rlfigm.calgroverents.info Open in urlscan Pro
2606:4700:3033::ac43:a217  Public Scan

Submitted URL: https://www.tiktok.com/////link/v2?aid=1988&lang=enpihd7s&scene=bio_url&target=www.google.com/url?q%3DIrfT8NMLx6QPaJgv6...
Effective URL: https://rlfigm.calgroverents.info/JmkSlirs
Submission: On October 10 via manual from US — Scanned from DE

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 5 HTTP transactions. The main IP is 2606:4700:3033::ac43:a217, located in United States and belongs to CLOUDFLARENET, US. The main domain is rlfigm.calgroverents.info.
TLS certificate: Issued by WE1 on September 10th 2024. Valid for: 3 months.
This is the only time rlfigm.calgroverents.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2.21.20.144 20940 (AKAMAI-ASN1)
2 2 2a00:1450:400... 15169 (GOOGLE)
1 1 167.250.5.27 264649 (NUT HOST SRL)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 4
Apex Domain
Subdomains
Transfer
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3443
16 KB
3 calgroverents.info
rlfigm.calgroverents.info
5 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
45 B
1 bienczaksrl.com.ar
bienczaksrl.com.ar
368 B
1 tiktok.com
www.tiktok.com — Cisco Umbrella Rank: 4355
4 KB
5 5
Domain Requested by
3 challenges.cloudflare.com 1 redirects rlfigm.calgroverents.info
challenges.cloudflare.com
3 rlfigm.calgroverents.info
2 www.google.com 2 redirects
1 bienczaksrl.com.ar 1 redirects
1 www.tiktok.com 1 redirects
5 5

This site contains no links.

Subject Issuer Validity Valid
calgroverents.info
WE1
2024-09-10 -
2024-12-09
3 months crt.sh
challenges.cloudflare.com
WE1
2024-09-05 -
2024-12-04
3 months crt.sh

This page contains 2 frames:

Primary Page: https://rlfigm.calgroverents.info/JmkSlirs
Frame ID: 46D234C732FE1D2B9D5D837C2B9088D5
Requests: 7 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j88jk/0x4AAAAAAAiTiQHZPJhDhvS1/auto/fbE/normal/auto/
Frame ID: 9C22A4FF08B19DA9BE53C63BCFCECC8B
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

9jv3kZQVzJ

Page URL History Show full URLs

  1. https://www.tiktok.com/////link/v2?aid=1988&lang=enpihd7s&scene=bio_url&target=www.google.com/url?q... HTTP 302
    https://www.google.com/url?cad=z64Ndl7J844jI5EH33et&cd=9X3EYbyCMUoB46Jqpszn&esrc=EgJeLX8CAl11DNSW7p... HTTP 302
    https://www.google.com/amp/bienczaksrl.com.ar/ HTTP 302
    http://bienczaksrl.com.ar/ HTTP 307
    https://bienczaksrl.com.ar/ HTTP 301
    https://rlfigm.calgroverents.info/JmkSlirs Page URL

Page Statistics

5
Requests

80 %
HTTPS

67 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

21 kB
Transfer

55 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.tiktok.com/////link/v2?aid=1988&lang=enpihd7s&scene=bio_url&target=www.google.com/url?q%3DIrfT8NMLx6QPaJgv6Z3g%26rct%3DqsUbQmXhZ93d4gNXIWaR%26sa%3Dt%26esrc%3DEgJeLX8CAl11DNSW7pgH%26source%3D%26cd%3D9X3EYbyCMUoB46Jqpszn%26cad%3Dz64Ndl7J844jI5EH33et%26ved%3D36LRX1krI3rPMEZVSMU2%26uact%3D%2520%26url%3Damp%252Fbienczaksrl%252Ecom%252Ear%252F&source=gmail&ust=1725986149001000&usg=AOvVaw1kdi6SPX1NGpGYFWhG_1Z7 HTTP 302
    https://www.google.com/url?cad=z64Ndl7J844jI5EH33et&cd=9X3EYbyCMUoB46Jqpszn&esrc=EgJeLX8CAl11DNSW7pgH&q=IrfT8NMLx6QPaJgv6Z3g&rct=qsUbQmXhZ93d4gNXIWaR&sa=t&safe=active&source=&uact=+&url=amp%2Fbienczaksrl.com.ar%2F&ved=36LRX1krI3rPMEZVSMU2 HTTP 302
    https://www.google.com/amp/bienczaksrl.com.ar/ HTTP 302
    http://bienczaksrl.com.ar/ HTTP 307
    https://bienczaksrl.com.ar/ HTTP 301
    https://rlfigm.calgroverents.info/JmkSlirs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/api.js

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request JmkSlirs
rlfigm.calgroverents.info/
Redirect Chain
  • https://www.tiktok.com/////link/v2?aid=1988&lang=enpihd7s&scene=bio_url&target=www.google.com/url?q%3DIrfT8NMLx6QPaJgv6Z3g%26rct%3DqsUbQmXhZ93d4gNXIWaR%26sa%3Dt%26esrc%3DEgJeLX8CAl11DNSW7pgH%26sour...
  • https://www.google.com/url?cad=z64Ndl7J844jI5EH33et&cd=9X3EYbyCMUoB46Jqpszn&esrc=EgJeLX8CAl11DNSW7pgH&q=IrfT8NMLx6QPaJgv6Z3g&rct=qsUbQmXhZ93d4gNXIWaR&sa=t&safe=active&source=&uact=+&url=amp%2Fbienc...
  • https://www.google.com/amp/bienczaksrl.com.ar/
  • http://bienczaksrl.com.ar/
  • https://bienczaksrl.com.ar/
  • https://rlfigm.calgroverents.info/JmkSlirs
7 KB
4 KB
Document
General
Full URL
https://rlfigm.calgroverents.info/JmkSlirs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
918b1b1107996074d5fa8ef86285a59abbbb6bd406594dba0b4d44590148f9ae

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d0a0a228d05d350-FRA
content-encoding
zstd
content-type
text/html
date
Thu, 10 Oct 2024 22:27:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Po%2FJan%2Bdbe9bb2m7VsrYYzZdfI7aKFY4YwqGBWzdkuV6GV8gAdI8EBYo04xGPgJOOqXpwT3NYWMKUdihj01JanlolfInn%2BeUoZ312isYMnIomdmpsZJj2cKLN2jYgW2edDVjZeSoifuXGNqlbEJxv4UO9ha6l%2FP7"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"

Redirect headers

content-length
250
content-type
text/html; charset=iso-8859-1
date
Thu, 10 Oct 2024 22:27:45 GMT
location
https://rlfigm.calgroverents.info/JmkSlirs
server
Apache
speculation
rlfigm.calgroverents.info/cdn-cgi/
128 B
586 B
Other
General
Full URL
https://rlfigm.calgroverents.info/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://rlfigm.calgroverents.info
Referer
https://rlfigm.calgroverents.info/JmkSlirs

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JQQHop%2FrowPie%2FASEGDS5oqDIPV0Butq5S9euTjC7IT7jWcpPwp7ikvi5rATyb%2Fap5xNT79k5HjFGvnRYpvZK04ZD9QgjuAtFHRFeqmHgRQrnOH%2FJ0TDgcP15YzOKqsSmzuRoanc7hEjCgA13jXZF91t2ygFrqwS"}],"group":"cf-nel","max_age":604800}
cf-ray
8d0a0a272eccd350-FRA
access-control-allow-origin
https://rlfigm.calgroverents.info
alt-svc
h3=":443"; ma=86400
content-length
128
date
Thu, 10 Oct 2024 22:27:46 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
api.js
challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
  • https://challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/api.js
46 KB
16 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/62ec4f065604/api.js
Requested by
Host: rlfigm.calgroverents.info
URL: https://rlfigm.calgroverents.info/JmkSlirs
Protocol
H3
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ea786910282df7ae154a0011375cd1254adbd8ef0e75eb62177ada67daf9611

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rlfigm.calgroverents.info/

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8d0a0a276b6e9b95-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 10 Oct 2024 22:27:46 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 01 Oct 2024 14:19:56 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
location
/turnstile/v0/b/62ec4f065604/api.js
cross-origin-resource-policy
cross-origin
cf-ray
8d0a0a274b549b95-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 10 Oct 2024 22:27:46 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/
341 B
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90682803943448f3acffc81014c87fdd71f30d8cf97335fcea451fac1e568221

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
truncated
/
269 B
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3295d6298ccfb78021a8c09c610999b949a8c32bd2e042a1a8f989730afbd151

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
truncated
/
491 B
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b8872bc9490aea5fa007d01c23c67da00d688d90f89f5e00133906cd9576323

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j88jk/0x4AAAAAAAiTiQHZPJhDhvS1/auto/fbE/normal/auto/ Frame 9C22
0
0
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/j88jk/0x4AAAAAAAiTiQHZPJhDhvS1/auto/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Referer
https://rlfigm.calgroverents.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8d0a0a27a82d1e30-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 10 Oct 2024 22:27:46 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
favicon.ico
rlfigm.calgroverents.info/
0
537 B
Other
General
Full URL
https://rlfigm.calgroverents.info/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:a217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://rlfigm.calgroverents.info/JmkSlirs

Response headers

x-ms-srs
1.P
cache-control
private
nel
{"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-ests-server
2.1.19066.8 - SCUS ProdSlices
cf-cache-status
BYPASS
report-to
{"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+san"}]}
referrer-policy
strict-origin-when-cross-origin
x-ms-request-id
8c989e40-cf05-4014-b9e2-1c73b73f0f00
cf-ray
8d0a0a2828dfd350-FRA
alt-svc
h3=":443"; ma=86400
p3p
CP="DSP CUR OTPi IND OTRi ONL FIN"
date
Thu, 10 Oct 2024 22:27:47 GMT
vary
Accept-Encoding
server
cloudflare

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| verifyCallback_CF function| validateElement function| refreshCallBack function| onloadTurnstileCallback function| c function| lp object| turnstile

3 Cookies

Domain/Path Name / Value
.google.com/ Name: __Secure-ENID
Value: 22.SE=R3HVj8kGvrqZjTlSAhzg4XhW_B0RjePP5w8WisDTPdbyyf92gHAPuprjoGIeAq0EMiTlknu8CTqloypJOYrD0Li4wEocxuw6UArrzCLb-nLEuGO_JbIBz4oIi80m4sC9gdQ59JTek-v4nlrF5k6_RQH5ZrtPZ8XtKirbUtKpPv9oC57QEwVaIQKtS4gLbmgpbHfpoDU
.calgroverents.info/ Name: ePvR
Value: 92aa0446eea4822b1d45ab215e4b552cfe922b91ff20fb03a93b40aa4593974b
rlfigm.calgroverents.info/ Name: x-ms-gateway-slice
Value: estsfd

1 Console Messages

Source Level URL
Text
network error URL: https://rlfigm.calgroverents.info/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()