umitw.fobidaa.ru Open in urlscan Pro
2606:4700:3031::6815:2542 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pinpoint-insights.com/interx/tracker?op=click&id=1bcf8.e84f&url=http://fms.usdollarz.sa.com/herbalife.com/eW9sYW5NvbQ==
Effective URL:
https://umitw.fobidaa.ru/MeW9sYW5NvbQ==
Submission: On May 24 via manual (May 24th 2023, 3:17:16 pm UTC) from PL — Scanned from SG

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3031::6815:2542, located in United States and belongs to CLOUDFLARENET, US. The main domain is umitw.fobidaa.ru.
TLS certificate: Issued by GTS CA 1P5 on May 14th 2023. Valid for: 3 months.

This is the only time umitw.fobidaa.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.76.146.112 52.76.146.112	16509 (AMAZON-02) (AMAZON-02)
1	172.111.230.78 172.111.230.78	9009 (M247) (M247)
4	2606:4700:303... 2606:4700:3031::6815:2542	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6812:7b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	4

1 52.76.146.112 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: pinpoint-insights.com

pinpoint-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.111.230.78 (New York, United States)

ASN9009 (M247, RO)

fms.usdollarz.sa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3031::6815:2542 (United States)

ASN13335 (CLOUDFLARENET, US)

umitw.fobidaa.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:7b9 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 6358	211 KB
4	fobidaa.ru umitw.fobidaa.ru	68 KB
1	sa.com fms.usdollarz.sa.com	243 B
1	pinpoint-insights.com 1 redirects pinpoint-insights.com	426 B
13	4

	Domain	Requested by
7	challenges.cloudflare.com	umitw.fobidaa.ru challenges.cloudflare.com
4	umitw.fobidaa.ru	umitw.fobidaa.ru
1	fms.usdollarz.sa.com
1	pinpoint-insights.com	1 redirects
13	4

This site contains no links.

Subject Issuer	Validity	Valid
fobidaa.ru GTS CA 1P5	`2023-05-14` - `2023-08-12`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://umitw.fobidaa.ru/MeW9sYW5NvbQ==
Frame ID: 33B72A45F12F6F29B0B09EC28A44F2E8
Requests: 6 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/1jzj7/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 3AA2BB9CD6A4EC86F429F5F571C19045
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loading...

Page Statistics

13
Requests

85 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

280 kB
Transfer

551 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://pinpoint-insights.com/interx/tracker?op=click&id=1bcf8.e84f&url=http://fms.usdollarz.sa.com/herbalife.com/eW9sYW5NvbQ== HTTP 302
http://fms.usdollarz.sa.com/herbalife.com/eW9sYW5NvbQ==

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

eW9sYW5NvbQ== Show response
fms.usdollarz.sa.com/herbalife.com/
Redirect Chain

https://pinpoint-insights.com/interx/tracker?op=click&id=1bcf8.e84f&url=http://fms.usdollarz.sa.com/herbalife.com/eW9sYW5NvbQ==
http://fms.usdollarz.sa.com/herbalife.com/eW9sYW5NvbQ==

0
243 B

2087ms
337ms

Document
text/html

172.111.230.78
M247

General

Check archive.org

Show headers Download Go to

Full URL: http://fms.usdollarz.sa.com/herbalife.com/eW9sYW5NvbQ==
Protocol: HTTP/1.1
Server: 172.111.230.78 New York, United States, ASN9009 (M247, RO),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Wed, 24 May 2023 15:17:11 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
refresh: 0;url=https://umitw.fobidaa.ru/MeW9sYW5NvbQ==

Redirect headers

Cache-Control: private
Content-Length: 0
Date: Wed, 24 May 2023 15:17:09 GMT
Expires: Thu, 01 Jan 1970 07:30:00 MYT
Location: http://fms.usdollarz.sa.com/herbalife.com/eW9sYW5NvbQ==
Server: Apache-Coyote/1.1
Strict-Transport-Security: max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H2 403 Primary Request MeW9sYW5NvbQ== Show response
umitw.fobidaa.ru/ 8 KB
5 KB 353ms
23ms Document
text/html 2606:4700:3031::6815:2542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://umitw.fobidaa.ru/MeW9sYW5NvbQ==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:2542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

372486d60a974a977656376e15da5d797aa2ace57a791ef012bdeb3ee573297e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://fms.usdollarz.sa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 7cc6810fff6aa11c-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Wed, 24 May 2023 15:17:12 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CamMnjxDH9hNKQwADAIyCvKYh2XGHYv%2Ft8f2nskIJAorPzWH9N7FGFjGfjJA6BdwdpSgRkMJJb7t%2B1r1H%2FGjuZifs8vVuxpkc918l6RM8HVeJWpl%2BE3ts8qS7ngcke2ZmZ1QXdueSnMR7W8FZY5M"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 v1 Show response
umitw.fobidaa.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ 155 KB
57 KB 15ms
14ms Script
application/javascript 2606:4700:3031::6815:2542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://umitw.fobidaa.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cc6810fff6aa11c
Requested by: Host: umitw.fobidaa.ru
URL: https://umitw.fobidaa.ru/MeW9sYW5NvbQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:2542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 580597d3b76d831b42b8bd3d4a097bae7d6bbee9be0a28e509da048546436311

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://umitw.fobidaa.ru/MeW9sYW5NvbQ==?__cf_chl_rt_tk=1dREf7MzEBFgtnqI7ifSFkHhuUImNIcYDSVvB0Uq3zM-1684941432-0-gaNycGzNC7s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 15:17:12 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EA1I27gMq2DqUSSboLKd1IUs1OazQrUj6lW0hsuP0A6ehcFoYVROp7qmlFaNNc5ChqLNy6FxQVISTD48xWs8vayCBKAhUEllIPUwbKE8slvW4v%2F3HM0Q%2F%2BXp6668dl%2BKmQuATZg9Evj8wHX7blbw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 7cc681106fb8a11c-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 transparent.gif
umitw.fobidaa.ru/cdn-cgi/images/trace/managed/js/ 42 B
220 B 11ms
11ms Image
image/gif 2606:4700:3031::6815:2542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://umitw.fobidaa.ru/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7cc6810fff6aa11c

Requested by

Host: umitw.fobidaa.ru
URL: https://umitw.fobidaa.ru/MeW9sYW5NvbQ==?__cf_chl_rt_tk=1dREf7MzEBFgtnqI7ifSFkHhuUImNIcYDSVvB0Uq3zM-1684941432-0-gaNycGzNC7s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:2542 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://umitw.fobidaa.ru/MeW9sYW5NvbQ==?__cf_chl_rt_tk=1dREf7MzEBFgtnqI7ifSFkHhuUImNIcYDSVvB0Uq3zM-1684941432-0-gaNycGzNC7s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 15:17:12 GMT
x-content-type-options: nosniff
last-modified: Fri, 19 May 2023 14:44:50 GMT
server: cloudflare
etag: "64678b62-2a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 7cc681106fbaa11c-SIN
content-length: 42
expires: Wed, 24 May 2023 17:17:12 GMT

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/938e2b5c/ 15 KB
5 KB 41ms
22ms Script
application/javascript 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by: Host: umitw.fobidaa.ru
URL: https://umitw.fobidaa.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cc6810fff6aa11c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e1e45b1d429b2d703676139932fe97b7ffc7986e6d0221653a7404e4c3032f0

Request headers

Referer
Origin: https://umitw.fobidaa.ru
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 15:17:12 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7cc68110bf2f87a8-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 ef6dcf087e51ff2 Show response
umitw.fobidaa.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1824671561:1684937267:IAlpmKY9QSOxq2qYGNN0AB2PFUEz1iq90zs2_y2xPNc/7cc6810fff6aa11c/ 7 KB
6 KB 32ms
31ms XHR
text/plain 2606:4700:3031::6815:2542
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://umitw.fobidaa.ru/cdn-cgi/challenge-platform/h/b/flow/ov1/1824671561:1684937267:IAlpmKY9QSOxq2qYGNN0AB2PFUEz1iq90zs2_y2xPNc/7cc6810fff6aa11c/ef6dcf087e51ff2
Requested by: Host: umitw.fobidaa.ru
URL: https://umitw.fobidaa.ru/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7cc6810fff6aa11c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:2542 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16d746df40b6d301fa4a0fa671c0587340d27fd363afea62b28692bd0fa68ab9

Request headers

Referer: https://umitw.fobidaa.ru/MeW9sYW5NvbQ==
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
CF-Challenge: ef6dcf087e51ff2
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 24 May 2023 15:17:12 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=howKv04SZtYr4yLNhBHysi5l3aC1Kl3ibYtbN0PWxZjJPaJIVEGsedRBuYk4vwlwvLR5S0DsYxcephkkAEMgUhPxmFJYkQcW8Oz18F%2Fd1MuuT0kP6rTZRTBa3M%2FnseXhwGS1yqBgVLpyyEvtdLyK"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7cc681114c5744a8-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-chl-gen: i2SgaGI53Nn5nxTCQ6MYZmJzYb7DuNnYCOoEmvA58M/LmU5KAFwOoFAibrhS14qo$0WVSyUrf7RJJ8QvrZkngQQ==

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/1jzj7/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 3AA2 24 KB
8 KB 27ms
17ms Document
text/html 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/1jzj7/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/938e2b5c/api.js?onload=_cf_chl_turnstile_l&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee9439ffd336138fe315de07f7b525c255f98724b511ab45c50730344b9abc47

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7cc68111abd44091-SIN
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 24 May 2023 15:17:12 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 3AA2 151 KB
55 KB 12ms
12ms Script
application/javascript 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cc68111abd44091
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/1jzj7/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b6539349bbe8d69e54edf5d01a4223cfd1333c59d0817abbd0b9003419bbea9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/1jzj7/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 15:17:12 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7cc68111fc204091-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

POST
H3 200 8015008051bd3ca Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/207379756:1684937316:98LQeabWQGPKWMXhcem1wwPO8sCWaB3d_5W_byIsl98/7cc68111abd44091/ Frame 3AA2 177 KB
133 KB 96ms
96ms XHR
text/plain 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/207379756:1684937316:98LQeabWQGPKWMXhcem1wwPO8sCWaB3d_5W_byIsl98/7cc68111abd44091/8015008051bd3ca
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cc68111abd44091
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0520ff24c555ca0276b9d9dfa5375e866c63728798120b5c80db2559e2650fb2

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/1jzj7/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
CF-Challenge: 8015008051bd3ca
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: pElR0jaIosu/YEO1KnSWLKFW27ScS2auFd8dq2IosZynFIKVGSdIwp13jMfWTh8QSWuCH3Qa0bK7cffk5AYnGKB6UcS7C+30k99NOJE0PIBfgqgQeV3D/UOFdIBGbYkqt+/j+65vPVKX7u/B2X9mwDeE+0P5uZjbHpu5kyiFUbAYpeW2krQZHgW106Fk97JhI4pB58hE9VLFRycgu+d3Vfo/HHybxC2DPC51NoGzmMjeJUOZ+0J4yQWHSB2Sf8TXa1jV6kMVSAj1TcWWTvdSfUWtUMxwmlCtC5oVokRqJMyPGl7Siu56YHZ1+oCrDQal9CcTXBSYaxPS6+g60Mnc/w3m7+Tl2f6RRLTeeVOP73OkGt6wSfSs+7EGio7ds/1OnXZnLtY/QZJIPRdF+Kf7/4nYOVIUJGqwmlOPvQn0Go5xYJw+o9p5wqLYEkQQFuzE$hNKNSbNg3LD6SQdJwidgXQ==
date: Wed, 24 May 2023 15:17:12 GMT
content-encoding: br
server: cloudflare
cf-ray: 7cc68112dd3b4091-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 usE_1wYvRdYg1sW
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7cc68111abd44091/1684941432790/ Frame 3AA2 61 B
166 B 12ms
12ms Image
image/png 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7cc68111abd44091/1684941432790/usE_1wYvRdYg1sW
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 024dd9a1a23d31a90d1eedfa0fab51387cbf5e71bb83af3ec6390e02d7f04bad

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/1jzj7/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 15:17:13 GMT
server: cloudflare
cf-ray: 7cc68119fcfe4091-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/png

GET
BLOB 200
OK f2e380c9-2c37-49fe-b078-166a9bb48969
https://challenges.cloudflare.com/ Frame 3AA2 220 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/f2e380c9-2c37-49fe-b078-166a9bb48969
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6b64601f895bed389aa525bed33990514b3ea089b51569aaf245f9479caeac8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/1jzj7/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length: 220
Content-Type: application/javascript

GET
H3 401 XX1bqZhCh5o-bqO Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7cc68111abd44091/1684941432792/33b51bf6e9cc33da278ca6389a7e90a227d9635f0eb754200cc374ac7db47065/ Frame 3AA2 1 B
645 B 15ms
14ms Fetch
text/plain 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7cc68111abd44091/1684941432792/33b51bf6e9cc33da278ca6389a7e90a227d9635f0eb754200cc374ac7db47065/XX1bqZhCh5o-bqO
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cc68111abd44091
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/1jzj7/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 15:17:14 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gM7Ub9unMM9onjKY4mn6QoifZY18Ot1QgDMN0rH20cGUAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArTdvs2-VOeG1gRYSu6le9W8rphJ9hC05duH2SoyJxZcID7eB4pDegSJtNqv3OQbpK4Q95bHTqsH89BCAXLJI-Vt7ySrpRthX6rEPu-Vj7WesutfG-4HKj1HyDTGqAY6a7ewvPAO1MgMa2r1_gzOPEXZzJhEKT6UdIT2kff2r_Ykjw0jlNmXk5cDvIskrZ85GVfUW-rn9g1PLXw9OFhNDD6DD2EiFfNdypws_NYvMuOAHcmAxJlEJcf3CR8kfcZax5XW2G8thhT80V0huiKzfxYVtQL5b4HVbTcNvo9O7UCIklef8agJz95n7nyDUn68MLaxbYGJ0kAASzeN5eEb55QIDAQAB, max-age=20
server: cloudflare
cf-ray: 7cc6811c6fd94091-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

POST
H3 200 8015008051bd3ca Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/207379756:1684937316:98LQeabWQGPKWMXhcem1wwPO8sCWaB3d_5W_byIsl98/7cc68111abd44091/ Frame 3AA2 13 KB
10 KB 32ms
31ms XHR
text/plain 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/207379756:1684937316:98LQeabWQGPKWMXhcem1wwPO8sCWaB3d_5W_byIsl98/7cc68111abd44091/8015008051bd3ca
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7cc68111abd44091
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 529dde7133bb5f750454038dafefcb55463cadf22a80403a1b109e7a7d449d20

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/1jzj7/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
CF-Challenge: 8015008051bd3ca
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: 9sYOS/NoryK4PqRYbhyD6MirywJSpPRr1eLtJhl6fsZ781mplAX/LcyUYyy9iWu8$Svd9g29issHzaIiFI98Tbg==
date: Wed, 24 May 2023 15:17:14 GMT
content-encoding: br
server: cloudflare
cf-ray: 7cc6811efaa24091-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			pinpoint-insights.com/interx/	1969-12-31 23:59:59	Name: JSESSIONID Value: BC61177AD123D571EF2FB448E28065BF

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://umitw.fobidaa.ru/MeW9sYW5NvbQ== Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7cc68111abd44091/1684941432792/33b51bf6e9cc33da278ca6389a7e90a227d9635f0eb754200cc374ac7db47065/XX1bqZhCh5o-bqO Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
fms.usdollarz.sa.com
pinpoint-insights.com
umitw.fobidaa.ru
172.111.230.78
2606:4700:3031::6815:2542
2606:4700::6812:7b9
52.76.146.112
024dd9a1a23d31a90d1eedfa0fab51387cbf5e71bb83af3ec6390e02d7f04bad
0520ff24c555ca0276b9d9dfa5375e866c63728798120b5c80db2559e2650fb2
16d746df40b6d301fa4a0fa671c0587340d27fd363afea62b28692bd0fa68ab9
2e1e45b1d429b2d703676139932fe97b7ffc7986e6d0221653a7404e4c3032f0
372486d60a974a977656376e15da5d797aa2ace57a791ef012bdeb3ee573297e
3b6539349bbe8d69e54edf5d01a4223cfd1333c59d0817abbd0b9003419bbea9
529dde7133bb5f750454038dafefcb55463cadf22a80403a1b109e7a7d449d20
580597d3b76d831b42b8bd3d4a097bae7d6bbee9be0a28e509da048546436311
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
d6b64601f895bed389aa525bed33990514b3ea089b51569aaf245f9479caeac8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee9439ffd336138fe315de07f7b525c255f98724b511ab45c50730344b9abc47
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

umitw.fobidaa.ru Open in urlscan Pro 2606:4700:3031::6815:2542 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

13 Requests

85 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

280 kBTransfer

551 kBSize

1 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

1 Cookies

4 Console Messages

Indicators

umitw.fobidaa.ru Open in urlscan Pro
2606:4700:3031::6815:2542 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

85 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

280 kB
Transfer

551 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions