rrvdsdvt.clmma67.buzz Open in urlscan Pro
2606:4700:3033::6815:45da Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rrvdsdvt.clmma67.buzz/
Submission Tags: 0xscam
Submission: On October 18 via api (October 18th 2024, 4:07:10 pm UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3033::6815:45da, located in United States and belongs to CLOUDFLARENET, US. The main domain is rrvdsdvt.clmma67.buzz.
TLS certificate: Issued by WE1 on September 26th 2024. Valid for: 3 months.

This is the only time rrvdsdvt.clmma67.buzz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	2606:4700:303... 2606:4700:3033::6815:45da	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
12	4

9 2606:4700:3033::6815:45da (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rrvdsdvt.clmma67.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

tong.8888888888.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	clmma67.buzz 1 redirects rrvdsdvt.clmma67.buzz	109 KB
2	8888888888.bid tong.8888888888.bid	23 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3643
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	100 KB
12	4

	Domain	Requested by
9	rrvdsdvt.clmma67.buzz	1 redirects rrvdsdvt.clmma67.buzz
2	tong.8888888888.bid	rrvdsdvt.clmma67.buzz tong.8888888888.bid
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	rrvdsdvt.clmma67.buzz
12	4

This site contains links to these domains. Also see Links.

Domain
xn--tfro9na7882a.cc
clmmm.cc
xn--tfro9na7882a.com
www.landh.ltd
www.zavdh.cc
www.mimi2023.com
xhydh1.com
www.ymxdh.top
xn--ebrph11n8t4b.rimans.cc
caoyise.cc

Subject Issuer	Validity	Valid
clmma67.buzz WE1	`2024-09-26` - `2024-12-25`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
8888888888.bid WE1	`2024-10-12` - `2025-01-10`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://rrvdsdvt.clmma67.buzz/
Frame ID: E90DA15C5A9C57BB1138DAD8A502E706
Requests: 10 HTTP requests in this frame

Frame: https://rrvdsdvt.clmma67.buzz/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js
Frame ID: 190DC0808C45FD60A5CDAE58BC56D118
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

磁力妹妹- 磁力妹妹.com 找磁力链接就上磁力妹妹

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

12
Requests

92 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

231 kB
Transfer

562 kB
Size

6
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://xn--tfro9na7882a.cc/
Title: 磁力妹妹.cc

Search URL Search Domain Scan URL

URL: https://clmmm.cc/
Title: clmmm.cc

Search URL Search Domain Scan URL

URL: https://xn--tfro9na7882a.com/
Title: 磁力妹妹.com

Search URL Search Domain Scan URL

URL: https://www.landh.ltd/
Title: 蓝导航

Search URL Search Domain Scan URL

URL: https://www.zavdh.cc/
Title: 找AV导航

Search URL Search Domain Scan URL

URL: https://www.mimi2023.com/link
Title: 秘密入口

Search URL Search Domain Scan URL

URL: https://xhydh1.com/tsiHn/
Title: 小黄鸭导航

Search URL Search Domain Scan URL

URL: https://www.ymxdh.top/
Title: 亚马性导航

Search URL Search Domain Scan URL

URL: https://xn--ebrph11n8t4b.rimans.cc/%E7%BB%93%E5%9F%8E%E6%98%8E%E6%97%A5%E5%A5%88.html
Title: 爱妞bibi导航

Search URL Search Domain Scan URL

URL: https://caoyise.cc/fabu
Title: 草一色导航

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://rrvdsdvt.clmma67.buzz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://rrvdsdvt.clmma67.buzz/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
rrvdsdvt.clmma67.buzz/ 7 KB
4 KB 1167ms
839ms Document
text/html 2606:4700:3033::6815:45da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rrvdsdvt.clmma67.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:45da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 734a138257a3f58ff340d80f1362eae5a390cdefb44cf88b38796bd7623369a6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=43200 no-cache
cf-cache-status: DYNAMIC
cf-ray: 8d49c775681b7378-NRT
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Fri, 18 Oct 2024 16:07:03 GMT
expires: Sat, 19 Oct 2024 04:07:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s1xwUgg6eDG9AjWMpF84275g70NNYOhWt8imcbocQnomsJkHuUdaZiU4RSLM00X5uu%2BNVYX2z6zOc2UIfWXVPwYladO%2BZWc%2BA0wNEOzto4Mp8C7I3HrsvmbgewHFRNiMCNiH2RDKes60J5xrjNGDfI%2BIRZQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfExtPri
vary: Accept-Encoding
x-cache: MISS

GET
H3 200 amazeui.custom.min.css
rrvdsdvt.clmma67.buzz/static/ 104 KB
21 KB 1191ms
1191ms Stylesheet
text/css 2606:4700:3033::6815:45da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rrvdsdvt.clmma67.buzz/static/amazeui.custom.min.css
Requested by: Host: rrvdsdvt.clmma67.buzz
URL: https://rrvdsdvt.clmma67.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:45da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0adde470eda205bcc99cff571f9eae5b899ef4c283dc6c7e4cf6ce4d40b71c73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rrvdsdvt.clmma67.buzz/

Response headers

content-encoding: gzip
cf-cache-status: BYPASS
etag: W/"1728658008.0-106676-1013714808"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bpTCzfmNeq%2FLkAXq9%2BpLARxKC6N2l0%2Fdgj50ZfnW0SAKlxdqLrCP4PfzO55EfDuEAwzVHvdpaA%2B6%2BN0m4YjKxUjfeFtJZUpEhFVgexfYhdKFpJFgH5s3bOhFRxK1AfAEzcJbwnc8VH9bjGwbXPcm0gfD0zc%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 19 Oct 2024 04:07:04 GMT
alt-svc: h3=":443"; ma=86400
x-cache: MISS
server-timing: cfExtPri
date: Fri, 18 Oct 2024 16:07:05 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 11 Oct 2024 14:46:48 GMT
cache-control: max-age=43200, no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d49c77cae2e7378-NRT
server: cloudflare

GET
H3 200 app.css
rrvdsdvt.clmma67.buzz/static/ 17 KB
5 KB 872ms
872ms Stylesheet
text/css 2606:4700:3033::6815:45da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rrvdsdvt.clmma67.buzz/static/app.css
Requested by: Host: rrvdsdvt.clmma67.buzz
URL: https://rrvdsdvt.clmma67.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:45da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b79043a6cb3675362ee6dd70f6321c05f813e89c283f90a8da2e71ecdda78f36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rrvdsdvt.clmma67.buzz/

Response headers

content-encoding: gzip
cf-cache-status: BYPASS
etag: W/"1728658008.0-17566-2081884562"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=buzasZ%2FmXq8yk5YeCDNGYUmZwRjK0yLiaPlqtYS3ExN3yOC1R8zvCr4zNQTKcqBi%2BPlaQcv%2B6yuBhK3tmE2qyJj4Hip4a9jXCigdSHRWPJDMZTzkd0aLIQ4aRR3JOcm%2F3T5nYt7ShDjbRZEj5rDfahxFh3A%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 19 Oct 2024 04:07:04 GMT
alt-svc: h3=":443"; ma=86400
x-cache: MISS
server-timing: cfExtPri
date: Fri, 18 Oct 2024 16:07:05 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 11 Oct 2024 14:46:48 GMT
cache-control: max-age=43200, no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d49c77cae2f7378-NRT
server: cloudflare

GET
H3 200 email-decode.min.js Show response
rrvdsdvt.clmma67.buzz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 286ms
285ms Script
application/javascript 2606:4700:3033::6815:45da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rrvdsdvt.clmma67.buzz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: rrvdsdvt.clmma67.buzz
URL: https://rrvdsdvt.clmma67.buzz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:45da , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rrvdsdvt.clmma67.buzz/

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"670fb52b-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zOriLJHl8YftUizmDrKKHyE08ZRLE7V2%2BP5XqMlKVJ%2FZJ%2F2yaTQI6chdLOGd3RHNSjM%2FvIReqq%2FWjIZnng7kC%2B0vA5hm3zbbJs6F9%2BDSQHtQ%2FyhHiswII3CLVV0obJQdJYlDzcixsUmQMTCgfH1aLKlms8o%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8d49c77cae307378-NRT
expires: Sun, 20 Oct 2024 16:07:04 GMT
server-timing: cfExtPri
date: Fri, 18 Oct 2024 16:07:04 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 12:44:27 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 289 KB
100 KB 94ms
46ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PWHB71CMGB

Requested by

Host: rrvdsdvt.clmma67.buzz
URL: https://rrvdsdvt.clmma67.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a84503b2634bc44c7918ba8e7799678516c4ebcee8cd7e32d727d6ed495501f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rrvdsdvt.clmma67.buzz/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 18 Oct 2024 16:07:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 16:07:04 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 101429
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 matomo.js Show response
tong.8888888888.bid/ 64 KB
23 KB 418ms
33ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tong.8888888888.bid/matomo.js

Requested by

Host: rrvdsdvt.clmma67.buzz
URL: https://rrvdsdvt.clmma67.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78c25da6082dd620e0fe7f12d7ef6e3c6015304575d9ced465b4e84e15a7d82a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rrvdsdvt.clmma67.buzz/

Response headers

content-encoding: zstd
cf-bgj: minify
etag: W/"65759cf5-10132"
age: 20531
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jn4%2FCi67MJqBaCIS20Eg5tSNUDp%2FQAnPp6WXi%2Fy%2B1S8JXhoMr6TNkHH62fXLLYdeArsgcHV%2BfQhLlyrcfqe2dPskZ%2FgRqKGMkbj6D4EbEKARFJlJsG2Onc2iHuPME8SUcDQuO5yJQHtJ6AI7YnjiCPn0"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Oct 2024 22:24:55 GMT
cf-polished: origSize=65842
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:07:06 GMT
content-type: application/javascript
last-modified: Sun, 10 Dec 2023 11:11:49 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d49c7893b2b2be0-FRA
server: cloudflare

GET
H3 200 fontawesome-webfont.woff2
rrvdsdvt.clmma67.buzz/static/ 70 KB
71 KB 1134ms
1134ms Font
application/octet-stream 2606:4700:3033::6815:45da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rrvdsdvt.clmma67.buzz/static/fontawesome-webfont.woff2
Requested by: Host: rrvdsdvt.clmma67.buzz
URL: https://rrvdsdvt.clmma67.buzz/static/app.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:45da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://rrvdsdvt.clmma67.buzz
Referer: https://rrvdsdvt.clmma67.buzz/static/app.css

Response headers

cf-cache-status: BYPASS
etag: "1728658008.0-71896-1899368630"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=letTM5l3EPDLXA%2FoQ2WpLNPAh%2F0q3ANIIhKR8gMBVZjAZjjg8KgVi31tZTgjz%2FnyvRZwfYcmUCISPT1D5%2F%2FekWSqTtuOTALdUa9GfcDiw701o7w27uvB5wMh8Kr%2BCBsF05VxGowySg7UePtxPLTlTp%2FT3nU%3D"}],"group":"cf-nel","max_age":604800}
expires: Sat, 19 Oct 2024 04:07:06 GMT
alt-svc: h3=":443"; ma=86400
x-cache: MISS
server-timing: cfExtPri
date: Fri, 18 Oct 2024 16:07:07 GMT
content-type: application/octet-stream
last-modified: Fri, 11 Oct 2024 14:46:48 GMT
vary: Accept-Encoding
cache-control: max-age=43200, no-cache
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d49c7888f997378-NRT
accept-ranges: bytes
content-length: 71896
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 126ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PWHB71CMGB&gtm=45je4ah0v882427550za200&_p=1729267626040&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685&cid=1013051282.1729267626&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729267626&sct=1&seg=0&dl=https%3A%2F%2Frrvdsdvt.clmma67.buzz%2F&dt=%E7%A3%81%E5%8A%9B%E5%A6%B9%E5%A6%B9-%20%E7%A3%81%E5%8A%9B%E5%A6%B9%E5%A6%B9.com%20%E6%89%BE%E7%A3%81%E5%8A%9B%E9%93%BE%E6%8E%A5%E5%B0%B1%E4%B8%8A%E7%A3%81%E5%8A%9B%E5%A6%B9%E5%A6%B9&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3496
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PWHB71CMGB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rrvdsdvt.clmma67.buzz/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://rrvdsdvt.clmma67.buzz
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 16:07:06 GMT
content-type: text/plain
server: Golfe2

GET
H3

200

main.js Show response
rrvdsdvt.clmma67.buzz/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/ Frame 190D
Redirect Chain

https://rrvdsdvt.clmma67.buzz/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://rrvdsdvt.clmma67.buzz/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?

8 KB
4 KB

301ms
301ms

Script
application/javascript

2606:4700:3033::6815:45da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rrvdsdvt.clmma67.buzz/cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?

Requested by

Host: rrvdsdvt.clmma67.buzz
URL: https://rrvdsdvt.clmma67.buzz/

Protocol

Server

2606:4700:3033::6815:45da , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78137a60c5dc2eb4708dd2b8b019ec3a87ada7cdb06887fb603c1b289fe6af05

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AnCC9Q4CkoMzwIsfQRFY3v8osIJmFWuv6h%2FD92jSX7yB0RqquGb%2BHM9FauJuNHrFfPMeK1KUbZrIWPLQNvCZsq9O1pOfyndLNIC2QXjKQk3kIwxzLSunEynht2MvGTKff17NmX%2BVyj%2Fd%2B4to6A79QRkTHmI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8d49c78b19c97378-NRT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 18 Oct 2024 16:07:06 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/62ec4f065604/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5nihcJgil7wnqxoF3%2FPLFPRuEuT6idjUq9bgvEup09DNsnkTwrcZzm9lBCTOyTlIuh4Tam%2BPfdOxdVE0aTS9ZHpGOE2dcp0TgD5do%2BnzkdaLI6suSO%2Fq%2FGNp0hG%2ByG2LwV9QyAjwJAmnvMiUd20XG2xe7Eo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d49c78938267378-NRT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfExtPri
date: Fri, 18 Oct 2024 16:07:06 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 204 matomo.php
tong.8888888888.bid/ 0
318 B 138ms
137ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tong.8888888888.bid/matomo.php?action_name=%E7%A3%81%E5%8A%9B%E5%A6%B9%E5%A6%B9-%20%E7%A3%81%E5%8A%9B%E5%A6%B9%E5%A6%B9.com%20%E6%89%BE%E7%A3%81%E5%8A%9B%E9%93%BE%E6%8E%A5%E5%B0%B1%E4%B8%8A%E7%A3%81%E5%8A%9B%E5%A6%B9%E5%A6%B9&idsite=40&rec=1&r=006158&h=18&m=7&s=6&url=https%3A%2F%2Frrvdsdvt.clmma67.buzz%2F&_id=6603c7c98bd8a145&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=QHyiS4&pf_net=329&pf_srv=837&pf_tfr=323&pf_dm1=2325&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D

Requested by

Host: tong.8888888888.bid
URL: https://tong.8888888888.bid/matomo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Referer: https://rrvdsdvt.clmma67.buzz/

Response headers

strict-transport-security: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nW4HVDPTe6C0tGqdK8te499EbtRxYXJ1VtMFVA%2FIlFoKyAbTYujoHzkKbNgvl8tFK%2BbcaI8nCRRhlEyyS5jG1ihlY0A9zmUcHe8AqhRcpxUPxSIBEoJ8o2oCuClz2PsbigTTt1LZ6Jg1k3UdA%2BKPsWkk"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d49c7898b892be0-FRA
access-control-allow-origin: https://rrvdsdvt.clmma67.buzz
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:07:06 GMT
server: cloudflare

POST
H3 200 8d49c775681b7378 Show response
rrvdsdvt.clmma67.buzz/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 190D 0
980 B 1951ms
1930ms XHR
text/plain 2606:4700:3033::6815:45da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rrvdsdvt.clmma67.buzz/cdn-cgi/challenge-platform/h/b/jsd/r/8d49c775681b7378
Requested by: Host: rrvdsdvt.clmma67.buzz
URL: https://rrvdsdvt.clmma67.buzz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:45da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JEooSeJU4tdT0CW%2B0KVo61lwqo2YG9Oe%2B7XXk3pAL7Mxv00ooncPdgoRreiEO4CcY0WlbK7pmW%2BorDDNyX8dvnL2ZdzUUAn01huvsTpHfO3hYD%2FnD6H6MvFxo47u69iacSe4fUZZTNBTBlf3%2F%2BW%2BFclrQLQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d49c78e1c5a7378-NRT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 0
date: Fri, 18 Oct 2024 16:07:07 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H3 404 favicon.ico
rrvdsdvt.clmma67.buzz/ 632 B
1 KB 798ms
798ms Other
text/html 2606:4700:3033::6815:45da
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rrvdsdvt.clmma67.buzz/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:45da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1fab4bd31a9b8877ce9353f39d5faef144831d7d67f896ca70df4468583d021

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://rrvdsdvt.clmma67.buzz/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uJ2ABI%2FinzNEm2hzpiYiFgzmZTT8BTrgsUO%2FKPw0z0iiKrO0bopFpI2EUCLtGajOl6%2Bph4UlMUIM4Fsz5Z9j7dwnpVZqLvlANL3vDq5Z5C18iryzL%2FYviI5Ol%2FiD7KlFJu%2FMsK5eWM4zuw4lvB0qjE1eS1Q%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d49c79a5ea67378-NRT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 18 Oct 2024 16:07:09 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: cloudflare

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.clmma67.buzz/	1970-01-21 09:57:07	Name: _ga Value: GA1.1.1013051282.1729267626
.clmma67.buzz/	1970-01-21 09:57:07	Name: _ga_PWHB71CMGB Value: GS1.1.1729267626.1.0.1729267626.0.0.0
rrvdsdvt.clmma67.buzz/	1970-01-21 09:47:02	Name: _pk_id.40.fe8b Value: 6603c7c98bd8a145.1729267626.
rrvdsdvt.clmma67.buzz/	1970-01-21 00:21:09	Name: _pk_ses.40.fe8b Value: 1
.clmma67.buzz/	1970-01-21 09:06:43	Name: cf_clearance Value: 9zLsDEOSkmkl.EDcGCbrDol9rTvZs5SPbPqI0zm70Lo-1729267627-1.2.1.1-O8rw_jbE3t2m1J5vSXyhuzevsToy5mtJnwfgXUzS78rS0ime_vW_5ke8Mfc8XkdoEIQLHu9aXFlrdd0zpMYsY9EAKVHTq4bbR9kKv0ZxIvbZzwJQ.N9Umq5..5y11yqB_NHnfhVgeAOsyuYMkc4K48e.Tyh7xxewURB_85I6SQVBHjb1_K0LRvzvu2XBzNzIr3aZ8IMCf9BJ0gbBuXE_fi5DFB9NaFpv8zIrLnhLJvJJk9kwzajHHiG6VnqQLJtnaFwmYWrFUnwCdj5Wn7l7rm3YWcLLyOxrqRx3r4fdiLLdUWUy6T70ily20KsNDtm_tUEg2d__8TwyO4KhET_E4dswJjJR19cRcN8h_oq7JCQmb7Qi.sXgjRiFLH7i4lmN
rrvdsdvt.clmma67.buzz/	1970-01-21 00:21:11	Name: session Value: eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjp7IiBiIjoiWmpKak5EYzVNekF5Tm1KbU9EWXhaVGRsTXpWbU9XSTVaak16WVdFek4yWXlZbVV4WXpJM05BPT0ifX0.ZxKHqQ.OLBENuu2S2yNa4z7xiCEg9LUOlo

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rrvdsdvt.clmma67.buzz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

region1.google-analytics.com
rrvdsdvt.clmma67.buzz
tong.8888888888.bid
www.googletagmanager.com
2001:4860:4802:34::36
2606:4700:3033::6815:45da
2a00:1450:4001:82f::2008
2a06:98c1:3121::3
0adde470eda205bcc99cff571f9eae5b899ef4c283dc6c7e4cf6ce4d40b71c73
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
734a138257a3f58ff340d80f1362eae5a390cdefb44cf88b38796bd7623369a6
78137a60c5dc2eb4708dd2b8b019ec3a87ada7cdb06887fb603c1b289fe6af05
78c25da6082dd620e0fe7f12d7ef6e3c6015304575d9ced465b4e84e15a7d82a
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
a84503b2634bc44c7918ba8e7799678516c4ebcee8cd7e32d727d6ed495501f7
b79043a6cb3675362ee6dd70f6321c05f813e89c283f90a8da2e71ecdda78f36
c1fab4bd31a9b8877ce9353f39d5faef144831d7d67f896ca70df4468583d021
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

rrvdsdvt.clmma67.buzz Open in urlscan Pro 2606:4700:3033::6815:45da Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

92 %HTTPS

100 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

231 kBTransfer

562 kBSize

6 Cookies

10 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

6 Cookies

1 Console Messages

Indicators

rrvdsdvt.clmma67.buzz Open in urlscan Pro
2606:4700:3033::6815:45da Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

231 kB
Transfer

562 kB
Size

6
Cookies

12 HTTP transactions
0 data transactions