pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev Open in urlscan Pro
2606:4700::6812:323 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/index.html
Submission: On August 15 via api (August 15th 2023, 12:03:33 am UTC) from JP — Scanned from JP

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 18 HTTP transactions. The main IP is 2606:4700::6812:323, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev.
TLS certificate: Issued by E1 on August 13th 2023. Valid for: 3 months.

This is the only time pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700::68... 2606:4700::6812:323	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
1 3	2606:4700::68... 2606:4700::6811:3b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:303... 2606:4700:3035::6815:366e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:247... 2606:2800:247:8f3c:39fe:2753:7a35:e3da	15133 (EDGECAST) (EDGECAST)
1	2620:1ec:bdf::46 2620:1ec:bdf::46	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:1ec:46::46 2620:1ec:46::46	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
18	8

1 2606:4700::6812:323 (United States)

ASN13335 (CLOUDFLARENET, US)

pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:3b8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3035::6815:366e (United States)

ASN13335 (CLOUDFLARENET, US)

codecrafters.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:247:8f3c:39fe:2753:7a35:e3da (United States)

ASN15133 (EDGECAST, US)

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::46 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

logincdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::46 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	codecrafters.su codecrafters.su	17 KB
3	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 6372	10 KB
2	msauth.net logincdn.msauth.net — Cisco Umbrella Rank: 3754 aadcdn.msauth.net — Cisco Umbrella Rank: 1038	2 KB
2	msftauth.net aadcdn.msftauth.net — Cisco Umbrella Rank: 1064	4 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 752	30 KB
1	r2.dev pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev	3 KB
18	6

	Domain	Requested by
9	codecrafters.su	pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev codecrafters.su code.jquery.com
3	challenges.cloudflare.com	1 redirects pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev challenges.cloudflare.com
2	aadcdn.msftauth.net	pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev
1	aadcdn.msauth.net	codecrafters.su
1	logincdn.msauth.net	pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev
1	code.jquery.com	pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev
1	pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev
18	7

This site contains no links.

Subject Issuer	Validity	Valid
*.r2.dev E1	`2023-08-13` - `2023-11-11`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
codecrafters.su GTS CA 1P5	`2023-08-06` - `2023-11-04`	3 months	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2023-01-31` - `2024-01-31`	a year	crt.sh
identitycdn.msauth.net Microsoft Azure TLS Issuing CA 02	`2023-06-24` - `2024-06-18`	a year	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2023-07-29` - `2024-07-29`	a year	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/index.html
Frame ID: C1544FB81B5600D4D3D86EC5BAE22A23
Requests: 16 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ud9pw/0x4AAAAAAAIuYI1ltse0NlA6/auto/normal
Frame ID: BB33A96C87B71B9EF1F3D70A551AE072
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/krgvk/0x4AAAAAAAIuYI1ltse0NlA6/auto/normal
Frame ID: 7737EC0D8B672A330E91D22214429AC8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your Microsoft account

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

89 %
HTTPS

100 %
IPv6

6
Domains

7
Subdomains

8
IPs

2
Countries

67 kB
Transfer

206 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit HTTP 302
https://challenges.cloudflare.com/turnstile/v0/b/7186c00a/api.js?render=explicit

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.html Show response
pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/ 19 KB
3 KB 160ms
139ms Document
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48181b68004cc1af06e876b495770a2139da4bbf69b5954cd57d66fd60dcb1ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

CF-RAY: 7f6d2cb3eab4f5fd-NRT
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 15 Aug 2023 00:03:28 GMT
ETag: W/"8805cb68be7e9ae14c6462c8249297ed"
Last-Modified: Mon, 14 Aug 2023 08:31:33 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 365ms
141ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev
URL: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:03:28 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1692057808.cdn4-pxy052-sjc02.sj3.evs,1692057808.cds046.sj3.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 30875

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/b/7186c00a/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
https://challenges.cloudflare.com/turnstile/v0/b/7186c00a/api.js?render=explicit

27 KB
10 KB

22ms
21ms

Script
application/javascript

2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/7186c00a/api.js?render=explicit
Requested by: Host: pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev
URL: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/index.html
Protocol: H2
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27cf9c50f0d7817a79937d0115486db7debe659260a7a3b584a172cc0908d8b2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:03:28 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7f6d2cb52bfbf635-NRT
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 15 Aug 2023 00:03:28 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /turnstile/v0/b/7186c00a/api.js?render=explicit
cache-control: max-age=300, public
cf-ray: 7f6d2cb4fbd9f635-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 pages-head-top.min.js Show response
codecrafters.su/assets/js/ 967 B
773 B 24ms
7ms Script
application/javascript 2606:4700:3035::6815:366e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codecrafters.su/assets/js/pages-head-top.min.js
Requested by: Host: pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev
URL: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:366e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efb090f3b00a993a3a913eb98d85796719861cc8676f3de163b5c91c1ca4109d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:03:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 09 Aug 2023 18:13:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2707
etag: W/"3c7-602816e9ea467"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UgLdBvFpkz6t1GyXiWc3g4mPFLTiQ%2B4H4chjs7uBuQXWNZI4LS3UZD8qd66QdmLsR4E8SqSztfDl5URY8u3%2BMn4ZOm0vGoW1W%2BvSDiyjRs3vBxcosROxfD%2FIxjiZPqQ4jOwtEYByd49B%2BQ%2F5m1c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7f6d2cb4fa86dfc5-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 back.png
codecrafters.su/assets/ 231 B
562 B 7ms
6ms Image
image/png 2606:4700:3035::6815:366e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://codecrafters.su/assets/back.png
Requested by: Host: pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev
URL: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:366e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70e32b2db3f079bb0295a85a0db15ed9e5926294dd947938d6cfa595f5ab18b4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:03:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2707
alt-svc: h3=":443"; ma=86400
content-length: 231
last-modified: Sun, 19 Mar 2023 15:20:17 GMT
server: cloudflare
etag: "e7-5f7425905ae40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcM4jriXvQBu5FZ32I6MzL1jt86cBOGW3A15nr6I11Z46TOrnNWnLis125e5Ai8c3Oi96ty3XHpuuVRfk903Aro5DoGvgSfdcRyXnggtzYdArjyVvegXMkyE59MUhHC93x3Le0vOideu7gdNEWY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7f6d2cb55acfdfc5-NRT

GET
H2 200 key.png
codecrafters.su/assets/ 727 B
1 KB 7ms
6ms Image
image/png 2606:4700:3035::6815:366e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://codecrafters.su/assets/key.png
Requested by: Host: pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev
URL: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:366e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40ecb8832f6a9a8aaa0cc6e1287e867a4fca38433d091d86c6cab1f28fbab652

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:03:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2707
alt-svc: h3=":443"; ma=86400
content-length: 727
last-modified: Sun, 19 Mar 2023 15:20:17 GMT
server: cloudflare
etag: "2d7-5f7425905ae40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbcMXNOUMbc8QYBaXcnBptY%2FNnCtyTqMgfNuKF%2FyH3NAoOis7pvbsPmoU5pphsc4F5uNmPqJvvRRAct2h9ovxwAEB75pCMbAPJVdZJwmM44DHam4WwycwW%2FT2zSh4nINKtMCNP26jdoNTE%2BTFRI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7f6d2cb55ad9dfc5-NRT

GET
H2 200 picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 7 KB
3 KB 14ms
6ms Image
image/svg+xml 2606:2800:247:8f3c:39fe:2753:7a35:e3da
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_fluent_authenticator_59892f1e05e3adf9fd2f71b42d92a27f.svg
Requested by: Host: pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev
URL: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:247:8f3c:39fe:2753:7a35:e3da , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (tka/894F) /
Resource Hash: a7ee799dd5b6f6dbb70b043b766362a6724e71458f9839306c995f06b218c2f8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 15 Aug 2023 00:03:28 GMT
content-encoding: gzip
content-md5: nTculR1Fom7eLci0F6rk+A==
age: 6472044
x-cache: HIT
content-length: 2407
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:51 GMT
server: ECAcc (tka/894F)
etag: 0x8DB5C3F4ADC079A
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 75478ab8-b01e-0053-582f-946e6f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 picker_verify_call_c2616792e1950f83fdef6e72dab97293.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 3 KB
1 KB 3ms
2ms Image
image/svg+xml 2606:2800:247:8f3c:39fe:2753:7a35:e3da
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/picker_verify_call_c2616792e1950f83fdef6e72dab97293.svg
Requested by: Host: pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev
URL: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:247:8f3c:39fe:2753:7a35:e3da , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (tka/88A5) /
Resource Hash: 55ce3b0ce5bc71339308107982cd7671f96014256ded0be36dc8062e64c847f1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 15 Aug 2023 00:03:28 GMT
content-encoding: gzip
content-md5: XHrPYKKsqlxUvysuxtSE2A==
age: 5938702
x-cache: HIT
content-length: 1173
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:50 GMT
server: ECAcc (tka/88A5)
etag: 0x8DB5C3F4A98E9BB
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: f4176b53-901e-0004-6e08-993529000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 picker_verify_email_958962caa7cf6b75cd412e9e3b687b22.svg
logincdn.msauth.net/shared/1.0/content/images/ 268 B
752 B 18ms
5ms Image
image/svg+xml 2620:1ec:bdf::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logincdn.msauth.net/shared/1.0/content/images/picker_verify_email_958962caa7cf6b75cd412e9e3b687b22.svg
Requested by: Host: pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev
URL: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b02b5df3ecd59d6cd90c60878683477532cbfc24660028657f290bdc7bc774b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 15 Aug 2023 00:03:28 GMT
content-encoding: gzip
content-md5: pFQUXilUkzYtIbvSwGgVBQ==
x-cache: TCP_HIT
content-length: 212
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:22:52 GMT
etag: 0x8DB5C40D4C9EED2
x-azure-ref: 00MDaZAAAAACZP9YHa3kXS5w7Z7NndDhUVFlPMDFFREdFMjQxNgBkYjY2MmZlMy1mNDM4LTQzYzItYTI5Zi1lNjU5MGM0ZjVlNTE=
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: b5e34d67-d01e-0052-42b6-cd0244000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H3 200 xkltp18w6378z7st7.css
codecrafters.su/assets/pages/ 1 KB
872 B 421ms
420ms Stylesheet
text/css 2606:4700:3035::6815:366e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codecrafters.su/assets/pages/xkltp18w6378z7st7.css?cb=1692057808645
Requested by: Host: codecrafters.su
URL: https://codecrafters.su/assets/js/pages-head-top.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:366e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a6d2a3c45fe06e2662cf4dfecfdcc026d0f57da9c3e484f912c2bdf338d1d22

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:03:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 14 Aug 2023 08:38:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4a3-602ddfdeb52fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUYVtMwDpHpl2ZOvgIAL9Glx5PzvqUkFa%2Fxv3Wql4%2BjseANMWoGQcisWXsEs51hr9hP%2FqWD3x6QepITv%2BGwUONR29DotP%2BYXIzJAgVjtiNpkBTTilog5gz8IQXEN8cju7h6RsmRfmi7d5DmaruQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7f6d2cb80a15af94-NRT
alt-svc: h3=":443"; ma=86400

GET
H3 200 pages.min.css
codecrafters.su/assets/css/ 16 KB
4 KB 611ms
611ms Stylesheet
text/css 2606:4700:3035::6815:366e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codecrafters.su/assets/css/pages.min.css?cb=1692057808645
Requested by: Host: codecrafters.su
URL: https://codecrafters.su/assets/js/pages-head-top.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:366e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a15bbdc08a7f9c72de1e67cf0c58b5e044c84b5ddc566d6b8f504e54ca111945

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:03:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 10 Aug 2023 14:47:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3f37-60292acb6f793"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4J%2FodztVwbnXUVmXDkGXI169%2FyE0UeT8SOY9A3q6iaSM13bx7w7Um%2BjbLpX3YPEXvmI4sKH7ONOlycLzuOJnJINGZSeGw5FIas6fIm4Q2jKIozIfX5WfYy6oHMOaSPuCNlGgIvVk%2FkJENQwKmI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7f6d2cb80a16af94-NRT
alt-svc: h3=":443"; ma=86400

GET
H3 200 pages-head.min.js Show response
codecrafters.su/assets/js/ 6 KB
2 KB 411ms
410ms Script
application/javascript 2606:4700:3035::6815:366e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codecrafters.su/assets/js/pages-head.min.js?cb=1692057808645
Requested by: Host: codecrafters.su
URL: https://codecrafters.su/assets/js/pages-head-top.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:366e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcf282866f4dc8b82340288d717cadb0d73bc7ee6862950cee81592edb111869

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:03:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 10 Aug 2023 14:21:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"19e0-60292517a9a0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDQ4jLalR4IX8ibbj28%2BZeAJYaIdsq1pL8k95PbVsMJVcdwYgXx%2FIcG5toRxD5jNs%2BvQ6e%2Fejwm51u04Op5YO2xq2bAi0DTv8DK77PHw913dgkcWmFxx%2FcLoZb2jXBdz%2BrYdQlnNRbIZTeIEjGk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7f6d2cb80a18af94-NRT
alt-svc: h3=":443"; ma=86400

GET
H3 200 pages.min.js Show response
codecrafters.su/assets/js/ 35 KB
6 KB 615ms
614ms Script
application/javascript 2606:4700:3035::6815:366e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codecrafters.su/assets/js/pages.min.js?cb=1692057808645
Requested by: Host: codecrafters.su
URL: https://codecrafters.su/assets/js/pages-head-top.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:366e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d25afab93dd6a19dde44c2132ab0ee815830b3bda094feba53f04cbd5d45192f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 00:03:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 10 Aug 2023 20:55:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8b2f-60297d00a893d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqTa0PEGOgqSN7A%2FOM3AprRXczl8kTWJS4vjehW2vnT5DRW8S9TR2t9Wj3scpqmzGZvFpz%2B%2FIUyjHuESxcoq8ZX9XuH3xdvBK1P0u9FZW%2F20UcYd9qpV%2F4i%2Fk%2BCkchL%2FTZL79lbRT%2BHYtxF8048%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7f6d2cb80a1baf94-NRT
alt-svc: h3=":443"; ma=86400

POST
H3 200 info Show response
codecrafters.su/ 124 B
1 KB 615ms
606ms XHR
application/json 2606:4700:3035::6815:366e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codecrafters.su/info
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:366e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.10
Resource Hash: 3eec11aadb2a8479f4e7d4398d8cc816177c9f28c50cbe8add91f4563b09ddfd

Request headers

Accept: */*
Referer: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 15 Aug 2023 00:03:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.1.10
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJG5gjLVb8sD2EA6M%2FjH02mXgTGL0aZ19jpXJ2vFTPLKMxmUggReOmF3oyNgu1KdYuevewuQJNy3o5CpgiLccKmJm8bmb3KhvPjMLLrh5ZcruCvWl%2FeC%2BucV2BPprN5PSV%2BVZtLGpYOQpiwNem4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 7f6d2cbaa88d34d5-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
aadcdn.msauth.net/shared/1.0/content/images/backgrounds/ 2 KB
1 KB 10ms
2ms Image
image/svg+xml 2620:1ec:46::46
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/shared/1.0/content/images/backgrounds/2_11d9e3bcdfede9ce5ce5ace2d129f1c4.svg
Requested by: Host: codecrafters.su
URL: https://codecrafters.su/assets/pages/xkltp18w6378z7st7.css?cb=1692057808645
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://codecrafters.su/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 15 Aug 2023 00:03:29 GMT
content-encoding: gzip
x-cache: TCP_HIT
content-length: 673
x-ms-lease-status: unlocked
last-modified: Wed, 24 May 2023 10:11:46 GMT
etag: 0x8DB5C3F47E260FD
x-azure-ref: 20230815T000329Z-d6sp2qe43973rc9q5zt59v10pw00000001tg00000000ktu0
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 4f36b5b2-d01e-0006-3fc8-cdcd7f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ud9pw/0x4AAAAAAAIuYI1ltse0NlA6/auto/ Frame BB33 0
0

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/krgvk/0x4AAAAAAAIuYI1ltse0NlA6/auto/ Frame 7737 0
0 12ms
12ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/krgvk/0x4AAAAAAAIuYI1ltse0NlA6/auto/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7f6d2cbe7fc0e0b0-NRT
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Tue, 15 Aug 2023 00:03:29 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H3 200 info Show response
codecrafters.su/ 20 B
1 KB 617ms
617ms XHR
application/json 2606:4700:3035::6815:366e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codecrafters.su/info
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:366e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.10
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: */*
Referer: https://pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 15 Aug 2023 00:03:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.1.10
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8iUEQIgnRCSy0ueZxsYUxcNXNX%2FuX9FIwajgYoB%2Fn%2FpohF4AmndDQ6zaFtr6lZc2t97PWHFGxMZPZieZR7xi%2B23RnV6UUs2FbnvjtYCmAmuByJaZBjvXVCpMG9%2Bbngy24YBhwPA6JPanGGQeCI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 7f6d2cbf9bbe34d5-NRT
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ud9pw/0x4AAAAAAAIuYI1ltse0NlA6/auto/normal

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msftauth.net
challenges.cloudflare.com
code.jquery.com
codecrafters.su
logincdn.msauth.net
pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev
challenges.cloudflare.com
2001:4de0:ac18::1:a:2b
2606:2800:247:8f3c:39fe:2753:7a35:e3da
2606:4700:3035::6815:366e
2606:4700::6811:3b8
2606:4700::6812:323
2620:1ec:46::46
2620:1ec:bdf::46
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
27cf9c50f0d7817a79937d0115486db7debe659260a7a3b584a172cc0908d8b2
3eec11aadb2a8479f4e7d4398d8cc816177c9f28c50cbe8add91f4563b09ddfd
40ecb8832f6a9a8aaa0cc6e1287e867a4fca38433d091d86c6cab1f28fbab652
48181b68004cc1af06e876b495770a2139da4bbf69b5954cd57d66fd60dcb1ab
55ce3b0ce5bc71339308107982cd7671f96014256ded0be36dc8062e64c847f1
70e32b2db3f079bb0295a85a0db15ed9e5926294dd947938d6cfa595f5ab18b4
7a6d2a3c45fe06e2662cf4dfecfdcc026d0f57da9c3e484f912c2bdf338d1d22
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
a15bbdc08a7f9c72de1e67cf0c58b5e044c84b5ddc566d6b8f504e54ca111945
a7ee799dd5b6f6dbb70b043b766362a6724e71458f9839306c995f06b218c2f8
b02b5df3ecd59d6cd90c60878683477532cbfc24660028657f290bdc7bc774b5
bcf282866f4dc8b82340288d717cadb0d73bc7ee6862950cee81592edb111869
d25afab93dd6a19dde44c2132ab0ee815830b3bda094feba53f04cbd5d45192f
efb090f3b00a993a3a913eb98d85796719861cc8676f3de163b5c91c1ca4109d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev Open in urlscan Pro 2606:4700::6812:323 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

18 Requests

89 %HTTPS

100 %IPv6

6 Domains

7 Subdomains

8 IPs

2 Countries

67 kBTransfer

206 kBSize

0 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

34 JavaScript Global Variables

0 Cookies

Indicators

pub-8ac45504f2df4dd1aa19f0b5babc40cb.r2.dev Open in urlscan Pro
2606:4700::6812:323 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

89 %
HTTPS

100 %
IPv6

6
Domains

7
Subdomains

8
IPs

2
Countries

67 kB
Transfer

206 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!