urlscan.io logo urlscan.io
SecurityTrails logo

sugarurl.com Open in urlscan Pro
2606:4700:3030::6815:22bb  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://data.banjarbarukota.go.id/data/?bounce=koitoto
Effective URL: https://sugarurl.com/gassboss
Submission: On October 20 via manual — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3030::6815:22bb, located in United States and belongs to CLOUDFLARENET, US. The main domain is sugarurl.com.
TLS certificate: Issued by WE1 on September 11th 2024. Valid for: 3 months.
This is the only time sugarurl.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 103.146.105.9 139948 (IDNIC-DIS...)
2 2620:0:890::100 54113 (FASTLY)
1 2a06:98c1:58::eb 13335 (CLOUDFLAR...)
1 1 162.0.235.245 22612 (NAMECHEAP...)
1 10 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
16 5
1    103.146.105.9 (Indonesia)

ASN139948 (IDNIC-DISKOMINFO-BANJARBARU-AS-ID Dinas Komunikasi dan Informatika Kota Banjarbaru, ID)
data.banjarbarukota.go.id
2    2620:0:890::100 (United States)

ASN54113 (FASTLY, US)
redirect98078.web.app
1    2a06:98c1:58::eb (United States)

ASN13335 (CLOUDFLARENET, US)
pub-071ea67114a54cc3a1d68875afee380f.r2.dev
1    162.0.235.245 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium160-5.web-hosting.com
mrtampan.lol
10    2606:4700:3030::6815:22bb (United States)

ASN13335 (CLOUDFLARENET, US)
sugarurl.com
2    2606:4700::6812:5f29 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
10 sugarurl.com
sugarurl.com
116 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3443
16 KB
2 web.app
redirect98078.web.app
2 KB
1 mrtampan.lol
mrtampan.lol
220 B
1 r2.dev
pub-071ea67114a54cc3a1d68875afee380f.r2.dev
365 KB
1 banjarbarukota.go.id
data.banjarbarukota.go.id
233 B
16 6
Domain Requested by
10 sugarurl.com 1 redirects sugarurl.com
2 challenges.cloudflare.com sugarurl.com
challenges.cloudflare.com
2 redirect98078.web.app
1 mrtampan.lol 1 redirects
1 pub-071ea67114a54cc3a1d68875afee380f.r2.dev redirect98078.web.app
1 data.banjarbarukota.go.id 1 redirects
16 6

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
web.app
WR4		 2024-09-25 -
2024-12-24		 3 months crt.sh
*.r2.dev
E5		 2024-09-29 -
2024-12-28		 3 months crt.sh
sugarurl.com
WE1		 2024-09-11 -
2024-12-10		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://sugarurl.com/gassboss
Frame ID: 2A486D1AED02A5FE30A020B1BA6F02E8
Requests: 13 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/o5fc3/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: F4905DD8F6847BF402006D019B71ACEE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://data.banjarbarukota.go.id/data/?bounce=koitoto HTTP 301
    https://redirect98078.web.app/?bounce=koitoto Page URL
  2. https://mrtampan.lol/ HTTP 302
    https://sugarurl.com/gassboss Page URL
  3. https://sugarurl.com/cdn-cgi/phish-bypass?atok=xKPn.FGw83ZFu2Lq8BifsuGidQ35zRjPO_E1alym78s-172938... HTTP 301
    https://sugarurl.com/gassboss Page URL

Page Statistics

16
Requests

88 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

499 kB
Transfer

657 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://data.banjarbarukota.go.id/data/?bounce=koitoto HTTP 301
    https://redirect98078.web.app/?bounce=koitoto Page URL
  2. https://mrtampan.lol/ HTTP 302
    https://sugarurl.com/gassboss Page URL
  3. https://sugarurl.com/cdn-cgi/phish-bypass?atok=xKPn.FGw83ZFu2Lq8BifsuGidQ35zRjPO_E1alym78s-1729384585-0.0.1.1-%2Fgassboss HTTP 301
    https://sugarurl.com/gassboss Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://data.banjarbarukota.go.id/data/?bounce=koitoto HTTP 301
  • https://redirect98078.web.app/?bounce=koitoto
Request Chain 3
  • https://mrtampan.lol/ HTTP 302
  • https://sugarurl.com/gassboss

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
redirect98078.web.app/
Redirect Chain
  • https://data.banjarbarukota.go.id/data/?bounce=koitoto
  • https://redirect98078.web.app/?bounce=koitoto
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect98078.web.app/?bounce=koitoto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
667024a58be9dbc38a0d2af8329a611693a6c3bd2f5871186b9bd8ab00ebb277
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
868
content-type
text/html; charset=utf-8
date
Sun, 20 Oct 2024 00:36:24 GMT
etag
"32b3e8665a85aee1faec82d5813e29243739ecc2c6ff9202a27a9894f1675e70-br"
last-modified
Thu, 03 Oct 2024 21:36:53 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
0
x-served-by
cache-lga21991-LGA
x-timer
S1729384584.059960,VS0,VE9

Redirect headers

Connection
keep-alive
Content-Length
253
Content-Type
text/html; charset=iso-8859-1
Date
Sun, 20 Oct 2024 00:36:23 GMT
Location
https://redirect98078.web.app/?bounce=koitoto
Server
nginx
joker-removebg-preview.png
pub-071ea67114a54cc3a1d68875afee380f.r2.dev/ 		365 KB
365 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-071ea67114a54cc3a1d68875afee380f.r2.dev/joker-removebg-preview.png
Requested by
Host: redirect98078.web.app
URL: https://redirect98078.web.app/?bounce=koitoto
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:58::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbffb29748ab8c2e2745bf9263fd2a1696aab3c1854b841b6ce6068f0b06cec5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://redirect98078.web.app/

Response headers

ETag
"9bb2af761e490d0c5292ea618cb92221"
Connection
keep-alive
CF-RAY
8d54eef2cff242e3-EWR
Accept-Ranges
bytes
Content-Length
373764
Date
Sun, 20 Oct 2024 00:36:24 GMT
Content-Type
image/png
Last-Modified
Sat, 06 Jul 2024 05:50:26 GMT
Vary
Accept-Encoding
Server
cloudflare
favicon.ico
redirect98078.web.app/ 		2 KB
967 B 		Other
General
Check archive.org
Download Go to
Full URL
https://redirect98078.web.app/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b77b97fe780d35d18248abd1d2f42f444afbabe43f6abcd8fa8ebb3d47825eee
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://redirect98078.web.app/?bounce=koitoto

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=3600
content-encoding
gzip
etag
"762bf484ba67404bd1a3b181546ea28d60dfddf18e9dd4795d8d25bcf3c1a890"
x-timer
S1729384585.507348,VS0,VE1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
content-length
852
date
Sun, 20 Oct 2024 00:36:24 GMT
content-type
text/html; charset=utf-8
last-modified
Thu, 03 Oct 2024 21:36:53 GMT
x-served-by
cache-lga21991-LGA
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
gassboss
sugarurl.com/
Redirect Chain
  • https://mrtampan.lol/
  • https://sugarurl.com/gassboss
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sugarurl.com/gassboss
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:22bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926c9c78db494f0630a3f00f87654b8ea0956211ae9d595c0efe8131c04828bc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://redirect98078.web.app/?bounce=koitoto
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-ray
8d54eefe3d648c1b-EWR
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 20 Oct 2024 00:36:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zQ8KC9GtR6%2F3F4%2Bn17%2BUm%2F56MP3rQilit%2BXIehReNdqbUgQHSoFMQ1XD5OVgXLQiWcirUSq%2FUtg5A%2BtEUhjA72nqY5ij%2FTJa9sLQAxOtVAopRBwQ2ul8LLTUiiAwaqdlrHZCAudYYdPr84k%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 20 Oct 2024 00:36:25 GMT
location
https://sugarurl.com/gassboss
server
LiteSpeed
x-powered-by
PHP/8.0.30
x-turbo-charged-by
LiteSpeed
cf.errors.css
sugarurl.com/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sugarurl.com/cdn-cgi/styles/cf.errors.css
Requested by
Host: sugarurl.com
URL: https://sugarurl.com/gassboss
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:22bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://sugarurl.com/gassboss

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
content-encoding
gzip
etag
W/"670fb473-5df3"
x-content-type-options
nosniff
cf-ray
8d54eefe7daf8c1b-EWR
expires
Sun, 20 Oct 2024 02:36:25 GMT
date
Sun, 20 Oct 2024 00:36:26 GMT
content-type
text/css
last-modified
Wed, 16 Oct 2024 12:41:23 GMT
server
cloudflare
x-frame-options
DENY
icon-exclamation.png
sugarurl.com/cdn-cgi/images/ 		452 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sugarurl.com/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: sugarurl.com
URL: https://sugarurl.com/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:22bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://sugarurl.com/cdn-cgi/styles/cf.errors.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"670fb473-1c4"
x-content-type-options
nosniff
cf-ray
8d54eefeadd68c1b-EWR
expires
Sun, 20 Oct 2024 02:36:26 GMT
accept-ranges
bytes
content-length
452
date
Sun, 20 Oct 2024 00:36:26 GMT
content-type
image/png
last-modified
Wed, 16 Oct 2024 12:41:23 GMT
server
cloudflare
x-frame-options
DENY
favicon.ico
sugarurl.com/ 		9 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sugarurl.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:22bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d548b1807aba8eb72f19d12e7ddc5afe76e545cea727f8d82b89e76dfa5c4c8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://sugarurl.com/gassboss

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=agdDQrXncTzzpXBSGiqgOBOqFHqMlElHKvFC5Cr%2FR5sY5TqreauxvOijqnNY%2Ft%2FgU6cfUAV0Fc8xQ128Ic1bl2EnnOc0%2F99mycHQ8qYBQt5flelSPTwcOuJdCKQE3dX9LeG3t55KrIqW2E4%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8369&sent=22&recv=15&lost=0&retrans=0&sent_bytes=11978&recv_bytes=5576&delivery_rate=45648&cwnd=12000&unsent_bytes=0&cid=dfea88167ce25d54&ts=108&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options
nosniff
date
Sun, 20 Oct 2024 00:36:26 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
lx1ZJmCY14pfxq4AvljGUddu4tpqJ+SWJbM/kS7eHIe7o30at8pN82ZhAlQF5ijiIs6OrSt475IMQBsa9GstiQ03HRqNwvWgGKeEPPWioW1Y8roM1SIA6ebX8vBrtyzipq0tp1Ef040Z0AXRCbMRXw==$oBH5m1pH24MFYSChbauH8A==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d54eefebdec8c1b-EWR
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
Primary Request gassboss
sugarurl.com/
Redirect Chain
  • https://sugarurl.com/cdn-cgi/phish-bypass?atok=xKPn.FGw83ZFu2Lq8BifsuGidQ35zRjPO_E1alym78s-1729384585-0.0.1.1-%2Fgassboss
  • https://sugarurl.com/gassboss
9 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sugarurl.com/gassboss
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:22bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a8b4241b25fdef4fc018d57e5e3b1416c9f1fb8214ebdfdd5420372f54b978e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://sugarurl.com/gassboss
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
E4wpMjjmPaF1b/n3Ayk8bc1NcASQTzqWMDpqTc/mdHdipXd5Db9/qhn9YMaEH8oZbj9ik47GsoQW8t1u/yN14PHmDdPOh3DlWgIMs5/aU0qGxIdFCREqCzeXIKzndczD0mphNyxKtILOVFyP1qYrpg==$iKH/iUSZQFafYgS142nUCA==
cf-mitigated
challenge
cf-ray
8d54ef08f86c8c1b-EWR
content-encoding
zstd
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sun, 20 Oct 2024 00:36:27 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VGoEfIe5aVcktPd4qTdNVKLDNwWDPlwJqb3JTPeVBbmpJGUPMTowssh7kBNwVkkLTfTj384OLsPd7%2By8N8NRDDf9mrsmjoZU%2Bn3eSguK8BEhnvJo5635XXIRNvmNDgD7bJ0QJDmPadwE9Zg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=9012&sent=34&recv=22&lost=0&retrans=0&sent_bytes=21015&recv_bytes=6738&delivery_rate=39882&cwnd=12000&unsent_bytes=0&cid=dfea88167ce25d54&ts=1747&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

cache-control
private, no-cache
cf-ray
8d54ef08e8508c1b-EWR
content-length
167
content-type
text/html
date
Sun, 20 Oct 2024 00:36:27 GMT
location
https://sugarurl.com/gassboss
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
v1
sugarurl.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		159 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sugarurl.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d54ef08f86c8c1b
Requested by
Host: sugarurl.com
URL: https://sugarurl.com/gassboss
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:22bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4ba24c1b4bf5e73bed80537b860f428aa6c27313aca7c69fb0124df3932f897

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://sugarurl.com/gassboss?__cf_chl_rt_tk=2FIi1fz.Mp7bSflYgp4xmpSo0JKDtarArXa4k3jvZtc-1729384587-1.0.1.1-oWom.9t93JMGi5gCiN9O4EcpB9rXZ6IjhZiKhGVnomg

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iv9lGBqmLDKd1ryj7vFB6eEis84VMz9q%2Fb0CyxpllLTTHNkYMqxcN6HdQ2t2Z7dLJ4x%2BSmZdcl5lU79wlYCkZzAi6dVRCmMnMmip0RUCJaryvRON61WsoPn3U34HUPF%2F%2BVRMVho9hrchUWo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d54ef0948c68c1b-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8859&sent=43&recv=28&lost=0&retrans=0&sent_bytes=29732&recv_bytes=7424&delivery_rate=474676&cwnd=12000&unsent_bytes=0&cid=dfea88167ce25d54&ts=1798&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 00:36:27 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
priority
u=3,i=?0
b2fadd39-72fd-4ebc-9896-89716e28f4bc
https://sugarurl.com/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/api.js?onload=DXjyL6&render=explicit
Requested by
Host: sugarurl.com
URL: https://sugarurl.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d54ef08f86c8c1b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea786910282df7ae154a0011375cd1254adbd8ef0e75eb62177ada67daf9611

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://sugarurl.com
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8d54ef09cd3d421b-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sun, 20 Oct 2024 00:36:27 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Oct 2024 14:19:56 GMT
server
cloudflare
vary
Accept-Encoding
favicon.ico
sugarurl.com/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sugarurl.com/favicon.ico
Requested by
Host: sugarurl.com
URL: https://sugarurl.com/gassboss
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:22bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88fbde9d91beb96af94ae4dda08fe1abf9d77e599b19038bdf3b1d7e66dcf430
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://sugarurl.com/gassboss

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XBSTe02z6Orpj5OFWMCioOc5Bq9EmkXpSI0crZOdeLnwWg3Cj3UVO7F4F3LLx88dnCBqBn5n4IJeZhVAPKCCcSz8RPElNFKgkQfgTK3ryiwnIKw%2FPLfJHL8OUJKZV8YGk7cIWEBsj57NCIo%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8963&sent=101&recv=57&lost=0&retrans=0&sent_bytes=94024&recv_bytes=9051&delivery_rate=3397215&cwnd=45600&unsent_bytes=0&cid=dfea88167ce25d54&ts=1879&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options
nosniff
date
Sun, 20 Oct 2024 00:36:27 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
aO7kiGmV8RJQMl2ioH6eUD6YLFeocXpOkRK7dnaj+IV3s30bLSNA8tQhGhPGXKPP0Ky3iQwLV//5O625cwSPW+tY39HmEK7Y1EZI8hdukEhL06RxJmcXhVGTHUAcPjw+lShXw1HCFo77l5L3lllegg==$57oeKC1IJ/urZ7OhAAuthg==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d54ef09c93e8c1b-EWR
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
favicon.ico
sugarurl.com/ 		9 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sugarurl.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:22bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6edd87b5ffddde9915e62a84653dd4ff44f505af1b069cd5e7ce4bf46a321bc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://sugarurl.com/gassboss

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KGf1GLjdSnMw41qyABYHCR%2F3OueFfVAqOrTnWFWn%2F98puRR8Q5%2BolNzpz5DRkSySRBCgADroWQUoW9OhzVO6y0877eWGc3dYolFaiwq%2F%2BWfljd54HqYWaHFhuOgExY6f3pEtQmuc%2BXKooyQ%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=9034&sent=110&recv=61&lost=0&retrans=0&sent_bytes=102683&recv_bytes=9596&delivery_rate=606880&cwnd=45600&unsent_bytes=0&cid=dfea88167ce25d54&ts=1916&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options
nosniff
date
Sun, 20 Oct 2024 00:36:27 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
viIAP7pVcga/IdPxDD5jHm9waOJJR/T9tJDebKXkf6Zj9szWSf/XHRODsGhJ2guIDYZKpmUBtHUzdjgjdKgMeC4oKG5zwoSlTcsJfBHH34d2CRft0lsHdlA420YaAJOZceqzktZDDfnuVaoq6ilSLA==$Noy0pcMhtH+vZQN8HEVXdw==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d54ef0a09708c1b-EWR
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
d9b0d18f671a5b9
sugarurl.com/cdn-cgi/challenge-platform/h/b/flow/ov1/508246428:1729380854:XftFk-qYWtZ8R4uGCaibaUjztXa8qLttJECqh2q75ko/8d54ef08f86c8c1b/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sugarurl.com/cdn-cgi/challenge-platform/h/b/flow/ov1/508246428:1729380854:XftFk-qYWtZ8R4uGCaibaUjztXa8qLttJECqh2q75ko/8d54ef08f86c8c1b/d9b0d18f671a5b9
Requested by
Host: sugarurl.com
URL: https://sugarurl.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d54ef08f86c8c1b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:22bb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53c23b3e924d7a0448762742bb51bcc86d2479a7a9017ca8132b341689e6f96

Request headers

Referer
https://sugarurl.com/gassboss
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
d9b0d18f671a5b9

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6yot2ZPC4p5HGSA%2BWmee0mMR376eypymed7BI98oRuywdG%2F6N8kJbuVz0sR1WuawK19Zj%2BhOnkCd6gQoFTe7plucmqn5NCe4JgzS%2FqkX9GB9RzIfqgxVgtdPqI9WL55d%2FHR8tItoQzxPVz4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d54ef0a89d18c1b-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8919&sent=121&recv=66&lost=0&retrans=0&sent_bytes=111396&recv_bytes=12319&delivery_rate=538767&cwnd=45600&unsent_bytes=0&cid=dfea88167ce25d54&ts=2010&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 00:36:27 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
cn7meid1BVZYcMTbS6zGQO3CCPVew0AAoLpA9Z+qtkPk+wTOl0PM9MLsXQkWj/JvTpTaZmv0tw==$ZE11mBCKzy5KJuvX
server
cloudflare
priority
u=1,i
a8d9a844-786c-447d-8c18-7867ff990671
https://sugarurl.com/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/o5fc3/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame F490 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/o5fc3/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/api.js?onload=DXjyL6&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8d54ef0b3f3d432e-EWR
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sun, 20 Oct 2024 00:36:28 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sugarurl.com
URL
blob:https://sugarurl.com/b2fadd39-72fd-4ebc-9896-89716e28f4bc
Domain
sugarurl.com
URL
blob:https://sugarurl.com/a8d9a844-786c-447d-8c18-7867ff990671

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| VBYM6 function| brdWQ0 function| DXjyL6 boolean| Pjghl3 function| jXVRZ7 function| HFmwV6 function| iHCC5 object| dSJo7 object| lajwG7 function| ZcHV6 object| PZKL0 number| BuTN0 object| angular object| FnNf4 object| turnstile boolean| qVQK0 string| FUWvI4 boolean| YGymh1

1 Cookies

Domain/Path Name / Value
.sugarurl.com/ Name: __cf_mw_byp
Value: xKPn.FGw83ZFu2Lq8BifsuGidQ35zRjPO_E1alym78s-1729384585-0.0.1.1-/gassboss

6 Console Messages

Source Level URL
Text
network error URL: https://redirect98078.web.app/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sugarurl.com/gassboss
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sugarurl.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sugarurl.com/gassboss
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sugarurl.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sugarurl.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload