enterprise-security.us-southeast-1.linodeobjects.com Open in urlscan Pro
2600:3c02::f03c:92ff:fe32:7a8a  Malicious Activity! Public Scan

Submitted URL: https://enterprise-security.us-southeast-1.linodeobjects.com/AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html?51e3acadda86d6e6ca9a098a637ff0d2m2wuug9e=U2F...
Effective URL: https://enterprise-security.us-southeast-1.linodeobjects.com/AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html?863dad22d5c165b34b58ea44c535eca0m2wyx45e=U2F...
Submission: On October 31 via api from US — Scanned from US

Summary

This website contacted 8 IPs in 1 countries across 6 domains to perform 17 HTTP transactions. The main IP is 2600:3c02::f03c:92ff:fe32:7a8a, located in Atlanta, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is enterprise-security.us-southeast-1.linodeobjects.com.
TLS certificate: Issued by R11 on September 19th 2024. Valid for: 3 months.
This is the only time enterprise-security.us-southeast-1.linodeobjects.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: OneDrive (Online)

Domain & IP information

IP Address AS Autonomous System
2 2600:3c02::f0... 63949 (AKAMAI-LI...)
4 2a04:4e42:400... 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 151.101.193.229 54113 (FASTLY)
3 142.250.65.227 15169 (GOOGLE)
17 8
Apex Domain
Subdomains
Transfer
7 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
305 KB
3 gstatic.com
fonts.gstatic.com
54 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
6 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
2 KB
2 linodeobjects.com
enterprise-security.us-southeast-1.linodeobjects.com
1 KB
1 ipapi.co
ipapi.co — Cisco Umbrella Rank: 16407
1 KB
17 6
Domain Requested by
7 cdn.jsdelivr.net enterprise-security.us-southeast-1.linodeobjects.com
3 fonts.gstatic.com fonts.googleapis.com
2 cdnjs.cloudflare.com cdn.jsdelivr.net
2 fonts.googleapis.com cdn.jsdelivr.net
2 enterprise-security.us-southeast-1.linodeobjects.com cdn.jsdelivr.net
1 ipapi.co cdn.jsdelivr.net
17 6

This site contains no links.

Subject Issuer Validity Valid
us-southeast-1.linodeobjects.com
R11
2024-09-19 -
2024-12-18
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
ipapi.co
WE1
2024-09-02 -
2024-12-01
3 months crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh
*.gstatic.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://enterprise-security.us-southeast-1.linodeobjects.com/AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html?863dad22d5c165b34b58ea44c535eca0m2wyx45e=U2FsdGVkX1%2FZwwpGB2WWpM%2FlJZ%2FxvS6PBbWfUNGf%2FD7oqA%2Fb%2F7SmKDrplofOGJZik4dP2nWOnLpbcz3iZ8Q2OgVnHE2%2Bl%2B4bkGfWVKWZuAQ0jTgs2FWJENn0AXzdc%2Flrrb0IySjZmNtVWmsKmGQL0dCFKV%2BQGcyK1vBzkxI3W9KDrbB07P%2BhSk2TdPES5OBEYEGI8f%2FeyaQb9YZAxdst%2B17ubElIF%2ByjlZdnTb89EHA2y7MNLpE7L7q9hK6zFSzNA046HcFuDTU9Pa4esSPLLWV9tx%2BJEv4wKOi8nEYioIjuFn01MHU4sX6aSz%2FAnl9QGbZb7SrPRsG6oOQXQaHfH2yjIYlz5k8OkWSuWnvB9A%2FOarJJAlWwW52eN7etCOV%2Fq0luDXsb1gXBAZXRuOqCFVQWYkKa35UhQWr%2FBQRUJWZZjdI6IkSpOPX7UyzzD5GPIIHpnSDG1kDfqPs3KTdOa3pC45D4XTCW6TULuYmwdfkyrqdkVd%2B7W0TdD5dv5mtYvam8D4mSafRdySN2nxo%2B%2BDLu51WeVXN70xbPLHPgt54qel%2FXteK%2FzN2w3l8d6v08CXKjn0QuK3O%2FG44MXnHyudr2dUDJRvpI0j6muyTJ1D0g4RiuHRaSafvL7jMj6%2BVDHw7x4I0MmmZSTptitL11CvnYMg%2Bds3tJ27akaSRxgl0CnNCJWHxcVxJYzubCOZfOhYjJBVDHjBWvPvTfOaQqpLr%2FXLnq6j6zMbY3FIPT2HL6TtP%2BO2jp6YmydZo5f5gKq0JA%2BUDSTS5eBihWzGmyDLLUPvGCaHuS%2FCD5QXJGnPqYITa8RZY0ipMd12HFEwqsihlnSRmu8wghhzmU9eOUzxsvi66R%2BTz0uPIjO%2ByVplff3cLBwTo0uze6F8rCq1gBFixdLhWXlm933kSSxHGZyMF5Pb%2FI976M6zQGm0ZDYSGKPFeemi42ePeH%2FAVvM33Q8Caw2HJIuROWfeUqJbC0se7H97YVFXjRCTHS42gkdog%2B6zx7%2BybCVs67%2FdRyZNlHpJGtrSlIhXPZFdBootR3HPDwrZpkYaLQEAt74F5EcdeLoJhkk4Ur5yZKXT6bnGeW4wpusBNCwTv3nNS0YTenfZNPJ1XsZMvOEWShjz1jTPgiFLDqs5RcOB9mcP3CILuFWGs0rYUdi3kmMjtSgaMu5evXI5W8QgQlofzmWLywAb8ocXL98ggHG1Kz5ETx8lP594YtSTBa7zLLomFkL4fQVzWNqOgtbTnJ7CrSgrSMmTCaqg3mULBJh4g9dwIjCXwVkOgXWbjOKVfeTb1IOSPD7gezsthnwrafKNt2%2F9x%2FBDa8C7HIUM%2By76sN3mnUFS7xRkkw3kK2efFgQaV%2BRbmeVKnEO%2Fp0DI%2FIx5IcAQvfN9dM2S6vaFb6hDdimkEcS4vE3SI5Y6KK%2B17Qe4xC8vJzfWNWjRCVoiRWR2yjta%2BYHTp4gZcpp1rOgDPc6TjhMSGKV2sAvRrmilVUx2kaaAwMKYcBLEjDNpXSS01oCA%2BiiwSLj3IK4XsXovjjtXJe0yueNSIOGa1JIdog2RGU6zysGwRKxTSjqnwhx4J7LP17NXIDryxufdaAZUPQdEeNMZdumrHOHGXfUEeV7U6hFk%2F2ns12BpzgGGCgF%2FpN9hJXlB5SKvHTUMN9H0fJlDP9XJwu13%2Fkgts0XyGjh%2BQQ5BRtsHV3CydQnJQlf7xt1932vZvb%2FWJLMR0VXsJSq8ZlcZKpSSQ0Yb1ELC2zF8sgTv7EnY%2FaK1guOt%2F7VYFR%2Bl%2BwYSYoUs4PTKAjJ9enY%2FIYyJqkgtSM6L8YhFMlqoayY0XkkmWCpF4YAB3oeF1yF5iIjFjBc46pMbTmaYt9IzECPLCcDpuQS%2FngipW7biWupcPdS4%2B59CZ0vFg0gQRNBcQYAifba%2BR0rcme%2BW%2BjIaz%2FseRF8odekQ4h%2F4Ov3JkUW9CztiWxtH2GGPPo6dsvRNc5R44F6VW2Xwm8gpBkH%2F0IsntGW3REbjSKNxUNSk1x8trsAGG0%2BJKetXjgH6iadPLyHMt%2BZhVZsv4giqgSJlugparawkSDvUldkBquU33sAey0NkGKFVA2JWjmgrxElEkhqGhgtmymRQssvN6mFyrs2PnniiK8AmmoqtH7wAp0IktQ6HCRcq%2BxdR%2B%2FSHZtSIu701eamBbzusRRN7RBVinTtWGhu2t1peH83QT9DHEAb0xovljvqY%2BG0VKLnWzFIaYJMSM0WH0o%2BktlNT3vs0n2ZJ5sXUR4c7YRrq0JRkhUjSxV0bNlwmQ2rF%2FTb1WNnq0StZMi8ToodSGUS8fCzqpKT9WVyYySXoV23CQEqBzXO1Ip60%2FuNbC6f6H5atH2ZGN3mk6pIFWeb4AYdvW7JLSw2zdFiYGJCeuN59oQo9G%2FKdzZNCLfFXHmt9f42yNU1BizXHUzDeApY8hmw7VM%2B%2BXYyEDr4wT7hzMnjNFfAxWOWFh5OlwtAxXCK6ArzYGdwoe2xzJNinAZTql3mkf5gQElPHjeQnLaKHERswnL0oK5g3o10UNzU2gO0s9SLsiel0bV7YT4k%2FBQcqoJndCRA9Oo3CWc8vlidhSt70Mnx30bRSaNMtxjfpD7441cyymzzj8nRmTcaFtKSBN%2BJq7%2BxBK6jiDkj9DnmYltFOLvnhatjsNDL%2FwoAjvfXPmq8zTRQN7DlPo%3D
Frame ID: 78CB0C8F747BB07E0E08B9BBE9CD6E01
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

Microsoft OneDrive

Page URL History Show full URLs

  1. https://enterprise-security.us-southeast-1.linodeobjects.com/AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html?51e3acadda86d6e6ca9a098a... Page URL
  2. https://enterprise-security.us-southeast-1.linodeobjects.com/AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html?863dad22d5c165b34b58ea44... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

17
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

6
Subdomains

8
IPs

1
Countries

370 kB
Transfer

2416 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://enterprise-security.us-southeast-1.linodeobjects.com/AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html?51e3acadda86d6e6ca9a098a637ff0d2m2wuug9e=U2FsdGVkX1%2BQuHWsjwSW4l6kpPPcHsJnZe3P%2BUCnmONWzH0HasmTJtUQqXMfs1nEojl0u2dbP5AZSeG%2BW3zxhu1R4IAX%2Bhb%2Bn3oJ%2BNs9adE0tL2Ok25Kwz6SvWlx4noE2G7l7h2X2377xBQ%2BbA%2Fh0AEGCXP5j4ch7JvHk5yYdzwvXTubXM2OqkOI2v75XdoXHyKF9QkfyEyMKIE4TA Page URL
  2. https://enterprise-security.us-southeast-1.linodeobjects.com/AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html?863dad22d5c165b34b58ea44c535eca0m2wyx45e=U2FsdGVkX1%2FZwwpGB2WWpM%2FlJZ%2FxvS6PBbWfUNGf%2FD7oqA%2Fb%2F7SmKDrplofOGJZik4dP2nWOnLpbcz3iZ8Q2OgVnHE2%2Bl%2B4bkGfWVKWZuAQ0jTgs2FWJENn0AXzdc%2Flrrb0IySjZmNtVWmsKmGQL0dCFKV%2BQGcyK1vBzkxI3W9KDrbB07P%2BhSk2TdPES5OBEYEGI8f%2FeyaQb9YZAxdst%2B17ubElIF%2ByjlZdnTb89EHA2y7MNLpE7L7q9hK6zFSzNA046HcFuDTU9Pa4esSPLLWV9tx%2BJEv4wKOi8nEYioIjuFn01MHU4sX6aSz%2FAnl9QGbZb7SrPRsG6oOQXQaHfH2yjIYlz5k8OkWSuWnvB9A%2FOarJJAlWwW52eN7etCOV%2Fq0luDXsb1gXBAZXRuOqCFVQWYkKa35UhQWr%2FBQRUJWZZjdI6IkSpOPX7UyzzD5GPIIHpnSDG1kDfqPs3KTdOa3pC45D4XTCW6TULuYmwdfkyrqdkVd%2B7W0TdD5dv5mtYvam8D4mSafRdySN2nxo%2B%2BDLu51WeVXN70xbPLHPgt54qel%2FXteK%2FzN2w3l8d6v08CXKjn0QuK3O%2FG44MXnHyudr2dUDJRvpI0j6muyTJ1D0g4RiuHRaSafvL7jMj6%2BVDHw7x4I0MmmZSTptitL11CvnYMg%2Bds3tJ27akaSRxgl0CnNCJWHxcVxJYzubCOZfOhYjJBVDHjBWvPvTfOaQqpLr%2FXLnq6j6zMbY3FIPT2HL6TtP%2BO2jp6YmydZo5f5gKq0JA%2BUDSTS5eBihWzGmyDLLUPvGCaHuS%2FCD5QXJGnPqYITa8RZY0ipMd12HFEwqsihlnSRmu8wghhzmU9eOUzxsvi66R%2BTz0uPIjO%2ByVplff3cLBwTo0uze6F8rCq1gBFixdLhWXlm933kSSxHGZyMF5Pb%2FI976M6zQGm0ZDYSGKPFeemi42ePeH%2FAVvM33Q8Caw2HJIuROWfeUqJbC0se7H97YVFXjRCTHS42gkdog%2B6zx7%2BybCVs67%2FdRyZNlHpJGtrSlIhXPZFdBootR3HPDwrZpkYaLQEAt74F5EcdeLoJhkk4Ur5yZKXT6bnGeW4wpusBNCwTv3nNS0YTenfZNPJ1XsZMvOEWShjz1jTPgiFLDqs5RcOB9mcP3CILuFWGs0rYUdi3kmMjtSgaMu5evXI5W8QgQlofzmWLywAb8ocXL98ggHG1Kz5ETx8lP594YtSTBa7zLLomFkL4fQVzWNqOgtbTnJ7CrSgrSMmTCaqg3mULBJh4g9dwIjCXwVkOgXWbjOKVfeTb1IOSPD7gezsthnwrafKNt2%2F9x%2FBDa8C7HIUM%2By76sN3mnUFS7xRkkw3kK2efFgQaV%2BRbmeVKnEO%2Fp0DI%2FIx5IcAQvfN9dM2S6vaFb6hDdimkEcS4vE3SI5Y6KK%2B17Qe4xC8vJzfWNWjRCVoiRWR2yjta%2BYHTp4gZcpp1rOgDPc6TjhMSGKV2sAvRrmilVUx2kaaAwMKYcBLEjDNpXSS01oCA%2BiiwSLj3IK4XsXovjjtXJe0yueNSIOGa1JIdog2RGU6zysGwRKxTSjqnwhx4J7LP17NXIDryxufdaAZUPQdEeNMZdumrHOHGXfUEeV7U6hFk%2F2ns12BpzgGGCgF%2FpN9hJXlB5SKvHTUMN9H0fJlDP9XJwu13%2Fkgts0XyGjh%2BQQ5BRtsHV3CydQnJQlf7xt1932vZvb%2FWJLMR0VXsJSq8ZlcZKpSSQ0Yb1ELC2zF8sgTv7EnY%2FaK1guOt%2F7VYFR%2Bl%2BwYSYoUs4PTKAjJ9enY%2FIYyJqkgtSM6L8YhFMlqoayY0XkkmWCpF4YAB3oeF1yF5iIjFjBc46pMbTmaYt9IzECPLCcDpuQS%2FngipW7biWupcPdS4%2B59CZ0vFg0gQRNBcQYAifba%2BR0rcme%2BW%2BjIaz%2FseRF8odekQ4h%2F4Ov3JkUW9CztiWxtH2GGPPo6dsvRNc5R44F6VW2Xwm8gpBkH%2F0IsntGW3REbjSKNxUNSk1x8trsAGG0%2BJKetXjgH6iadPLyHMt%2BZhVZsv4giqgSJlugparawkSDvUldkBquU33sAey0NkGKFVA2JWjmgrxElEkhqGhgtmymRQssvN6mFyrs2PnniiK8AmmoqtH7wAp0IktQ6HCRcq%2BxdR%2B%2FSHZtSIu701eamBbzusRRN7RBVinTtWGhu2t1peH83QT9DHEAb0xovljvqY%2BG0VKLnWzFIaYJMSM0WH0o%2BktlNT3vs0n2ZJ5sXUR4c7YRrq0JRkhUjSxV0bNlwmQ2rF%2FTb1WNnq0StZMi8ToodSGUS8fCzqpKT9WVyYySXoV23CQEqBzXO1Ip60%2FuNbC6f6H5atH2ZGN3mk6pIFWeb4AYdvW7JLSw2zdFiYGJCeuN59oQo9G%2FKdzZNCLfFXHmt9f42yNU1BizXHUzDeApY8hmw7VM%2B%2BXYyEDr4wT7hzMnjNFfAxWOWFh5OlwtAxXCK6ArzYGdwoe2xzJNinAZTql3mkf5gQElPHjeQnLaKHERswnL0oK5g3o10UNzU2gO0s9SLsiel0bV7YT4k%2FBQcqoJndCRA9Oo3CWc8vlidhSt70Mnx30bRSaNMtxjfpD7441cyymzzj8nRmTcaFtKSBN%2BJq7%2BxBK6jiDkj9DnmYltFOLvnhatjsNDL%2FwoAjvfXPmq8zTRQN7DlPo%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html
enterprise-security.us-southeast-1.linodeobjects.com/
362 B
697 B
Document
General
Full URL
https://enterprise-security.us-southeast-1.linodeobjects.com/AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html?51e3acadda86d6e6ca9a098a637ff0d2m2wuug9e=U2FsdGVkX1%2BQuHWsjwSW4l6kpPPcHsJnZe3P%2BUCnmONWzH0HasmTJtUQqXMfs1nEojl0u2dbP5AZSeG%2BW3zxhu1R4IAX%2Bhb%2Bn3oJ%2BNs9adE0tL2Ok25Kwz6SvWlx4noE2G7l7h2X2377xBQ%2BbA%2Fh0AEGCXP5j4ch7JvHk5yYdzwvXTubXM2OqkOI2v75XdoXHyKF9QkfyEyMKIE4TA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:3c02::f03c:92ff:fe32:7a8a Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
/
Resource Hash
18135829acd90e2bf629bc154a811de8f0f9ae25bca1d0555150562d2677c6fe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
362
Content-Type
text/html
Date
Thu, 31 Oct 2024 07:12:24 GMT
ETag
"5044e82486ebaa8f9ef737750439b570"
Last-Modified
Fri, 23 Aug 2024 11:23:15 GMT
x-amz-request-id
tx00000ecc212c2bfb6b8b5-0067232dd8-104a0c6b9-default
x-rgw-object-type
Normal
447436dd-ec93-4348-96a7-8d2b6be772c9.js
cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/
1 MB
212 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/447436dd-ec93-4348-96a7-8d2b6be772c9.js?hash=6b06db943f081ebee689f376c8b231d1&Inw1hBXBNLNO60Kq=FkHLfXbSKaQTPKY7TGJ2Lc5c5UFyZzeEtKzr1NLvJ0BWxs5tXS1ymeS
Requested by
Host: enterprise-security.us-southeast-1.linodeobjects.com
URL: https://enterprise-security.us-southeast-1.linodeobjects.com/AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html?51e3acadda86d6e6ca9a098a637ff0d2m2wuug9e=U2FsdGVkX1%2BQuHWsjwSW4l6kpPPcHsJnZe3P%2BUCnmONWzH0HasmTJtUQqXMfs1nEojl0u2dbP5AZSeG%2BW3zxhu1R4IAX%2Bhb%2Bn3oJ%2BNs9adE0tL2Ok25Kwz6SvWlx4noE2G7l7h2X2377xBQ%2BbA%2Fh0AEGCXP5j4ch7JvHk5yYdzwvXTubXM2OqkOI2v75XdoXHyKF9QkfyEyMKIE4TA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1dd6b37f3b96f71636d71fcb933493ba7f46a973a2a3f0cebf0cadf14ad855ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://enterprise-security.us-southeast-1.linodeobjects.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"10b1c4-jVYOgoSZvLwZEx1MSe5tobfl2Hg"
age
37858
x-content-type-options
nosniff
x-jsd-version-type
branch
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Thu, 31 Oct 2024 07:12:24 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230120-FRA, cache-mia-kmia1760046-MIA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
216213
x-jsd-version
main
/
ipapi.co/json/
776 B
1 KB
Fetch
General
Full URL
https://ipapi.co/json/
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/447436dd-ec93-4348-96a7-8d2b6be772c9.js?hash=6b06db943f081ebee689f376c8b231d1&Inw1hBXBNLNO60Kq=FkHLfXbSKaQTPKY7TGJ2Lc5c5UFyZzeEtKzr1NLvJ0BWxs5tXS1ymeS
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::681a:82c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f9f57bcdbc4feb60c430438d55352adf8442e77624a2754dd084204adf5418e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://enterprise-security.us-southeast-1.linodeobjects.com/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LKHFl%2B3lTarYXdDKWJj77wduOxVqx2aOuQWT%2BtPJOVKcFIAT5SdOB7%2BCqWbugz7qXXql%2Bmu3cOuAskaB7aYsek3BWHgyf8xXdmTs6lkmr0yjcEqbHGxAZQ9U6FRj2%2BZIlAa%2FFWLA"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=29961&sent=9&recv=14&lost=0&retrans=0&sent_bytes=3389&recv_bytes=2287&delivery_rate=130064&cwnd=255&unsent_bytes=0&cid=9b95108830b0d608&ts=165&x=0"
date
Thu, 31 Oct 2024 07:12:24 GMT
content-type
application/json
vary
Host, origin
x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
referrer-policy
same-origin
allow
OPTIONS, OPTIONS, HEAD, GET, POST
cf-ray
8db1d628985574a8-MIA
access-control-allow-origin
https://enterprise-security.us-southeast-1.linodeobjects.com
server
cloudflare
css2
fonts.googleapis.com/
23 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300;1,400;1,500;1,700&display=swap
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/447436dd-ec93-4348-96a7-8d2b6be772c9.js?hash=6b06db943f081ebee689f376c8b231d1&Inw1hBXBNLNO60Kq=FkHLfXbSKaQTPKY7TGJ2Lc5c5UFyZzeEtKzr1NLvJ0BWxs5tXS1ymeS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
42e7fa075a3c7f7d20b5828b55fa1ac66b6dab81ae77852dbf7220c70d56b9fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://enterprise-security.us-southeast-1.linodeobjects.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 07:12:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 07:12:24 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 31 Oct 2024 06:18:35 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
37 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/447436dd-ec93-4348-96a7-8d2b6be772c9.js?hash=6b06db943f081ebee689f376c8b231d1&Inw1hBXBNLNO60Kq=FkHLfXbSKaQTPKY7TGJ2Lc5c5UFyZzeEtKzr1NLvJ0BWxs5tXS1ymeS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://enterprise-security.us-southeast-1.linodeobjects.com
Referer
https://enterprise-security.us-southeast-1.linodeobjects.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e5f-9226"
age
52335
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=42IDfSIemKfZ%2BD0VxNc%2FSNFLlQmWHofG9x6t0SDlQaYcvGjEyryPEcgNt7FhBOJjZFR3%2BqE6X8HuBwe%2FLfnBmyAn3Ewq8ZFs9etXcLTLhYYsV40CTr6%2Bg2tBM5KyrFMGFjFml0JF7b%2Bc8xDJUnzuyt13"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 21 Oct 2025 07:12:24 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 31 Oct 2024 07:12:24 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8db1d6289f387487-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
5884
server
cloudflare
truncated
/
685 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de35e1476372d3afbc25fc0ac689d7933145099fbd36d63cf049fa6de4814808

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
Primary Request AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html
enterprise-security.us-southeast-1.linodeobjects.com/
362 B
697 B
Document
General
Full URL
https://enterprise-security.us-southeast-1.linodeobjects.com/AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html?863dad22d5c165b34b58ea44c535eca0m2wyx45e=U2FsdGVkX1%2FZwwpGB2WWpM%2FlJZ%2FxvS6PBbWfUNGf%2FD7oqA%2Fb%2F7SmKDrplofOGJZik4dP2nWOnLpbcz3iZ8Q2OgVnHE2%2Bl%2B4bkGfWVKWZuAQ0jTgs2FWJENn0AXzdc%2Flrrb0IySjZmNtVWmsKmGQL0dCFKV%2BQGcyK1vBzkxI3W9KDrbB07P%2BhSk2TdPES5OBEYEGI8f%2FeyaQb9YZAxdst%2B17ubElIF%2ByjlZdnTb89EHA2y7MNLpE7L7q9hK6zFSzNA046HcFuDTU9Pa4esSPLLWV9tx%2BJEv4wKOi8nEYioIjuFn01MHU4sX6aSz%2FAnl9QGbZb7SrPRsG6oOQXQaHfH2yjIYlz5k8OkWSuWnvB9A%2FOarJJAlWwW52eN7etCOV%2Fq0luDXsb1gXBAZXRuOqCFVQWYkKa35UhQWr%2FBQRUJWZZjdI6IkSpOPX7UyzzD5GPIIHpnSDG1kDfqPs3KTdOa3pC45D4XTCW6TULuYmwdfkyrqdkVd%2B7W0TdD5dv5mtYvam8D4mSafRdySN2nxo%2B%2BDLu51WeVXN70xbPLHPgt54qel%2FXteK%2FzN2w3l8d6v08CXKjn0QuK3O%2FG44MXnHyudr2dUDJRvpI0j6muyTJ1D0g4RiuHRaSafvL7jMj6%2BVDHw7x4I0MmmZSTptitL11CvnYMg%2Bds3tJ27akaSRxgl0CnNCJWHxcVxJYzubCOZfOhYjJBVDHjBWvPvTfOaQqpLr%2FXLnq6j6zMbY3FIPT2HL6TtP%2BO2jp6YmydZo5f5gKq0JA%2BUDSTS5eBihWzGmyDLLUPvGCaHuS%2FCD5QXJGnPqYITa8RZY0ipMd12HFEwqsihlnSRmu8wghhzmU9eOUzxsvi66R%2BTz0uPIjO%2ByVplff3cLBwTo0uze6F8rCq1gBFixdLhWXlm933kSSxHGZyMF5Pb%2FI976M6zQGm0ZDYSGKPFeemi42ePeH%2FAVvM33Q8Caw2HJIuROWfeUqJbC0se7H97YVFXjRCTHS42gkdog%2B6zx7%2BybCVs67%2FdRyZNlHpJGtrSlIhXPZFdBootR3HPDwrZpkYaLQEAt74F5EcdeLoJhkk4Ur5yZKXT6bnGeW4wpusBNCwTv3nNS0YTenfZNPJ1XsZMvOEWShjz1jTPgiFLDqs5RcOB9mcP3CILuFWGs0rYUdi3kmMjtSgaMu5evXI5W8QgQlofzmWLywAb8ocXL98ggHG1Kz5ETx8lP594YtSTBa7zLLomFkL4fQVzWNqOgtbTnJ7CrSgrSMmTCaqg3mULBJh4g9dwIjCXwVkOgXWbjOKVfeTb1IOSPD7gezsthnwrafKNt2%2F9x%2FBDa8C7HIUM%2By76sN3mnUFS7xRkkw3kK2efFgQaV%2BRbmeVKnEO%2Fp0DI%2FIx5IcAQvfN9dM2S6vaFb6hDdimkEcS4vE3SI5Y6KK%2B17Qe4xC8vJzfWNWjRCVoiRWR2yjta%2BYHTp4gZcpp1rOgDPc6TjhMSGKV2sAvRrmilVUx2kaaAwMKYcBLEjDNpXSS01oCA%2BiiwSLj3IK4XsXovjjtXJe0yueNSIOGa1JIdog2RGU6zysGwRKxTSjqnwhx4J7LP17NXIDryxufdaAZUPQdEeNMZdumrHOHGXfUEeV7U6hFk%2F2ns12BpzgGGCgF%2FpN9hJXlB5SKvHTUMN9H0fJlDP9XJwu13%2Fkgts0XyGjh%2BQQ5BRtsHV3CydQnJQlf7xt1932vZvb%2FWJLMR0VXsJSq8ZlcZKpSSQ0Yb1ELC2zF8sgTv7EnY%2FaK1guOt%2F7VYFR%2Bl%2BwYSYoUs4PTKAjJ9enY%2FIYyJqkgtSM6L8YhFMlqoayY0XkkmWCpF4YAB3oeF1yF5iIjFjBc46pMbTmaYt9IzECPLCcDpuQS%2FngipW7biWupcPdS4%2B59CZ0vFg0gQRNBcQYAifba%2BR0rcme%2BW%2BjIaz%2FseRF8odekQ4h%2F4Ov3JkUW9CztiWxtH2GGPPo6dsvRNc5R44F6VW2Xwm8gpBkH%2F0IsntGW3REbjSKNxUNSk1x8trsAGG0%2BJKetXjgH6iadPLyHMt%2BZhVZsv4giqgSJlugparawkSDvUldkBquU33sAey0NkGKFVA2JWjmgrxElEkhqGhgtmymRQssvN6mFyrs2PnniiK8AmmoqtH7wAp0IktQ6HCRcq%2BxdR%2B%2FSHZtSIu701eamBbzusRRN7RBVinTtWGhu2t1peH83QT9DHEAb0xovljvqY%2BG0VKLnWzFIaYJMSM0WH0o%2BktlNT3vs0n2ZJ5sXUR4c7YRrq0JRkhUjSxV0bNlwmQ2rF%2FTb1WNnq0StZMi8ToodSGUS8fCzqpKT9WVyYySXoV23CQEqBzXO1Ip60%2FuNbC6f6H5atH2ZGN3mk6pIFWeb4AYdvW7JLSw2zdFiYGJCeuN59oQo9G%2FKdzZNCLfFXHmt9f42yNU1BizXHUzDeApY8hmw7VM%2B%2BXYyEDr4wT7hzMnjNFfAxWOWFh5OlwtAxXCK6ArzYGdwoe2xzJNinAZTql3mkf5gQElPHjeQnLaKHERswnL0oK5g3o10UNzU2gO0s9SLsiel0bV7YT4k%2FBQcqoJndCRA9Oo3CWc8vlidhSt70Mnx30bRSaNMtxjfpD7441cyymzzj8nRmTcaFtKSBN%2BJq7%2BxBK6jiDkj9DnmYltFOLvnhatjsNDL%2FwoAjvfXPmq8zTRQN7DlPo%3D
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/447436dd-ec93-4348-96a7-8d2b6be772c9.js?hash=6b06db943f081ebee689f376c8b231d1&Inw1hBXBNLNO60Kq=FkHLfXbSKaQTPKY7TGJ2Lc5c5UFyZzeEtKzr1NLvJ0BWxs5tXS1ymeS
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:3c02::f03c:92ff:fe32:7a8a Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
/
Resource Hash
18135829acd90e2bf629bc154a811de8f0f9ae25bca1d0555150562d2677c6fe

Request headers

Referer
https://enterprise-security.us-southeast-1.linodeobjects.com/AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html?863dad22d5c165b34b58ea44c535eca0m2wyx45e=U2FsdGVkX1%2FZwwpGB2WWpM%2FlJZ%2FxvS6PBbWfUNGf%2FD7oqA%2Fb%2F7SmKDrplofOGJZik4dP2nWOnLpbcz3iZ8Q2OgVnHE2%2Bl%2B4bkGfWVKWZuAQ0jTgs2FWJENn0AXzdc%2Flrrb0IySjZmNtVWmsKmGQL0dCFKV%2BQGcyK1vBzkxI3W9KDrbB07P%2BhSk2TdPES5OBEYEGI8f%2FeyaQb9YZAxdst%2B17ubElIF%2ByjlZdnTb89EHA2y7MNLpE7L7q9hK6zFSzNA046HcFuDTU9Pa4esSPLLWV9tx%2BJEv4wKOi8nEYioIjuFn01MHU4sX6aSz%2FAnl9QGbZb7SrPRsG6oOQXQaHfH2yjIYlz5k8OkWSuWnvB9A%2FOarJJAlWwW52eN7etCOV%2Fq0luDXsb1gXBAZXRuOqCFVQWYkKa35UhQWr%2FBQRUJWZZjdI6IkSpOPX7UyzzD5GPIIHpnSDG1kDfqPs3KTdOa3pC45D4XTCW6TULuYmwdfkyrqdkVd%2B7W0TdD5dv5mtYvam8D4mSafRdySN2nxo%2B%2BDLu51WeVXN70xbPLHPgt54qel%2FXteK%2FzN2w3l8d6v08CXKjn0QuK3O%2FG44MXnHyudr2dUDJRvpI0j6muyTJ1D0g4RiuHRaSafvL7jMj6%2BVDHw7x4I0MmmZSTptitL11CvnYMg%2Bds3tJ27akaSRxgl0CnNCJWHxcVxJYzubCOZfOhYjJBVDHjBWvPvTfOaQqpLr%2FXLnq6j6zMbY3FIPT2HL6TtP%2BO2jp6YmydZo5f5gKq0JA%2BUDSTS5eBihWzGmyDLLUPvGCaHuS%2FCD5QXJGnPqYITa8RZY0ipMd12HFEwqsihlnSRmu8wghhzmU9eOUzxsvi66R%2BTz0uPIjO%2ByVplff3cLBwTo0uze6F8rCq1gBFixdLhWXlm933kSSxHGZyMF5Pb%2FI976M6zQGm0ZDYSGKPFeemi42ePeH%2FAVvM33Q8Caw2HJIuROWfeUqJbC0se7H97YVFXjRCTHS42gkdog%2B6zx7%2BybCVs67%2FdRyZNlHpJGtrSlIhXPZFdBootR3HPDwrZpkYaLQEAt74F5EcdeLoJhkk4Ur5yZKXT6bnGeW4wpusBNCwTv3nNS0YTenfZNPJ1XsZMvOEWShjz1jTPgiFLDqs5RcOB9mcP3CILuFWGs0rYUdi3kmMjtSgaMu5evXI5W8QgQlofzmWLywAb8ocXL98ggHG1Kz5ETx8lP594YtSTBa7zLLomFkL4fQVzWNqOgtbTnJ7CrSgrSMmTCaqg3mULBJh4g9dwIjCXwVkOgXWbjOKVfeTb1IOSPD7gezsthnwrafKNt2%2F9x%2FBDa8C7HIUM%2By76sN3mnUFS7xRkkw3kK2efFgQaV%2BRbmeVKnEO%2Fp0DI%2FIx5IcAQvfN9dM2S6vaFb6hDdimkEcS4vE3SI5Y6KK%2B17Qe4xC8vJzfWNWjRCVoiRWR2yjta%2BYHTp4gZcpp1rOgDPc6TjhMSGKV2sAvRrmilVUx2kaaAwMKYcBLEjDNpXSS01oCA%2BiiwSLj3IK4XsXovjjtXJe0yueNSIOGa1JIdog2RGU6zysGwRKxTSjqnwhx4J7LP17NXIDryxufdaAZUPQdEeNMZdumrHOHGXfUEeV7U6hFk%2F2ns12BpzgGGCgF%2FpN9hJXlB5SKvHTUMN9H0fJlDP9XJwu13%2Fkgts0XyGjh%2BQQ5BRtsHV3CydQnJQlf7xt1932vZvb%2FWJLMR0VXsJSq8ZlcZKpSSQ0Yb1ELC2zF8sgTv7EnY%2FaK1guOt%2F7VYFR%2Bl%2BwYSYoUs4PTKAjJ9enY%2FIYyJqkgtSM6L8YhFMlqoayY0XkkmWCpF4YAB3oeF1yF5iIjFjBc46pMbTmaYt9IzECPLCcDpuQS%2FngipW7biWupcPdS4%2B59CZ0vFg0gQRNBcQYAifba%2BR0rcme%2BW%2BjIaz%2FseRF8odekQ4h%2F4Ov3JkUW9CztiWxtH2GGPPo6dsvRNc5R44F6VW2Xwm8gpBkH%2F0IsntGW3REbjSKNxUNSk1x8trsAGG0%2BJKetXjgH6iadPLyHMt%2BZhVZsv4giqgSJlugparawkSDvUldkBquU33sAey0NkGKFVA2JWjmgrxElEkhqGhgtmymRQssvN6mFyrs2PnniiK8AmmoqtH7wAp0IktQ6HCRcq%2BxdR%2B%2FSHZtSIu701eamBbzusRRN7RBVinTtWGhu2t1peH83QT9DHEAb0xovljvqY%2BG0VKLnWzFIaYJMSM0WH0o%2BktlNT3vs0n2ZJ5sXUR4c7YRrq0JRkhUjSxV0bNlwmQ2rF%2FTb1WNnq0StZMi8ToodSGUS8fCzqpKT9WVyYySXoV23CQEqBzXO1Ip60%2FuNbC6f6H5atH2ZGN3mk6pIFWeb4AYdvW7JLSw2zdFiYGJCeuN59oQo9G%2FKdzZNCLfFXHmt9f42yNU1BizXHUzDeApY8hmw7VM%2B%2BXYyEDr4wT7hzMnjNFfAxWOWFh5OlwtAxXCK6ArzYGdwoe2xzJNinAZTql3mkf5gQElPHjeQnLaKHERswnL0oK5g3o10UNzU2gO0s9SLsiel0bV7YT4k%2FBQcqoJndCRA9Oo3CWc8vlidhSt70Mnx30bRSaNMtxjfpD7441cyymzzj8nRmTcaFtKSBN%2BJq7%2BxBK6jiDkj9DnmYltFOLvnhatjsNDL%2FwoAjvfXPmq8zTRQN7DlPo%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
362
Content-Type
text/html
Date
Thu, 31 Oct 2024 07:12:24 GMT
ETag
"5044e82486ebaa8f9ef737750439b570"
Last-Modified
Fri, 23 Aug 2024 11:23:15 GMT
x-amz-request-id
tx00000a23a6c8b4a7134c5-0067232dd8-10505e96f-default
x-rgw-object-type
Normal
fa37e6e4fd65b2e85394.ico
cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/
3 KB
3 KB
Other
General
Full URL
https://cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/fa37e6e4fd65b2e85394.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://enterprise-security.us-southeast-1.linodeobjects.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"b6a-fOM3ZVcFRLN/5u6ptcQ1FamiwRI"
age
22399
x-content-type-options
nosniff
x-jsd-version-type
branch
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Thu, 31 Oct 2024 07:12:24 GMT
content-type
image/vnd.microsoft.icon
x-served-by
cache-fra-eddf8230114-FRA, cache-mia-kmia1760046-MIA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
2661
x-jsd-version
main
447436dd-ec93-4348-96a7-8d2b6be772c9.js
cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/
1 MB
0
Script
General
Full URL
https://cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/447436dd-ec93-4348-96a7-8d2b6be772c9.js?hash=6b06db943f081ebee689f376c8b231d1&Inw1hBXBNLNO60Kq=FkHLfXbSKaQTPKY7TGJ2Lc5c5UFyZzeEtKzr1NLvJ0BWxs5tXS1ymeS
Requested by
Host: enterprise-security.us-southeast-1.linodeobjects.com
URL: https://enterprise-security.us-southeast-1.linodeobjects.com/AAQkAGUwYjFhZmE0LTU0OGQtNGMzZS04YWM4LTNmYWY0OT.html?863dad22d5c165b34b58ea44c535eca0m2wyx45e=U2FsdGVkX1%2FZwwpGB2WWpM%2FlJZ%2FxvS6PBbWfUNGf%2FD7oqA%2Fb%2F7SmKDrplofOGJZik4dP2nWOnLpbcz3iZ8Q2OgVnHE2%2Bl%2B4bkGfWVKWZuAQ0jTgs2FWJENn0AXzdc%2Flrrb0IySjZmNtVWmsKmGQL0dCFKV%2BQGcyK1vBzkxI3W9KDrbB07P%2BhSk2TdPES5OBEYEGI8f%2FeyaQb9YZAxdst%2B17ubElIF%2ByjlZdnTb89EHA2y7MNLpE7L7q9hK6zFSzNA046HcFuDTU9Pa4esSPLLWV9tx%2BJEv4wKOi8nEYioIjuFn01MHU4sX6aSz%2FAnl9QGbZb7SrPRsG6oOQXQaHfH2yjIYlz5k8OkWSuWnvB9A%2FOarJJAlWwW52eN7etCOV%2Fq0luDXsb1gXBAZXRuOqCFVQWYkKa35UhQWr%2FBQRUJWZZjdI6IkSpOPX7UyzzD5GPIIHpnSDG1kDfqPs3KTdOa3pC45D4XTCW6TULuYmwdfkyrqdkVd%2B7W0TdD5dv5mtYvam8D4mSafRdySN2nxo%2B%2BDLu51WeVXN70xbPLHPgt54qel%2FXteK%2FzN2w3l8d6v08CXKjn0QuK3O%2FG44MXnHyudr2dUDJRvpI0j6muyTJ1D0g4RiuHRaSafvL7jMj6%2BVDHw7x4I0MmmZSTptitL11CvnYMg%2Bds3tJ27akaSRxgl0CnNCJWHxcVxJYzubCOZfOhYjJBVDHjBWvPvTfOaQqpLr%2FXLnq6j6zMbY3FIPT2HL6TtP%2BO2jp6YmydZo5f5gKq0JA%2BUDSTS5eBihWzGmyDLLUPvGCaHuS%2FCD5QXJGnPqYITa8RZY0ipMd12HFEwqsihlnSRmu8wghhzmU9eOUzxsvi66R%2BTz0uPIjO%2ByVplff3cLBwTo0uze6F8rCq1gBFixdLhWXlm933kSSxHGZyMF5Pb%2FI976M6zQGm0ZDYSGKPFeemi42ePeH%2FAVvM33Q8Caw2HJIuROWfeUqJbC0se7H97YVFXjRCTHS42gkdog%2B6zx7%2BybCVs67%2FdRyZNlHpJGtrSlIhXPZFdBootR3HPDwrZpkYaLQEAt74F5EcdeLoJhkk4Ur5yZKXT6bnGeW4wpusBNCwTv3nNS0YTenfZNPJ1XsZMvOEWShjz1jTPgiFLDqs5RcOB9mcP3CILuFWGs0rYUdi3kmMjtSgaMu5evXI5W8QgQlofzmWLywAb8ocXL98ggHG1Kz5ETx8lP594YtSTBa7zLLomFkL4fQVzWNqOgtbTnJ7CrSgrSMmTCaqg3mULBJh4g9dwIjCXwVkOgXWbjOKVfeTb1IOSPD7gezsthnwrafKNt2%2F9x%2FBDa8C7HIUM%2By76sN3mnUFS7xRkkw3kK2efFgQaV%2BRbmeVKnEO%2Fp0DI%2FIx5IcAQvfN9dM2S6vaFb6hDdimkEcS4vE3SI5Y6KK%2B17Qe4xC8vJzfWNWjRCVoiRWR2yjta%2BYHTp4gZcpp1rOgDPc6TjhMSGKV2sAvRrmilVUx2kaaAwMKYcBLEjDNpXSS01oCA%2BiiwSLj3IK4XsXovjjtXJe0yueNSIOGa1JIdog2RGU6zysGwRKxTSjqnwhx4J7LP17NXIDryxufdaAZUPQdEeNMZdumrHOHGXfUEeV7U6hFk%2F2ns12BpzgGGCgF%2FpN9hJXlB5SKvHTUMN9H0fJlDP9XJwu13%2Fkgts0XyGjh%2BQQ5BRtsHV3CydQnJQlf7xt1932vZvb%2FWJLMR0VXsJSq8ZlcZKpSSQ0Yb1ELC2zF8sgTv7EnY%2FaK1guOt%2F7VYFR%2Bl%2BwYSYoUs4PTKAjJ9enY%2FIYyJqkgtSM6L8YhFMlqoayY0XkkmWCpF4YAB3oeF1yF5iIjFjBc46pMbTmaYt9IzECPLCcDpuQS%2FngipW7biWupcPdS4%2B59CZ0vFg0gQRNBcQYAifba%2BR0rcme%2BW%2BjIaz%2FseRF8odekQ4h%2F4Ov3JkUW9CztiWxtH2GGPPo6dsvRNc5R44F6VW2Xwm8gpBkH%2F0IsntGW3REbjSKNxUNSk1x8trsAGG0%2BJKetXjgH6iadPLyHMt%2BZhVZsv4giqgSJlugparawkSDvUldkBquU33sAey0NkGKFVA2JWjmgrxElEkhqGhgtmymRQssvN6mFyrs2PnniiK8AmmoqtH7wAp0IktQ6HCRcq%2BxdR%2B%2FSHZtSIu701eamBbzusRRN7RBVinTtWGhu2t1peH83QT9DHEAb0xovljvqY%2BG0VKLnWzFIaYJMSM0WH0o%2BktlNT3vs0n2ZJ5sXUR4c7YRrq0JRkhUjSxV0bNlwmQ2rF%2FTb1WNnq0StZMi8ToodSGUS8fCzqpKT9WVyYySXoV23CQEqBzXO1Ip60%2FuNbC6f6H5atH2ZGN3mk6pIFWeb4AYdvW7JLSw2zdFiYGJCeuN59oQo9G%2FKdzZNCLfFXHmt9f42yNU1BizXHUzDeApY8hmw7VM%2B%2BXYyEDr4wT7hzMnjNFfAxWOWFh5OlwtAxXCK6ArzYGdwoe2xzJNinAZTql3mkf5gQElPHjeQnLaKHERswnL0oK5g3o10UNzU2gO0s9SLsiel0bV7YT4k%2FBQcqoJndCRA9Oo3CWc8vlidhSt70Mnx30bRSaNMtxjfpD7441cyymzzj8nRmTcaFtKSBN%2BJq7%2BxBK6jiDkj9DnmYltFOLvnhatjsNDL%2FwoAjvfXPmq8zTRQN7DlPo%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1dd6b37f3b96f71636d71fcb933493ba7f46a973a2a3f0cebf0cadf14ad855ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://enterprise-security.us-southeast-1.linodeobjects.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"10b1c4-jVYOgoSZvLwZEx1MSe5tobfl2Hg"
age
37858
x-content-type-options
nosniff
x-jsd-version-type
branch
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Thu, 31 Oct 2024 07:12:24 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230120-FRA, cache-mia-kmia1760046-MIA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
216213
x-jsd-version
main
css2
fonts.googleapis.com/
23 KB
0
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300;1,400;1,500;1,700&display=swap
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/447436dd-ec93-4348-96a7-8d2b6be772c9.js?hash=6b06db943f081ebee689f376c8b231d1&Inw1hBXBNLNO60Kq=FkHLfXbSKaQTPKY7TGJ2Lc5c5UFyZzeEtKzr1NLvJ0BWxs5tXS1ymeS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
42e7fa075a3c7f7d20b5828b55fa1ac66b6dab81ae77852dbf7220c70d56b9fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://enterprise-security.us-southeast-1.linodeobjects.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 31 Oct 2024 07:12:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 31 Oct 2024 07:12:24 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 31 Oct 2024 06:18:35 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
font-awesome.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
37 KB
0
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/447436dd-ec93-4348-96a7-8d2b6be772c9.js?hash=6b06db943f081ebee689f376c8b231d1&Inw1hBXBNLNO60Kq=FkHLfXbSKaQTPKY7TGJ2Lc5c5UFyZzeEtKzr1NLvJ0BWxs5tXS1ymeS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://enterprise-security.us-southeast-1.linodeobjects.com
Referer
https://enterprise-security.us-southeast-1.linodeobjects.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e5f-9226"
age
52335
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=42IDfSIemKfZ%2BD0VxNc%2FSNFLlQmWHofG9x6t0SDlQaYcvGjEyryPEcgNt7FhBOJjZFR3%2BqE6X8HuBwe%2FLfnBmyAn3Ewq8ZFs9etXcLTLhYYsV40CTr6%2Bg2tBM5KyrFMGFjFml0JF7b%2Bc8xDJUnzuyt13"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Tue, 21 Oct 2025 07:12:24 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 31 Oct 2024 07:12:24 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8db1d6289f387487-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
5884
server
cloudflare
truncated
/
685 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
de35e1476372d3afbc25fc0ac689d7933145099fbd36d63cf049fa6de4814808

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
847fc5ec58b3a0af255c.svg
cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/
10 KB
4 KB
Image
General
Full URL
https://cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/847fc5ec58b3a0af255c.svg
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
93cacbb2f74c55645024c9823873891b4633146a9f6f61c8be080d72924fd0b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://enterprise-security.us-southeast-1.linodeobjects.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"2862-hHt4UmUbn14GK+5pRTJqrKn77yo"
age
22399
x-content-type-options
nosniff
x-jsd-version-type
branch
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Thu, 31 Oct 2024 07:12:24 GMT
content-type
image/svg+xml
x-served-by
cache-fra-etou8220027-FRA, cache-mia-kmia1760057-MIA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
4186
x-jsd-version
main
07308ee98aa47f067087.jpg
cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/
47 KB
47 KB
Image
General
Full URL
https://cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/07308ee98aa47f067087.jpg
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5fe991e3985f36c957bc2a0b9a212052210b988b5536059e5fe8544a5104eb19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://enterprise-security.us-southeast-1.linodeobjects.com/

Response headers

access-control-expose-headers
*
etag
W/"bb2d-R6INHyIRvyFsefPELpTtq+Z2Xhs"
age
22399
x-content-type-options
nosniff
x-jsd-version-type
branch
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Thu, 31 Oct 2024 07:12:24 GMT
content-type
image/jpeg
x-served-by
cache-fra-etou8220086-FRA, cache-mia-kmia1760057-MIA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
47917
x-jsd-version
main
fa37e6e4fd65b2e85394.ico
cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/
3 KB
0
Other
General
Full URL
https://cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/fa37e6e4fd65b2e85394.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9ac552c9c42db29135a722f8e7c2d897257115f50432180518b3b63ccf2e6078
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://enterprise-security.us-southeast-1.linodeobjects.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"b6a-fOM3ZVcFRLN/5u6ptcQ1FamiwRI"
age
22399
x-content-type-options
nosniff
x-jsd-version-type
branch
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Thu, 31 Oct 2024 07:12:24 GMT
content-type
image/vnd.microsoft.icon
x-served-by
cache-fra-eddf8230114-FRA, cache-mia-kmia1760046-MIA
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
2661
x-jsd-version
main
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300;1,400;1,500;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://enterprise-security.us-southeast-1.linodeobjects.com
Referer
https://fonts.googleapis.com/

Response headers

age
132276
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 18:27:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 18:27:48 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
59947dbf5efae9de77d2.png
cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/
39 KB
39 KB
Image
General
Full URL
https://cdn.jsdelivr.net/gh/justwetdeyplay/benign-release-lv7zqt14@main/59947dbf5efae9de77d2.png
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae9cc64390a76c779bd0da29fcff4dd063438985d6f9c331c3b984534dd5e6cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://enterprise-security.us-southeast-1.linodeobjects.com/

Response headers

access-control-expose-headers
*
etag
W/"9bfa-VMzIIL3VLYG1XjC0dZwRdZSmoyQ"
age
22399
x-content-type-options
nosniff
x-jsd-version-type
branch
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Thu, 31 Oct 2024 07:12:24 GMT
content-type
image/png
x-served-by
cache-fra-etou8220066-FRA, cache-mia-kmia1760057-MIA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
39930
x-jsd-version
main
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300;1,400;1,500;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://enterprise-security.us-southeast-1.linodeobjects.com
Referer
https://fonts.googleapis.com/

Response headers

age
37112
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 20:53:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 20:53:52 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;1,100;1,300;1,400;1,500;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f3.1e100.net
Software
sffe /
Resource Hash
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://enterprise-security.us-southeast-1.linodeobjects.com
Referer
https://fonts.googleapis.com/

Response headers

age
37378
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 20:49:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 20:49:26 GMT
last-modified
Thu, 01 Aug 2024 20:41:21 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18596
x-xss-protection
0
server
sffe

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OneDrive (Online)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| a0_0x50ba function| a0_0x1f1b

0 Cookies