
application/javascript 172.66.47.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rbher.com/_nuxt/DWobxI-j.js

Requested by

Host: rbher.com
URL: https://rbher.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbher.com/
Origin: https://rbher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"34846d35cd3dfea9e44e22290d02ba06"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ckS6Z%2BBASCsQhAd15wCZxhkZYvtGHs0yuwgX%2FC0RiFwXGB2JQx%2Fqrz4SyWN8kq7wTEoEbGMGtpCvmsDjqFYTM51Qgjo0tLBiUXZi%2BMDRDMexAd8izHhnGQoaAnI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8bb543066812ca48-HAM
alt-svc: h3=":443"; ma=86400

GET
H3 200 index.DokOj3jQ.css
rbher.com/_nuxt/ 494 B
743 B 81ms
80ms Stylesheet
text/css 172.66.47.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rbher.com/_nuxt/index.DokOj3jQ.css

Requested by

Host: rbher.com
URL: https://rbher.com/_nuxt/BtHI0xCd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34a3f23956c2a665cf8f8bf36d7b7dea28d04e3ceed26cdf8a3db8e56f8fb3ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbher.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"92471d573f769267c7bbed4a3016bb5e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IFxzbtO0lW6Cb33YjTSMmxx3FZRlytaKJxPEP6UVIGHFWK7YxCYdLWvXzyZN5q2mlZxvkj46aoVFLUOSpjw0nSwViBMTIntAeX3chGr0Wyid2m50YWPbRHeJas0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 8bb543064fccca48-HAM
alt-svc: h3=":443"; ma=86400

GET
H3 200 887f4503-0ed5-47a5-b896-126026bd83d7.json Show response
rbher.com/_nuxt/builds/meta/ 139 B
627 B 106ms
105ms Fetch
application/json 172.66.47.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rbher.com/_nuxt/builds/meta/887f4503-0ed5-47a5-b896-126026bd83d7.json

Requested by

Host: rbher.com
URL: https://rbher.com/_nuxt/BtHI0xCd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce8b4403b47924b027966da3bcc9c3af414c9ebe65cfdfdfe8532df6ba754e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbher.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8f242c08d00ea0a54fc46eac9928e141"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P8L6JTTi1aK%2BAZfTS3bKUY3x0ixGjxbou4RqEsQ2ey5wEMxFsBjTfa6GKuZv48ItOVVqCNae5Btff03amxPujGNI31NiNmqZRMHXGxpSUoq4Im%2FW7mJv2j9LXpo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable, public, max-age=1, immutable, public, max-age=31536000, immutable
cf-ray: 8bb54306d8a4ca48-HAM
alt-svc: h3=":443"; ma=86400

GET
H3 200 favicon.ico
rbher.com/ 4 KB
1 KB 85ms
75ms Other
image/vnd.microsoft.icon 172.66.47.197
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rbher.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.197 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbher.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"eb0ac4ca53d79290163968630addb1d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z6xlyONSzzmjl4Yj%2F%2FAs63T9SgZUQ9HV%2FHdKmtRCMb3hCcs2Pw1LosXlKNeFJCUHCH9XIFw5f1WduiJeRIYPkGvgY1oKAwyn32SaLbkwQjmNpG6%2Fw%2FADaUpbSbA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8bb54307693eca48-HAM
alt-svc: h3=":443"; ma=86400

GET
H3 200 Primary Request download Show response
5956g.com/ 15 KB
5 KB 1069ms
115ms Document
text/html 188.114.97.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5956g.com/download?&from=rbher.com

Requested by

Host: rbher.com
URL: https://rbher.com/_nuxt/BtHI0xCd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50897445d8a39e4bba8fb6f9f31ad6e2b534473d5758f50c21339aa8fa089334

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rbher.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8bb5430e2b16d2bf-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 30 Aug 2024 13:52:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B8iIki8dRVRiV9dtQmFrbfZTM%2FyP4FRiDDup0yTF%2BAJ2GXz0U%2FmOtEwk0qpHDlZcvqEwP343JuIHCLJPyRgeklEIjYtCWAekyDEJH8%2BqUe9QaHK395Nx2d2cKM4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 323ms
86ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: 5956g.com
URL: https://5956g.com/download?&from=rbher.com

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://5956g.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 298232
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lFw7puII0kKJlhG0BhDgEBBDEkvZU8HOU2LVxnyDEip6%2F6pa2LuN5PMQmH6ug4EUXKJNK3D0IH37%2Bf044RcOOi3Onmb2jqO2nmz3ChT6B6FYHxQmDlBpBJHH%2BEdaygIKNVmXeqVN"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8bb543107f49d39e-FRA
expires: Wed, 20 Aug 2025 13:52:33 GMT

GET
H3

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js
https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js

44 KB
15 KB

76ms
69ms

Script
application/javascript

104.18.95.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js
Requested by: Host: 5956g.com
URL: https://5956g.com/download?&from=rbher.com
Protocol: H3
Server: 104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7eda47b0c02c44bdaa43a5b14857f1257ddbd620b0397c32aa3ae8baf769ab55

Request headers

Referer: https://5956g.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:33 GMT
content-encoding: br
last-modified: Thu, 15 Aug 2024 16:28:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
cross-origin-resource-policy: cross-origin
cf-ray: 8bb54313e85362cb-HAM
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 30 Aug 2024 13:52:33 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-origin: *
location: /turnstile/v0/b/6790c32b9fc9/api.js
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy: cross-origin
cf-ray: 8bb54310fc0262cb-HAM
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 adAnalytics.js Show response
5956g.com/ 6 KB
3 KB 108ms
94ms Script
application/javascript 188.114.97.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5956g.com/adAnalytics.js

Requested by

Host: 5956g.com
URL: https://5956g.com/download?&from=rbher.com

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61dd0cb415332c4ed85321f32aa3abdce0bd23c5c483b51b314032f944d6489b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://5956g.com/download?&from=rbher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:33 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"784d921df3ad7ed2570271c240b7735d"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=foOy%2BwPUoKFrBlxk7t1%2FUcuCEZ2EscMzvlreWMMvjnqkh38vNTGsind6ihA%2BsH1ueyOnFfkKjf4odBzDlcXLNdnYnkStgG66KF34RNy1Qs7PohWw1x7I8XIN4ss%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 8bb5430f2e7fd2bf-FRA
access-control-allow-headers: *

GET
H3 200 index-b56Aydx7.js
5956g.com/assets/ 2 MB
0 204ms
192ms Script
text/javascript 188.114.97.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5956g.com/assets/index-b56Aydx7.js
Requested by: Host: 5956g.com
URL: https://5956g.com/download?&from=rbher.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://5956g.com/download?&from=rbher.com
Origin: https://5956g.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:34 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zuSk7EE7xqMNSsK4RbH63ZvI4EYKp1GxngO7rpegUgtnYn8bC4uWvascqs9kiMB7Ecn21OYK94mGUlFUeiAxEsRrRQrnzf31tT%2Bi54NPobOcrjNTyRcXyaqkcM8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=86400, immutable
x-from: R2
cf-ray: 8bb54313d86fd2bf-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 index-fwcrf_p2.css
5956g.com/assets/ 596 KB
0 1299ms
1297ms Stylesheet
text/css 188.114.97.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5956g.com/assets/index-fwcrf_p2.css
Requested by: Host: 5956g.com
URL: https://5956g.com/download?&from=rbher.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://5956g.com/download?&from=rbher.com
Origin: https://5956g.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:34 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uQ9OC3kad49BKth0aDjEqXsRpS4R2QMP1vZ3E19Uq3DAcnsOlhyOqJvF61pKM0x1iM5%2F0yHOA9SbZonIrgQN1HmHFAK2Hfb%2FRWzQM9DcajLbVHNI%2FdfrutQnAYM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=86400, immutable
x-from: R2
cf-ray: 8bb54313d874d2bf-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 version-polling.min.js Show response
5956g.com/ 3 KB
2 KB 78ms
76ms Script
application/javascript 188.114.97.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5956g.com/version-polling.min.js

Requested by

Host: 5956g.com
URL: https://5956g.com/download?&from=rbher.com

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9faf673113292d24752db2af256ce2cf2de78bb2c65498675ca7898f7c077b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://5956g.com/download?&from=rbher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:33 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"081083589691aeeac86514a7d9315da1"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JbEV3nwv0lEY%2FrmAlGIncjJBjQ2EaOMhvdR7hDnZ7CsZWASw4D5hUbv0BKgBtYu4I8915iVg0yPrg7Q%2FPQsiP7%2BAsE7H%2B64eDtNwOvntcSf3955tXGHB3tWmWEY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 8bb54313d876d2bf-FRA
access-control-allow-headers: *

GET
H3 200 webPushSdk.produce.min.2.1.6.js Show response
5956g.com/ 60 KB
24 KB 92ms
85ms Script
application/javascript 188.114.97.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://5956g.com/webPushSdk.produce.min.2.1.6.js

Requested by

Host: 5956g.com
URL: https://5956g.com/download?&from=rbher.com

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ee4947bae28f87f22e0f400ac7ae540d0162c4102402eaafe7d3aa6a3420c7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://5956g.com/download?&from=rbher.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:33 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"327934245e67864b87d33ada7105154e"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IRxGHwl4m7XMxmmAxlRydWXysyYRKBuOdiTLGOUUxhhlgw0Tzqx1tF9i5ykkWzGdWH6LCFvWXue9VQfyuZjSf1RMB70YbmolHTTi6NGjwjSYivGIelczEBgqbg4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-store
access-control-allow-credentials: true
cf-ray: 8bb54313e8aad2bf-FRA
access-control-allow-headers: *

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 125ms
65ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://5956g.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 13:52:35 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 134449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OBQriRuoVm6z5DXaE4nQEzWC%2FCQHcNzo53z9mYx6hnCbfuMO1lcxPmmovvAr7vgzAVKtd7vf8xRQ0M%2FZTA2QOtIGIUJKh%2FwHuh3VZLug3xBnagcRoadqa4LVjlf7GmtiCQbx74Zg"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8bb5431fe9451cc5-FRA
expires: Wed, 20 Aug 2025 13:52:35 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| isSamsungBrowser object| script object| MTpushInterface

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5956g.com
cdnjs.cloudflare.com
challenges.cloudflare.com
rbher.com
104.17.24.14
104.18.95.41
172.66.47.197
188.114.97.9
1ee4947bae28f87f22e0f400ac7ae540d0162c4102402eaafe7d3aa6a3420c7e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
34a3f23956c2a665cf8f8bf36d7b7dea28d04e3ceed26cdf8a3db8e56f8fb3ce
39568c83d5637c295d6dc1df5f44f4a796a938e5871beb922edcacb45394206a
42a6cb9337ea85c153dcae7a2d7e81d205d943e9fa4666f43ad57e514a8bcf65
50897445d8a39e4bba8fb6f9f31ad6e2b534473d5758f50c21339aa8fa089334
5b05c11a87310cfab4fa8358f2bebbc890524247f1746a718e7750afec0fd4cd
61dd0cb415332c4ed85321f32aa3abdce0bd23c5c483b51b314032f944d6489b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7eda47b0c02c44bdaa43a5b14857f1257ddbd620b0397c32aa3ae8baf769ab55
8028c7bce55c55291f2555e73af0b7b4bfdf2f3cb5f6a1124e273a432c87ea5e
9faf673113292d24752db2af256ce2cf2de78bb2c65498675ca7898f7c077b35
a4d7a6340b2ef09a3e70d4e781c5a624ba94564690daf9086c4144137e99664d
bc78fbb07fbd2647d1f570e45076a770d7a1e03ed98d2d207e82f0e9ab06a6a1
c772b811ed4169c56e35b5d07d6e4fc7137869d862b59783a7540bedfd302e13
ce8b4403b47924b027966da3bcc9c3af414c9ebe65cfdfdfe8532df6ba754e16
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6959c8da840c14b762b1ef97579964be3ee517212082a05e7f10282eb03ad6f

5956g.com Open in urlscan Pro 188.114.97.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

96 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

3 Countries

384 kBTransfer

3117 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5956g.com Open in urlscan Pro
188.114.97.9 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

96 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

384 kB
Transfer

3117 kB
Size

0
Cookies

28 HTTP transactions
0 data transactions