urlscan.io logo urlscan.io
SecurityTrails logo

pub-6aff61b16f8c45b0b2b29300163c1636.r2.dev Open in urlscan Pro
104.18.3.35  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://pub-6aff61b16f8c45b0b2b29300163c1636.r2.dev/xvc4n65476876sfqdh46dq5fh7498d7sfh64dfh867q9et86er54h6d8sfh6.html
Effective URL: https://pub-6aff61b16f8c45b0b2b29300163c1636.r2.dev/xvc4n65476876sfqdh46dq5fh7498d7sfh64dfh867q9et86er54h6d8sfh6.html
Submission: On March 22 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 2 HTTP transactions. The main IP is 104.18.3.35, located in and belongs to CLOUDFLARENET, US. The main domain is pub-6aff61b16f8c45b0b2b29300163c1636.r2.dev.
TLS certificate: Issued by E1 on February 6th 2024. Valid for: 3 months.
This is the only time pub-6aff61b16f8c45b0b2b29300163c1636.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.18.3.35 13335 (CLOUDFLAR...)
1 1 51.15.10.165 12876 (Online SAS)
1 31.222.255.2 49392 (ASBAXETN)
2 2
Domain Requested by
1 intercompick.com pub-6aff61b16f8c45b0b2b29300163c1636.r2.dev
1 frequirement.com 1 redirects
1 pub-6aff61b16f8c45b0b2b29300163c1636.r2.dev
2 3

This site contains no links.

Subject Issuer Validity Valid
*.r2.dev
E1		 2024-02-06 -
2024-05-06		 3 months crt.sh
intercompick.com
R3		 2024-02-27 -
2024-05-27		 3 months crt.sh

This page contains 1 frames:

Frame: https://intercompick.com/0/0/0/2335831bb065fbddd98422bc18fc8eee/Recuerda__2c3d61deda8db6b3e3a52/yv183%7CGHWso3EbMKWm%7Cfyakx%7Cwwwwx%7C0pgu2l5%7C82576%7Czzzyr1lj7n%7CY%7CGHWso3EbMKWm%7CPC%7C2alg47c/p3y2p2uipaD2AJH5MwH5L2VmMwN0K3MfK2yhqTIlqzksZGtmLj==
Frame ID: F4EB4CCC610D21D0056CBC9FEE444E16
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

1 kB
Transfer

0 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://frequirement.com/redirect.html?od=1syvshort65e9f59cb3f04_vl_intervl_183c.oo37M.Yzzzyr1lj7n1rps111_vq1587.fyakxd3d3d3gwcGd1Mmw10l39LZ HTTP 302
  • https://intercompick.com/0/0/0/2335831bb065fbddd98422bc18fc8eee/Recuerda__2c3d61deda8db6b3e3a52/yv183%7CGHWso3EbMKWm%7Cfyakx%7Cwwwwx%7C0pgu2l5%7C82576%7Czzzyr1lj7n%7CY%7CGHWso3EbMKWm%7CPC%7C2alg47c/p3y2p2uipaD2AJH5MwH5L2VmMwN0K3MfK2yhqTIlqzksZGtmLj==

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request xvc4n65476876sfqdh46dq5fh7498d7sfh64dfh867q9et86er54h6d8sfh6.html
pub-6aff61b16f8c45b0b2b29300163c1636.r2.dev/ 		267 B
576 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pub-6aff61b16f8c45b0b2b29300163c1636.r2.dev/xvc4n65476876sfqdh46dq5fh7498d7sfh64dfh867q9et86er54h6d8sfh6.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
CF-RAY
868704d2cc01a1de-YYZ
Connection
keep-alive
Content-Length
267
Content-Type
text/html
Date
Fri, 22 Mar 2024 14:54:46 GMT
ETag
"bc225d3a104347f207dbe974a40e1be7"
Last-Modified
Thu, 07 Mar 2024 17:15:06 GMT
Server
cloudflare
Vary
Accept-Encoding
p3y2p2uipaD2AJH5MwH5L2VmMwN0K3MfK2yhqTIlqzksZGtmLj==
intercompick.com/0/0/0/2335831bb065fbddd98422bc18fc8eee/Recuerda__2c3d61deda8db6b3e3a52/yv183%7CGHWso3EbMKWm%7Cfyakx%7Cwwwwx%7C0pgu2l5%7C82576%7Czzzyr1lj7n%7CY%7CGHWso3EbMKWm%7CPC%7C2alg47c/
Redirect Chain
  • http://frequirement.com/redirect.html?od=1syvshort65e9f59cb3f04_vl_intervl_183c.oo37M.Yzzzyr1lj7n1rps111_vq1587.fyakxd3d3d3gwcGd1Mmw10l39LZ
  • https://intercompick.com/0/0/0/2335831bb065fbddd98422bc18fc8eee/Recuerda__2c3d61deda8db6b3e3a52/yv183%7CGHWso3EbMKWm%7Cfyakx%7Cwwwwx%7C0pgu2l5%7C82576%7Czzzyr1lj7n%7CY%7CGHWso3EbMKWm%7CPC%7C2alg47c...
0
205 B 		Document
General
Check archive.org
Download Go to
Full URL
https://intercompick.com/0/0/0/2335831bb065fbddd98422bc18fc8eee/Recuerda__2c3d61deda8db6b3e3a52/yv183%7CGHWso3EbMKWm%7Cfyakx%7Cwwwwx%7C0pgu2l5%7C82576%7Czzzyr1lj7n%7CY%7CGHWso3EbMKWm%7CPC%7C2alg47c/p3y2p2uipaD2AJH5MwH5L2VmMwN0K3MfK2yhqTIlqzksZGtmLj==
Requested by
Host: pub-6aff61b16f8c45b0b2b29300163c1636.r2.dev
URL: https://pub-6aff61b16f8c45b0b2b29300163c1636.r2.dev/xvc4n65476876sfqdh46dq5fh7498d7sfh64dfh867q9et86er54h6d8sfh6.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.222.255.2 , United Kingdom, ASN49392 (ASBAXETN, RU),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
https://pub-6aff61b16f8c45b0b2b29300163c1636.r2.dev/xvc4n65476876sfqdh46dq5fh7498d7sfh64dfh867q9et86er54h6d8sfh6.html#
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 22 Mar 2024 14:54:48 GMT
server
Apache
strict-transport-security
max-age=16000000; includeSubDomains; preload;

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Fri, 22 Mar 2024 14:54:47 GMT
Keep-Alive
timeout=5, max=100
Location
https://intercompick.com/0/0/0/2335831bb065fbddd98422bc18fc8eee/Recuerda__2c3d61deda8db6b3e3a52/yv183|GHWso3EbMKWm|fyakx|wwwwx|0pgu2l5|82576|zzzyr1lj7n|Y|GHWso3EbMKWm|PC|2alg47c/p3y2p2uipaD2AJH5MwH5L2VmMwN0K3MfK2yhqTIlqzksZGtmLj==
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.33
X-Powered-By
PHP/7.4.33

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

frequirement.com
intercompick.com
pub-6aff61b16f8c45b0b2b29300163c1636.r2.dev
104.18.3.35
31.222.255.2
51.15.10.165
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855