cupjwpfgv.cfd - urlscan.io

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 5 HTTP transactions. The main IP is 2606:4700:3035::6815:a9c, located in United States and belongs to CLOUDFLARENET, US. The main domain is cupjwpfgv.cfd.
TLS certificate: Issued by WE1 on October 17th 2024. Valid for: 3 months.

This is the only time cupjwpfgv.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3035::6815:a9c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
5	3

1 2606:4700:3035::6815:a9c (United States)

ASN13335 (CLOUDFLARENET, US)

cupjwpfgv.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 412	33 KB
1	cupjwpfgv.cfd cupjwpfgv.cfd	5 KB
5	2

	Domain	Requested by
1	ajax.googleapis.com	cupjwpfgv.cfd
1	cupjwpfgv.cfd	cupjwpfgv.cfd
5	2

This site contains no links.

Subject Issuer	Validity	Valid
cupjwpfgv.cfd WE1	`2024-10-17` - `2025-01-15`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cupjwpfgv.cfd/6pXHdp7C?sub_id_5=1ffridp2vuj2l&creative_id=672319&ad_campaign_id=59214&source=1-30251&sub_id_1=rr&sub_id_2=34&sub_id_3=23&sub_id_4=art254&sub_id_9=&sub_id_13=cc_34_rr-art254-0-10-high_59214_0_672319&sub_id_11=posts-zakon-priniali-biez-shuma-i-iedinoghlasno-golikova-oboznachila-razmier-piensii&sub_id_12=vstk-main-live
Frame ID: E6818B5CD36CD5D2899BE7CA500FAC84
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

4 вопроса 2 минуты

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

5
Requests

40 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

38 kB
Transfer

105 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request 6pXHdp7C Show response
cupjwpfgv.cfd/ 13 KB
5 KB 481ms
327ms Document
text/html 2606:4700:3035::6815:a9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cupjwpfgv.cfd/6pXHdp7C?sub_id_5=1ffridp2vuj2l&creative_id=672319&ad_campaign_id=59214&source=1-30251&sub_id_1=rr&sub_id_2=34&sub_id_3=23&sub_id_4=art254&sub_id_9=&sub_id_13=cc_34_rr-art254-0-10-high_59214_0_672319&sub_id_11=posts-zakon-priniali-biez-shuma-i-iedinoghlasno-golikova-oboznachila-razmier-piensii&sub_id_12=vstk-main-live
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f3a1dc96e8ed6fad6867f56377c489c65f600cf16e4de076f24214c891057ad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8d82db0d99ce5b4a-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 25 Oct 2024 14:21:54 GMT
expires: Fri, 25 Oct 2024 14:21:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ftgsEFrWd916dNq16e8OSsAsKqLGCmo9SdxFktQ%2BGM6ozaRuDPoUSNZ9dnmb%2BrIe9S4Eys%2B6UJcY%2F3kcKSSs2X5EPpjKAgMEf2QgvJ0IT10Pb3s3LBUoXTUr2hlYqv2y7KKVXh7pHGIKy0FV"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=6971&sent=16&recv=8&lost=0&retrans=8&sent_bytes=5687&recv_bytes=4571&delivery_rate=256120&cwnd=12000&unsent_bytes=0&cid=44b7b199c37f8506&ts=434&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
33 KB 338ms
8ms Script
text/javascript 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: cupjwpfgv.cfd
URL: https://cupjwpfgv.cfd/6pXHdp7C?sub_id_5=1ffridp2vuj2l&creative_id=672319&ad_campaign_id=59214&source=1-30251&sub_id_1=rr&sub_id_2=34&sub_id_3=23&sub_id_4=art254&sub_id_9=&sub_id_13=cc_34_rr-art254-0-10-high_59214_0_672319&sub_id_11=posts-zakon-priniali-biez-shuma-i-iedinoghlasno-golikova-oboznachila-razmier-piensii&sub_id_12=vstk-main-live

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cupjwpfgv.cfd/

Response headers

content-encoding: gzip
age: 250181
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 16:52:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 16:52:13 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33333
x-xss-protection: 0
server: sffe

GET style.css
cupjwpfgv.cfd/8uibp45k6oyd0l4ec646/quiz-gazprom-100-let-ussr_1718199211/ 0
0

GET logo.png
cupjwpfgv.cfd/8uibp45k6oyd0l4ec646/quiz-gazprom-100-let-ussr_1718199211/public/img/ 0
0

GET bundle.js
cupjwpfgv.cfd/8uibp45k6oyd0l4ec646/quiz-gazprom-100-let-ussr_1718199211/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cupjwpfgv.cfd
URL: https://cupjwpfgv.cfd/8uibp45k6oyd0l4ec646/quiz-gazprom-100-let-ussr_1718199211/style.css

Domain: cupjwpfgv.cfd
URL: https://cupjwpfgv.cfd/8uibp45k6oyd0l4ec646/quiz-gazprom-100-let-ussr_1718199211/public/img/logo.png

Domain: cupjwpfgv.cfd
URL: https://cupjwpfgv.cfd/8uibp45k6oyd0l4ec646/quiz-gazprom-100-let-ussr_1718199211/bundle.js

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cupjwpfgv.cfd/	1970-01-21 01:15:44	Name: _subid Value: 3p0694630447c
cupjwpfgv.cfd/	1970-01-21 00:32:32	Name: 12783 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQwMVwiOjE3Mjk4NjYxMTR9LFwiY2FtcGFpZ25zXCI6e1wiMjc3XCI6MTcyOTg2NjExNH0sXCJ0aW1lXCI6MTcyOTg2NjExNH0ifQ.6BPK7Pfsmop-hk1nbT1ehojLynN660nQdsI0QnKfAiI
cupjwpfgv.cfd/	1970-01-21 00:32:32	Name: 83dc8a8ds277 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoiNDAxIn0.k9i2f9SUujAuTZqbxA2CvVcevCUgBsQrgSCkHZpgPGk
cupjwpfgv.cfd/	1970-01-21 00:32:32	Name: 83dc8a8ds277ip Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoiXCIyMDAxOmFjODoyMDozZDAwOjEwMTI6YmI4YzpiMGM3OjllN2NcIiJ9.MDq4dEW4z8taRcdAbgxKMKvWzQbLNLzyKSsze_Y40hU
cupjwpfgv.cfd/	1970-01-21 01:15:44	Name: _token Value: uuid_3p0694630447c_3p0694630447c671ba9824a2401.37581385

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cupjwpfgv.cfd
cupjwpfgv.cfd
142.250.186.42
2606:4700:3035::6815:a9c
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
9f3a1dc96e8ed6fad6867f56377c489c65f600cf16e4de076f24214c891057ad

cupjwpfgv.cfd Open in urlscan Pro 2606:4700:3035::6815:a9c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

5 Requests

40 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

38 kBTransfer

105 kBSize

5 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

5 Cookies

Indicators

cupjwpfgv.cfd Open in urlscan Pro
2606:4700:3035::6815:a9c Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

40 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

38 kB
Transfer

105 kB
Size

5
Cookies

5 HTTP transactions
0 data transactions