lofz6.fobidaa.ru Open in urlscan Pro
2606:4700:3037::ac43:cd0f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://apiservices.krxd.net/click_tracker/track?kx_event_uid=LR25EaJr&clk=https%3A%2F%2Fjuridicocoval.com%2Fnew%2Fauth%2Fsf_...
Effective URL:
https://lofz6.fobidaa.ru/Mkristina.vandam@lsa.net
Submission: On May 23 via manual (May 23rd 2023, 12:04:08 am UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3037::ac43:cd0f, located in United States and belongs to CLOUDFLARENET, US. The main domain is lofz6.fobidaa.ru.
TLS certificate: Issued by GTS CA 1P5 on May 14th 2023. Valid for: 3 months.

This is the only time lofz6.fobidaa.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
1	68.70.164.17 68.70.164.17	22458 (NETSOURCE) (NETSOURCE)
7	2606:4700:303... 2606:4700:3037::ac43:cd0f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6812:6b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	4

1 151.101.194.133 (United States) 1 redirects

ASN54113 (FASTLY, US)

apiservices.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.70.164.17 (Montgomery, United States)

ASN22458 (NETSOURCE, US)
PTR: reseller2.networksclub.net

juridicocoval.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3037::ac43:cd0f (United States)

ASN13335 (CLOUDFLARENET, US)

lofz6.fobidaa.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:6b9 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	fobidaa.ru lofz6.fobidaa.ru	220 KB
6	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 6358	222 KB
1	juridicocoval.com juridicocoval.com	253 B
1	krxd.net 1 redirects apiservices.krxd.net — Cisco Umbrella Rank: 35429	276 B
16	4

	Domain	Requested by
7	lofz6.fobidaa.ru	lofz6.fobidaa.ru
6	challenges.cloudflare.com	lofz6.fobidaa.ru challenges.cloudflare.com
1	juridicocoval.com
1	apiservices.krxd.net	1 redirects
16	4

This site contains no links.

Subject Issuer	Validity	Valid
juridicocoval.com cPanel, Inc. Certification Authority	`2023-05-18` - `2023-08-16`	3 months	crt.sh
fobidaa.ru GTS CA 1P5	`2023-05-14` - `2023-08-12`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://lofz6.fobidaa.ru/Mkristina.vandam@lsa.net
Frame ID: 437B85D4AF23EC436F436FE81112E39C
Requests: 10 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/kdmnk/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: E9E3BF02377EB2D0355F59E87B75950E
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loading...

Page Statistics

16
Requests

88 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

442 kB
Transfer

771 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://apiservices.krxd.net/click_tracker/track?kx_event_uid=LR25EaJr&clk=https%3A%2F%2Fjuridicocoval.com%2Fnew%2Fauth%2Fsf_rand_string_lowercase6%2F%2F%2F%2Fa3Jpc3RpbmEudmFuZGFtQGxzYS5uZXQ= HTTP 302
https://juridicocoval.com/new/auth/sf_rand_string_lowercase6////a3Jpc3RpbmEudmFuZGFtQGxzYS5uZXQ=

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

a3Jpc3RpbmEudmFuZGFtQGxzYS5uZXQ= Show response
juridicocoval.com/new/auth/sf_rand_string_lowercase6////
Redirect Chain

https://apiservices.krxd.net/click_tracker/track?kx_event_uid=LR25EaJr&clk=https%3A%2F%2Fjuridicocoval.com%2Fnew%2Fauth%2Fsf_rand_string_lowercase6%2F%2F%2F%2Fa3Jpc3RpbmEudmFuZGFtQGxzYS5uZXQ=
https://juridicocoval.com/new/auth/sf_rand_string_lowercase6////a3Jpc3RpbmEudmFuZGFtQGxzYS5uZXQ=

0
253 B

486ms
127ms

Document
text/html

68.70.164.17
NETSOURCE

General

Check archive.org

Show headers Download Go to

Full URL: https://juridicocoval.com/new/auth/sf_rand_string_lowercase6////a3Jpc3RpbmEudmFuZGFtQGxzYS5uZXQ=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.70.164.17 Montgomery, United States, ASN22458 (NETSOURCE, US),
Reverse DNS: reseller2.networksclub.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 May 2023 00:04:00 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
refresh: 0;url=https://lofz6.fobidaa.ru/Mkristina.vandam@lsa.net

Redirect headers

accept-ranges: bytes
age: 0
content-length: 0
date: Tue, 23 May 2023 00:04:03 GMT
location: https://juridicocoval.com/new/auth/sf_rand_string_lowercase6////a3Jpc3RpbmEudmFuZGFtQGxzYS5uZXQ=
via: 1.1 varnish (Varnish/5.2), 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: click-tracker-a008-ash-prod.krxd.net, cache-fra-eddf8230041-FRA
x-timer: S1684800244.520571,VS0,VE354

GET
H2 403 Primary Request Mkristina.vandam@lsa.net Show response
lofz6.fobidaa.ru/ 8 KB
5 KB 125ms
27ms Document
text/html 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lofz6.fobidaa.ru/Mkristina.vandam@lsa.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7cdfb8d64fc72c339989f8a3283150f91dc1044478414fd41509d9425aa23cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://juridicocoval.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 7cb90a182b95691b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Tue, 23 May 2023 00:04:04 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OlJ%2BkV%2Flqhp8sn4UYd68KeoMQyeyoR70Vx1z7LTUtQ0NOCZjA%2BFdv3YhNimNUOax8tvV8lmR9nrVr5%2BpDqo0yYFXf4cnIjgw1QrXt0QVjek8dt2tRiRCef8fT3arlynpUBka2qhjMhVYnJAN8%2BR6"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 v1 Show response
lofz6.fobidaa.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ 145 KB
52 KB 28ms
27ms Script
application/javascript 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lofz6.fobidaa.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7cb90a182b95691b
Requested by: Host: lofz6.fobidaa.ru
URL: https://lofz6.fobidaa.ru/Mkristina.vandam@lsa.net
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 424589978378431ad62b3a13359fd5443f5608329d29e2228c52be480ecf482c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lofz6.fobidaa.ru/Mkristina.vandam@lsa.net?__cf_chl_rt_tk=01NasinTWy3m.0J8YuUUE156yl9Sm5ySZUoBrrGvg3s-1684800244-0-gaNycGzNC-U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 00:04:04 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VVgN9gp%2F%2Bucu3R1kUYnAmU54dyjZx0Hus2k%2FiMtE%2BwKRjN8dee8bpi63P3X5TX20IlaxH%2BgyWbIRWeskkZ8ITj6nyqjSRvqvLQspoH432TvuqyXujS6sIEvvXk2i3xJs9c%2BctCEQEJcN3Yjva04"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 7cb90a189be7691b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 transparent.gif
lofz6.fobidaa.ru/cdn-cgi/images/trace/managed/js/ 42 B
221 B 21ms
21ms Image
image/gif 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lofz6.fobidaa.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cb90a182b95691b

Requested by

Host: lofz6.fobidaa.ru
URL: https://lofz6.fobidaa.ru/Mkristina.vandam@lsa.net?__cf_chl_rt_tk=01NasinTWy3m.0J8YuUUE156yl9Sm5ySZUoBrrGvg3s-1684800244-0-gaNycGzNC-U

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lofz6.fobidaa.ru/Mkristina.vandam@lsa.net?__cf_chl_rt_tk=01NasinTWy3m.0J8YuUUE156yl9Sm5ySZUoBrrGvg3s-1684800244-0-gaNycGzNC-U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 00:04:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 May 2023 12:46:56 GMT
server: cloudflare
etag: "64661e40-2a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 7cb90a189be9691b-FRA
content-length: 42
expires: Tue, 23 May 2023 02:04:04 GMT

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/7fe8adc8/ 15 KB
5 KB 106ms
49ms Script
application/javascript 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/7fe8adc8/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by: Host: lofz6.fobidaa.ru
URL: https://lofz6.fobidaa.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7cb90a182b95691b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51957b7f445f96a4f027db0a264c33904aaa9cd1ef944148008e41d54d4f8f0c

Request headers

Referer
Origin: https://lofz6.fobidaa.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 00:04:04 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7cb90a194fc71b9f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 b59b0e782c15204 Show response
lofz6.fobidaa.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/2138245978:1684798183:eBLIJzlBz44nT7M2HdCA34Ib_4U7Ay-BW3J2LMHilS0/7cb90a182b95691b/ 214 KB
155 KB 119ms
119ms XHR
text/plain 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lofz6.fobidaa.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/2138245978:1684798183:eBLIJzlBz44nT7M2HdCA34Ib_4U7Ay-BW3J2LMHilS0/7cb90a182b95691b/b59b0e782c15204
Requested by: Host: lofz6.fobidaa.ru
URL: https://lofz6.fobidaa.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7cb90a182b95691b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6cdfe84ca5e7cc5a704789b484ef365cdbe9f162e6295f02bbf578718cab61f

Request headers

Referer: https://lofz6.fobidaa.ru/Mkristina.vandam@lsa.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
CF-Challenge: b59b0e782c15204
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 May 2023 00:04:04 GMT
content-encoding: br
cf_chl_gen: nUdK7r4zS/XxJNV3I8OKPNQ9E+WSvhknrMtLw7WbSyY7e6Ja+EuiwAj4LY5n5Bcb+wVvyj5xU7pqtDsrSUG7NRxZGXEVBC7IPhhq4Wd94u8F2bK2eathq3Z/SCLEF/MTl9xWeIxT6Zlg8AifBYAo3mSZcwIqOrxasxTdfu27s7towuOKR40i46krQJqNv0zPyW50SbQrlObTdMs97vDBfDaSSv4hwIfcrGaakphdprEdmKBz6dQBfn8W//Zsm7eats8M/VYJS9bd80wQiHtOqn0UOkjqVTf9Btz6V0JNh3a50maSF70KxyLpOcjp8G0MmjdIg+aMsCL+UHVzFfBYb2LLRU4BUYHygPsoZIhyvTpcQe+qnZCE3qoyzuNIB/ykz0eb8U523T204pFUL2j/5vXxtEP20g5JipVYfREpG1NqiMEj1Q7pxhcVoIEDLzCgWBY6BGoyawZ3A68KNVkWjzi3mKN4M8SQGgJUc01us48=$W6XoaTAcWwWbE6tKU7n3Bg==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWY6be6moedKnsR5bARYeUrivCVovpJ0vL%2F1h82bKowt0Gma3YVL28vZSNyONuOzrnK7pcVst5XbZefyDplxD%2F6kejsYXRa%2F7GKEZLABHv5Xas%2BF%2BnFUpZ3wI7pc%2FBUqDfAEBEaDniMQdKEPYELg"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7cb90a19abe31997-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 401 xFPJMFeDREj-cPw Show response
lofz6.fobidaa.ru/cdn-cgi/challenge-platform/h/g/pat/7cb90a182b95691b/1684800244752/f9683fe002470c3d5f2e22a9bcbfed1cd224f46da515134031df8887c4138d6a/ 1 B
927 B 28ms
28ms Fetch
text/plain 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lofz6.fobidaa.ru/cdn-cgi/challenge-platform/h/g/pat/7cb90a182b95691b/1684800244752/f9683fe002470c3d5f2e22a9bcbfed1cd224f46da515134031df8887c4138d6a/xFPJMFeDREj-cPw
Requested by: Host: lofz6.fobidaa.ru
URL: https://lofz6.fobidaa.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7cb90a182b95691b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lofz6.fobidaa.ru/Mkristina.vandam@lsa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 00:04:05 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g-Wg_4AJHDD1fLiKpvL_tHNIk9G2lFRNAMd-Ih8QTjWoAEGxvZno2LmZvYmlkYWEucnU=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAySgKXvR721O-HwSCp6BF8TeuHicxXGVHXJN4EB8npTqPvHY_3JsFIv19McA1L_Hls3UzYxU0XpOgHKAk34hMPkndSXxOerIbkadB_CcGCGM3mS-MrXbJiPIuFgBG1c4mu9avO3K1PWqsKlOpNbqr3V0u4BiLmYsxv7KoBsqjvx76B8USG1V2-VBOhuDmcIwSxzaawL3Rm_dqQHqe805K_T89EWQFXwEL50CjRQCJvBgvj77mAuVESaB4GPQeDcPqKSlZ4wfa6jcuT9Va-g7stXB7YRLo2TZxdG5n_1yP6-jhXLmQ7q5ijd4DKvWX_BNTIc_g3efHdgEFkfHiizu1qwIDAQAB, max-age=20
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enqXz%2FY6Ny%2BbjyIJId3hgkTfl68YfKCk7VOk28SAa7mWuwOO8OOa%2F4S%2FREzU2MYZXr4y8MQ6GjCpQouIVNTEHzFqap4aOQFh0Oy69yv%2FVUWogoIblyENujA6O2sEgSwplobxUMJR18qeNfIjfZ0F"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7cb90a1cdeb21997-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
BLOB 200
OK 8b8f3abe-f62c-4e6c-8a83-5f607e453568
https://lofz6.fobidaa.ru/ 220 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lofz6.fobidaa.ru/8b8f3abe-f62c-4e6c-8a83-5f607e453568
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6b64601f895bed389aa525bed33990514b3ea089b51569aaf245f9479caeac8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lofz6.fobidaa.ru/Mkristina.vandam@lsa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 220
Content-Type: application/javascript

GET
H3 200 Ed9n-uLedCsAIL5
lofz6.fobidaa.ru/cdn-cgi/challenge-platform/h/g/img/7cb90a182b95691b/1684800244757/ 61 B
447 B 26ms
26ms Image
image/png 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lofz6.fobidaa.ru/cdn-cgi/challenge-platform/h/g/img/7cb90a182b95691b/1684800244757/Ed9n-uLedCsAIL5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3190658988c13c980400f6df0b4930a1108399e22965af9a2e53503e87e4e732

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lofz6.fobidaa.ru/Mkristina.vandam@lsa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 00:04:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cb90a254cdc1997-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MT8m3xsqCS4zaRczZmhyzEhBNhMuIDiomTLf7QCJOyPgWzwv52AvFihJn9rBSPM0glcpvZvVCPvSpghvTKsf6ZJdccm9BMxvNT2GU1DO50c%2FBL0XXmr9nMsxwfKgZJy8tc8cHjS70pcUWHrDJQcB"}],"group":"cf-nel","max_age":604800}
content-type: image/png

POST
H3 200 b59b0e782c15204 Show response
lofz6.fobidaa.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/2138245978:1684798183:eBLIJzlBz44nT7M2HdCA34Ib_4U7Ay-BW3J2LMHilS0/7cb90a182b95691b/ 8 KB
6 KB 48ms
45ms XHR
text/plain 2606:4700:3037::ac43:cd0f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lofz6.fobidaa.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/2138245978:1684798183:eBLIJzlBz44nT7M2HdCA34Ib_4U7Ay-BW3J2LMHilS0/7cb90a182b95691b/b59b0e782c15204
Requested by: Host: lofz6.fobidaa.ru
URL: https://lofz6.fobidaa.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7cb90a182b95691b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:cd0f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1248c739bcc19614ad232aa792b2e9d8f01fc52b0edaf3cf7218eac161fabb7

Request headers

Referer: https://lofz6.fobidaa.ru/Mkristina.vandam@lsa.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
CF-Challenge: b59b0e782c15204
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 May 2023 00:04:06 GMT
content-encoding: br
cf_chl_gen: HHa+4OflQBVVUA5CM96H1WiJgWe7VT/Ig/EwJ7Ue9a0ypuOCJumNcYelX5clE/Mv$iPFB35VEP5YOV2KYZG0YlA==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5NjB1mj605lYFNY%2BCb1qyYQqL5l9%2BLuZqMRh36G%2FYhWicvzTPPfcUmJO4jIBREw8SV8r2%2F35k%2BX75AR%2B3a5rVxFDO7sFyOQzwG9DzsNK%2FGh8Pq5G4LZqOxG1QkJb4wDLJ%2FCAfBEd623GdjzR%2FEd"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7cb90a25cd381997-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/kdmnk/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame E9E3 22 KB
7 KB 60ms
32ms Document
text/html 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/kdmnk/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/7fe8adc8/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1da076c4f821696a2a93ec22407b8009421a555c2590a1086c23cbe4bb5e87c7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7cb90a26589518d7-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Tue, 23 May 2023 00:04:06 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame E9E3 152 KB
55 KB 33ms
33ms Script
application/javascript 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7cb90a26589518d7
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/kdmnk/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a11af6cfef5f9bf1cbc7bfaf72e563c81b48a6fa116adda84a06596456b3900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/kdmnk/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 00:04:06 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7cb90a26d91b18d7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

POST
H3 200 ddb122f27963339 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1055134544:1684797981:-qO2KRMfaEkI79mw5fIwN4p_e03wxvQZaj58o4F1TLg/7cb90a26589518d7/ Frame E9E3 207 KB
154 KB 144ms
144ms XHR
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1055134544:1684797981:-qO2KRMfaEkI79mw5fIwN4p_e03wxvQZaj58o4F1TLg/7cb90a26589518d7/ddb122f27963339
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7cb90a26589518d7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d6e84e170da898fafc4c7d35431d7855c6519c3a8c2b9952e52f2f065109779

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/kdmnk/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
CF-Challenge: ddb122f27963339
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 May 2023 00:04:07 GMT
content-encoding: br
cf_chl_gen: avEwrpF9Jvaw5zRRxlWjZ+jKW+3C3G0/wtPutXNTHr1SJAS5PkytJTWN1tjdnFCMeYOWn8g1vssQDsgkzNppnWWnKVuT0Nrsey1GZVNZIDzrBHJrtJmbrGsZlPx4tVWiONqcoGraVzkiIz9Ec8T8ppPAmJlZLFqSAXh55DMcn3NBTmkOgbhqQyvFkZvuyHUx07N9wwJ+KgwKN/sb1QuSAIzizKpnwbj6EBcsMoVlWVjh6s3euUXwlU00vCiTpeZ89bESmafFv5ZhbSojWfMCvds+OCHIjRfwsGYgEvlKn9maHHwkx6QmPJTU52SCGhczgfs4g5YbJyIQtCSwi8MuJyBWK1e2D8qIvHv29qdoSiuO3suYpxVOeSlZxEP64a1hJfYg4PE40Rb1AexrimfgA1d/+ew+IEvIwLK7pwH+Zt2F5MHWp5pp/rooNX9XW+hx$UCl6tJ89PWD9l2qUT7eUqg==
server: cloudflare
cf-ray: 7cb90a282a0518d7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
BLOB 200
OK 9ef2aef0-3316-4bcd-81c4-93482f821f74
https://challenges.cloudflare.com/ Frame E9E3 539 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/9ef2aef0-3316-4bcd-81c4-93482f821f74
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08c91791d18c8b35509f8951ba53b3868ebc91a142f78fb1294aadad03f537c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/kdmnk/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 539
Content-Type: text/javascript

GET
H3 200 JSmeOe5nirEYypx
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7cb90a26589518d7/1684800247076/ Frame E9E3 61 B
166 B 28ms
27ms Image
image/png 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7cb90a26589518d7/1684800247076/JSmeOe5nirEYypx
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f1df25826d16cbf65ef6b2ba0bdf1936d5e363b6e856a742050dc78105a4340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/kdmnk/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 00:04:07 GMT
server: cloudflare
cf-ray: 7cb90a2b4c5e18d7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/png

GET
H3 401 g3zT3Zm-8VsKPXL Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7cb90a26589518d7/1684800247079/0e8850464ecb97fc1308de8a953aedbce7a70edabc129ecbf68d1883f89bd795/ Frame E9E3 1 B
648 B 30ms
29ms Fetch
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7cb90a26589518d7/1684800247079/0e8850464ecb97fc1308de8a953aedbce7a70edabc129ecbf68d1883f89bd795/g3zT3Zm-8VsKPXL
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7cb90a26589518d7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/kdmnk/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 23 May 2023 00:04:07 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gDohQRk7Ll_wTCN6KlTrtvOenDtq8Ep7L9o0Yg_ib15UAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAySgKXvR721O-HwSCp6BF8TeuHicxXGVHXJN4EB8npTqPvHY_3JsFIv19McA1L_Hls3UzYxU0XpOgHKAk34hMPkndSXxOerIbkadB_CcGCGM3mS-MrXbJiPIuFgBG1c4mu9avO3K1PWqsKlOpNbqr3V0u4BiLmYsxv7KoBsqjvx76B8USG1V2-VBOhuDmcIwSxzaawL3Rm_dqQHqe805K_T89EWQFXwEL50CjRQCJvBgvj77mAuVESaB4GPQeDcPqKSlZ4wfa6jcuT9Va-g7stXB7YRLo2TZxdG5n_1yP6-jhXLmQ7q5ijd4DKvWX_BNTIc_g3efHdgEFkfHiizu1qwIDAQAB, max-age=20
server: cloudflare
cf-ray: 7cb90a2b9c9518d7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://lofz6.fobidaa.ru/Mkristina.vandam@lsa.net Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://lofz6.fobidaa.ru/cdn-cgi/challenge-platform/h/g/pat/7cb90a182b95691b/1684800244752/f9683fe002470c3d5f2e22a9bcbfed1cd224f46da515134031df8887c4138d6a/xFPJMFeDREj-cPw Message: Failed to load resource: the server responded with a status of 401 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7cb90a26589518d7/1684800247079/0e8850464ecb97fc1308de8a953aedbce7a70edabc129ecbf68d1883f89bd795/g3zT3Zm-8VsKPXL Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apiservices.krxd.net
challenges.cloudflare.com
juridicocoval.com
lofz6.fobidaa.ru
151.101.194.133
2606:4700:3037::ac43:cd0f
2606:4700::6812:6b9
68.70.164.17
08c91791d18c8b35509f8951ba53b3868ebc91a142f78fb1294aadad03f537c8
0a11af6cfef5f9bf1cbc7bfaf72e563c81b48a6fa116adda84a06596456b3900
1da076c4f821696a2a93ec22407b8009421a555c2590a1086c23cbe4bb5e87c7
1f1df25826d16cbf65ef6b2ba0bdf1936d5e363b6e856a742050dc78105a4340
3190658988c13c980400f6df0b4930a1108399e22965af9a2e53503e87e4e732
424589978378431ad62b3a13359fd5443f5608329d29e2228c52be480ecf482c
51957b7f445f96a4f027db0a264c33904aaa9cd1ef944148008e41d54d4f8f0c
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7d6e84e170da898fafc4c7d35431d7855c6519c3a8c2b9952e52f2f065109779
a7cdfb8d64fc72c339989f8a3283150f91dc1044478414fd41509d9425aa23cb
b6cdfe84ca5e7cc5a704789b484ef365cdbe9f162e6295f02bbf578718cab61f
c1248c739bcc19614ad232aa792b2e9d8f01fc52b0edaf3cf7218eac161fabb7
d6b64601f895bed389aa525bed33990514b3ea089b51569aaf245f9479caeac8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

lofz6.fobidaa.ru Open in urlscan Pro 2606:4700:3037::ac43:cd0f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

16 Requests

88 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

442 kBTransfer

771 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

0 Cookies

5 Console Messages

Indicators

lofz6.fobidaa.ru Open in urlscan Pro
2606:4700:3037::ac43:cd0f Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

88 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

442 kB
Transfer

771 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions