nfrc-myreport-af.com Open in urlscan Pro
2606:4700:3035::6815:102a Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nfrc-myreport-af.com/
Effective URL:
https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYj...
Submission: On June 09 via api (June 9th 2024, 12:01:35 am UTC) from BE — Scanned from DE

Summary HTTP 21 Redirects Links 65 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3035::6815:102a, located in United States and belongs to CLOUDFLARENET, US. The main domain is nfrc-myreport-af.com.
TLS certificate: Issued by E1 on June 6th 2024. Valid for: 3 months.

This is the only time nfrc-myreport-af.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
2 17	2606:4700:303... 2606:4700:3035::6815:102a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
21	3

17 2606:4700:3035::6815:102a (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

nfrc-myreport-af.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	nfrc-myreport-af.com 2 redirects nfrc-myreport-af.com	221 KB
5	gstatic.com fonts.gstatic.com	149 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	2 KB
21	3

	Domain	Requested by
17	nfrc-myreport-af.com	2 redirects nfrc-myreport-af.com
5	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	nfrc-myreport-af.com
21	3

This site contains links to these domains. Also see Links.

Domain
www.actionfraud.police.uk
reporting.actionfraud.police.uk
www.facebook.com
twitter.com
pinterest.com
www.youtube.com

Subject Issuer	Validity	Valid
nfrc-myreport-af.com E1	`2024-06-06` - `2024-09-04`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
Frame ID: F2DA96EF2561E891F3A2A99E32F5A618
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Guided Tool Form | Action Fraud

Page URL History Show full URLs

http://nfrc-myreport-af.com/ HTTP 307
https://nfrc-myreport-af.com/ HTTP 302
https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXN... Page URL
https://nfrc-myreport-af.com/cdn-cgi/phish-bypass?atok=oh5r2jVd4e4dyxmBVcAkTbTTh14CmCPVO3L.wx9g1yw-171789... HTTP 301
https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXN... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

371 kB
Transfer

1566 kB
Size

2
Cookies

65 Outgoing links

These are links going to different origins than the main page.

URL: https://www.actionfraud.police.uk/privacy-information
Title: Find out more

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/welsh
Title: Cymraeg

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/
Title: English

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/albanian
Title: Shqip

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/czech
Title: Czech

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/french
Title: Français

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/german
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/italian
Title: Italiano

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/javanese
Title: Basa Jawa

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/lithuanian
Title: Lietuviškai

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/polish
Title: Polski

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/portuguese
Title: Português

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/romanian
Title: Român

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/somali
Title: Soomaali

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/spanish
Title: Español

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/turkish
Title: Türkçe

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/arabic
Title: العربية

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/bengali
Title: বাঙালি

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/cantonese
Title: 中文

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/gujerati
Title: ગુજરાતી

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/hindi
Title: हिंदी

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/japanese
Title: 日本語

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/korean
Title: 한국어

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/mandarin
Title: 中文

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/marathi
Title: मराठी

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/punjabi
Title: ਪੰਜਾਬੀ

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/russian
Title: Pусский

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/tamil
Title: தமிழ்

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/telegu
Title: తెలేగు

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/urdu
Title: اردو

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/vietnamese
Title: Tiếng Việt-nam

Search URL Search Domain Scan URL

URL: https://reporting.actionfraud.police.uk/login
Title: Login

Search URL Search Domain Scan URL

URL: https://www.facebook.com/actionfraud

Search URL Search Domain Scan URL

URL: https://twitter.com/actionfrauduk

Search URL Search Domain Scan URL

URL: https://pinterest.com/actionfraud/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/ActionFraud

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/accessibility-statement
Title: Accessibility statement

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/reporting-fraud
Title: Reporting fraud

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/report-phishing
Title: Report a phishing attempt

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/guide-to-reporting
Title: Guide to reporting

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/fraud-stats
Title: Fraud stats

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/reporting-in-local-language
Title: Reporting in local language

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/adroddiad-yn-gymraeg
Title: Adroddiad yn gymraeg

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/faq
Title: FAQs

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/news
Title: News

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/campaigns
Title: Campaigns

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/press-and-media-enquiries
Title: Press and media

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/what-is-fraud
Title: What is fraud?

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/a-z-of-fraud
Title: A-Z fraud

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/quad9-and-dmarc-free-cybercrime-protection
Title: Free cybercrime protection

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/victim-resources
Title: Victim resources

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/individual-protection
Title: Individual protection

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/business-protection
Title: Business protection

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/useful-organisations
Title: Useful organisations

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/sign-up-for-action-fraud-alert
Title: Sign-up for Action fraud alert

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/what-is-action-fraud
Title: What is Action Fraud

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/what-is-national-fraud-intelligence-bureau
Title: What is National Fraud Intelligence Bureau

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/who-reports-fraud-to-us
Title: Who reports fraud to us?

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/resources
Title: Resources

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/partners
Title: Partners

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/contact-us
Title: Contact us

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/data-sharing
Title: Data sharing

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/information-charter
Title: Information charter

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/copyright
Title: Copyright

Search URL Search Domain Scan URL

URL: https://www.actionfraud.police.uk/sitemap
Title: Sitemap

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nfrc-myreport-af.com/ HTTP 307
https://nfrc-myreport-af.com/ HTTP 302
https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR Page URL
https://nfrc-myreport-af.com/cdn-cgi/phish-bypass?atok=oh5r2jVd4e4dyxmBVcAkTbTTh14CmCPVO3L.wx9g1yw-1717891284-0.0.1.1-%2FreportStep1.php%3Fsslchannel%3Dtrue%26sessionid%3DWS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR HTTP 301
https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://nfrc-myreport-af.com/ HTTP 307
https://nfrc-myreport-af.com/ HTTP 302
https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

reportStep1.php Show response
nfrc-myreport-af.com/
Redirect Chain

http://nfrc-myreport-af.com/
https://nfrc-myreport-af.com/
https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQi...

4 KB
2 KB

29ms
28ms

Document
text/html

2606:4700:3035::6815:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b739861437a5b8a4e6b3ec632886b6fd752634f401569fe9d8c1a2ac6d8bda88

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cf-ray: 890cd8d25ea34d2b-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 09 Jun 2024 00:01:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zeCWW0zrrt4eFN1%2FYzmVLMzijhdGxLKkPvVi7%2FLdfMWciMT9OhJdYwdwF1DlBydsUCBmXMAKJQYQ7qJZr1LoNQF6cApZRu0ohe9tqEQ%2BDDltnMYYVdwndizOk6DInWgoUT2%2F4005kBB%2B2R1EAMKIV4O8WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 890cd8d13d6f4d2b-FRA
content-type: text/html; charset=UTF-8
date: Sun, 09 Jun 2024 00:01:24 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FkjbGdKILddfkhTpDkJ9tuZfl8%2B0GfADMlaAecW7CUGu%2BEfXLtnbsaOOpo%2FhtG6oHucqMc%2FOSyZedPXzaulnknx8VvgWryXqN3Sw7e9ig1%2FJEjWjHds9EoFN4p4hiyARjYnx4I%2FG%2FLg%2Fl2CaOAMgUxBwlA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 cf.errors.css
nfrc-myreport-af.com/cdn-cgi/styles/ 23 KB
5 KB 15ms
15ms Stylesheet
text/css 2606:4700:3035::6815:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nfrc-myreport-af.com/cdn-cgi/styles/cf.errors.css

Requested by

Host: nfrc-myreport-af.com
URL: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Jun 2024 12:26:34 GMT
server: cloudflare
etag: W/"665f07fa-5df3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 890cd8d2aedb4d2b-FRA
expires: Sun, 09 Jun 2024 02:01:24 GMT

GET
H3 200 icon-exclamation.png
nfrc-myreport-af.com/cdn-cgi/images/ 452 B
634 B 9ms
9ms Image
image/png 2606:4700:3035::6815:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nfrc-myreport-af.com/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: nfrc-myreport-af.com
URL: https://nfrc-myreport-af.com/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nfrc-myreport-af.com/cdn-cgi/styles/cf.errors.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:01:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 Jun 2024 12:26:34 GMT
server: cloudflare
etag: "665f07fa-1c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 890cd8d2cef54d2b-FRA
content-length: 452
expires: Sun, 09 Jun 2024 02:01:24 GMT

GET
H3 404 favicon.ico
nfrc-myreport-af.com/ 708 B
832 B 142ms
141ms Other
text/html 2606:4700:3035::6815:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nfrc-myreport-af.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:102a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 09 Jun 2024 00:01:25 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hjCycs2IAU0vcwdWXPvI7ZxVeOeoN1PcwG1vLjbrWTf41A2nYTFQ%2FiQ8HIni2T9VdEZJEr0f5pPODl%2BZolsKeYD08DLJhZndeho9Phy1uuDOdII829v8CH8yxzDLE0eV7ycbKlKv49vLszW8F1iUMvDsYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 890cd8d33f6c4d2b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

Primary Request reportStep1.php Show response
nfrc-myreport-af.com/
Redirect Chain

https://nfrc-myreport-af.com/cdn-cgi/phish-bypass?atok=oh5r2jVd4e4dyxmBVcAkTbTTh14CmCPVO3L.wx9g1yw-1717891284-0.0.1.1-%2FreportStep1.php%3Fsslchannel%3Dtrue%26sessionid%3DWS9hLBzSLhfYRgGl9achr6Torp...
https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQi...

231 KB
18 KB

189ms
109ms

Document
text/html

2606:4700:3035::6815:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:102a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60b14601da10e9a174af5f64b4b314fbdfadd4c3402410dcf38538e2c60bc2d7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 890cd8ef9c804d2b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 09 Jun 2024 00:01:29 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rXTu8Iput6Rp3OdPgcGAhCFdvpXi%2BEpUUZcthZyoNVk7IIhLAL2B0d2VGo%2B55B%2B8uE4kaYAPNIfCJK8QhxUCxpPn%2BCRNNDDvy783OhKVXUJLhd8EjeWAHQrfNe%2FndCG3sFmnpkQFYA%2FU0q86vOJlnEfP3w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

cache-control: private, no-cache
cf-ray: 890cd8eddb544d2b-FRA
content-length: 167
content-type: text/html
date: Sun, 09 Jun 2024 00:01:29 GMT
location: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 main.1694689350.css
nfrc-myreport-af.com/afuk_assetz/css/ 968 KB
96 KB 80ms
51ms Stylesheet
text/css 2606:4700:3035::6815:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nfrc-myreport-af.com/afuk_assetz/css/main.1694689350.css
Requested by: Host: nfrc-myreport-af.com
URL: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:102a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41ea25a5bcabfc71a307222184e7890040cee313b063fc699d78a92224954217

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:01:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 10:07:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 190499
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g8fSZ2kQLL%2FNp5veabQfw7uvJzBEkVcDsI9AsyNzqiGmtbn4a0RfHZw6DjHlVgySf8WssyfrbFxKjArEZM7%2FyE%2FNC0FOwuxZMpHJUSIH5KiemAMkzCLmuamP50Tr3GaQf2TOJ%2FqwYDuvwxcEH3NoHhIYww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 890cd8f08d194d2b-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 13 Jun 2024 19:06:30 GMT

GET
H3 200 desktop.css
nfrc-myreport-af.com/afuk_assetz/css/ 14 KB
3 KB 78ms
50ms Stylesheet
text/css 2606:4700:3035::6815:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nfrc-myreport-af.com/afuk_assetz/css/desktop.css
Requested by: Host: nfrc-myreport-af.com
URL: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:102a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 440cbc7f6e57e004584d45ee51466524223ab7f8c4bcfa2890116739ac1dd83c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:01:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 09:44:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 190499
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wqYjxlb9nR92hprC3dqsYmNBlRsAKJMuYAr4P%2FvOxGEtoR4tkwwrSMtFHMaHAfu%2BgEFSyo9HCq3FRumx%2B%2BibcrsnH1b4vY8rcGsgEoIaRd6KKqqC2ZSlfpWdvum%2FIm1DYbAv6gYM5NkANFYFW7JVuHFFoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 890cd8f08d1a4d2b-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 13 Jun 2024 19:06:30 GMT

GET
H3 200 action-fraud-logo-big.jpg
nfrc-myreport-af.com/afuk_assetz/img/ 16 KB
16 KB 76ms
47ms Image
image/jpeg 2606:4700:3035::6815:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nfrc-myreport-af.com/afuk_assetz/img/action-fraud-logo-big.jpg
Requested by: Host: nfrc-myreport-af.com
URL: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:102a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4b125343588c636fe867164ab22d6884ad373d00a7fdf39f52dcf234e4e7c7e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:01:29 GMT
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 09:44:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 190499
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LS5ndrRuHU6msRkVpMcgEBDVqkrk3Mvyp1gIOzz%2BGK1a7ukYXKt2GRlcpZSN4yrzd1afTZJbLbNvRz5i%2FcYABoU9ptL41G3BovXJKZmJYGuBnw3QboujR6CK9EPVYKs6TJQwVL7be%2BwN3%2FUKNMRsyBqTlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 890cd8f08d1b4d2b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15944
expires: Thu, 13 Jun 2024 19:06:30 GMT

GET
H3 200 action-fraud-logo-small.jpg
nfrc-myreport-af.com/afuk_assetz/img/ 13 KB
14 KB 77ms
48ms Image
image/jpeg 2606:4700:3035::6815:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nfrc-myreport-af.com/afuk_assetz/img/action-fraud-logo-small.jpg
Requested by: Host: nfrc-myreport-af.com
URL: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:102a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d3f0c78ff8147a64cdf1c9306f9b39ed0c69a13558ff4c02ad758e58e8e654c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:01:29 GMT
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 09:44:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 150308
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fjXE%2FVlwFyokZ0yTkQcl5ajr3%2FRn33H4a9oE%2BJ4ymwEZC5BjBmKrZ68EbWGqIeDDn4yeFkhzywQG1wnnn3987B8pXq4900gF6rhk2Xc1jiCse%2Fzeb6lh0QYLq51Qd3jAbX2GnNr5PBgUzRla9rVjRC%2Favw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 890cd8f08d1c4d2b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13396
expires: Fri, 14 Jun 2024 06:16:21 GMT

GET
H3 200 email-decode.min.js Show response
nfrc-myreport-af.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 96ms
67ms Script
application/javascript 2606:4700:3035::6815:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nfrc-myreport-af.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:102a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:01:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Jun 2024 12:27:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"665f0832-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aHJe%2FP6ysDnggIHX4BESEnDk%2BAV45SDrVIEkvFVm0j278AJizPc%2Bzk%2BOywTJwt0VYltR40RjZSItaGY3rr06e4xSQ2lsdyjvOQzxwMsEy9g2oSmAPUGEoV7SKwD4j2hlVsC%2B3hyfswut0oCRob8SrRFbpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 890cd8f0dd644d2b-FRA
expires: Tue, 11 Jun 2024 00:01:29 GMT

GET
H3 200 jquery-3.7.1.min.js Show response
nfrc-myreport-af.com/afuk_assetz/js/ 85 KB
31 KB 107ms
79ms Script
text/javascript 2606:4700:3035::6815:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nfrc-myreport-af.com/afuk_assetz/js/jquery-3.7.1.min.js
Requested by: Host: nfrc-myreport-af.com
URL: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:102a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99e691fae5e88eb36bafb24758b35f0f990708295f8f2abe2221891e328f776a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:01:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 31 Aug 2023 02:26:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2830
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IirV1v64nOWLcb%2FmJWtJlK4b5wC3g7ErNROd469tNlL43fCu3qo4BCk3lRE%2Bfy4lwlPEmAPJ1QvS7sjKiLdpnf%2BoqWaLipOHyEMPCPyuIauWp9VzYYFLh2KrzHVw5lEjqnvgvMawobyxpGSBCZJ3SEJovw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 890cd8f0dd674d2b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-extra.min.js Show response
nfrc-myreport-af.com/afuk_assetz/js/ 16 KB
6 KB 117ms
89ms Script
text/javascript 2606:4700:3035::6815:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nfrc-myreport-af.com/afuk_assetz/js/jquery-extra.min.js
Requested by: Host: nfrc-myreport-af.com
URL: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:102a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03b47e8f4be9b2b889af92c0d1a770e0c50c6e830a0a4167891d57ff5d6dd52d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:01:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 31 Aug 2023 11:13:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2830
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rDd4P4Dr0QLfncP0PFdUWtOeV2Yy%2Bdr4mTpQCXLeYNGsI2BDAfVl0EgTb0ouxE6Fx1l8OQHrXBix6%2FT9l%2FYh9EUW6wp%2BL6x6rklcw%2Bq67q%2BIHNqPMFTHSO9RCSs%2BlkaaUCIVqL8sYtqRuZFcFsrBlpqsWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 890cd8f0dd684d2b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 16 KB
2 KB 331ms
74ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=latin,latin-ext

Requested by

Host: nfrc-myreport-af.com
URL: https://nfrc-myreport-af.com/afuk_assetz/css/main.1694689350.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nfrc-myreport-af.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 09 Jun 2024 00:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Jun 2024 22:57:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 09 Jun 2024 00:01:30 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 437ms
9ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://nfrc-myreport-af.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:59:33 GMT
x-content-type-options: nosniff
age: 158518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 03:59:33 GMT

GET
H3 200 af-icons.woff
nfrc-myreport-af.com/afuk_assetz/fonts/ 24 KB
25 KB 79ms
78ms Font
font/woff 2606:4700:3035::6815:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nfrc-myreport-af.com/afuk_assetz/fonts/af-icons.woff
Requested by: Host: nfrc-myreport-af.com
URL: https://nfrc-myreport-af.com/afuk_assetz/css/main.1694689350.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:102a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce44ddee84d5c83e3c11c79bcefe9edfdb62208f146117a5df1107d908974fc0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nfrc-myreport-af.com/afuk_assetz/css/main.1694689350.css
Origin: https://nfrc-myreport-af.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:01:30 GMT
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 09:58:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 190499
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G0SaZsyXr0h4gZQDK%2FiZuvwx3WC7Mvj6c5YYXsbuy79IwyGu3Nsk%2FS3Y5Ucf7%2F3eaAPERc7bwvhpbDHatyeXV8e7gPc0bydhcLtc9daQmLgehJgjlwb5X%2FEAKwQYq3F2T1YyePImzBKfhFj6LSHH8TJDfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 890cd8f6a94a4d2b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 24868
expires: Thu, 13 Jun 2024 19:06:31 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 24 KB
25 KB 502ms
75ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://nfrc-myreport-af.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 12:46:40 GMT
x-content-type-options: nosniff
age: 126891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24984
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:04:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 12:46:40 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 35 KB
35 KB 475ms
47ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://nfrc-myreport-af.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 15:01:22 GMT
x-content-type-options: nosniff
age: 118809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35328
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 15:01:22 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 26 KB
26 KB 521ms
94ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://nfrc-myreport-af.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 02:36:36 GMT
x-content-type-options: nosniff
age: 163495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26736
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 02:36:36 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 16 KB
16 KB 510ms
83ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://nfrc-myreport-af.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 03:59:39 GMT
x-content-type-options: nosniff
age: 158512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16552
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 03:59:39 GMT

GET
H3 200 favicon.png
nfrc-myreport-af.com/afuk_assetz/img/ 1 KB
2 KB 47ms
47ms Other
image/png 2606:4700:3035::6815:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nfrc-myreport-af.com/afuk_assetz/img/favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:102a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca0fa04ec30d94ff81212eaf5a814a98976e70cebf98e679f1aee3d58503ffc4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:01:31 GMT
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 09:48:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 190500
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cT%2FCWgdnG8wVYGNHV6Zr78xlMFk2TBqz1teSxqNHzPoHkl7a8rj%2FWpXK9COTIfdu2ndp9XCp9n16mUNM4Q9aCo0m7g8QDPYGENgDu%2BP3nuUeZoLfiqzznlmSJOSwenWQKW1Jj6vRvCfCBNKPjrnfUWQgwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 890cd8faac964d2b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1336
expires: Thu, 13 Jun 2024 19:06:31 GMT

GET
H3 200 favicon.png
nfrc-myreport-af.com/afuk_assetz/img/ 1 KB
0 0ms
0ms Other
image/png 2606:4700:3035::6815:102a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nfrc-myreport-af.com/afuk_assetz/img/favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:102a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca0fa04ec30d94ff81212eaf5a814a98976e70cebf98e679f1aee3d58503ffc4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://nfrc-myreport-af.com/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 09 Jun 2024 00:01:31 GMT
cf-cache-status: HIT
last-modified: Thu, 30 May 2024 09:48:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 190500
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cT%2FCWgdnG8wVYGNHV6Zr78xlMFk2TBqz1teSxqNHzPoHkl7a8rj%2FWpXK9COTIfdu2ndp9XCp9n16mUNM4Q9aCo0m7g8QDPYGENgDu%2BP3nuUeZoLfiqzznlmSJOSwenWQKW1Jj6vRvCfCBNKPjrnfUWQgwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 890cd8faac964d2b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1336
expires: Thu, 13 Jun 2024 19:06:31 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| $jscomp

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			nfrc-myreport-af.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 07255abaefebb05b10434efe7771b176
			.nfrc-myreport-af.com/	1970-01-20 21:12:57	Name: __cf_mw_byp Value: oh5r2jVd4e4dyxmBVcAkTbTTh14CmCPVO3L.wx9g1yw-1717891284-0.0.1.1-/reportStep1.php?sslchannel=true&sessionid=WS9hLBzSLhfYRgGl9achr6TorpT7VzRUXNAj48RKnl0FJVHw1HqsYjD6IyYIb9NdBW5EpwjluzKpjg8yhhY8MvHgmqBoEqaTKXoaXkQGMgqi0uuqFoSXrkI9WePoQiBZRR

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://nfrc-myreport-af.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
nfrc-myreport-af.com
2606:4700:3035::6815:102a
2a00:1450:4001:80b::2003
2a00:1450:4001:827::200a
03b47e8f4be9b2b889af92c0d1a770e0c50c6e830a0a4167891d57ff5d6dd52d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d3f0c78ff8147a64cdf1c9306f9b39ed0c69a13558ff4c02ad758e58e8e654c
3ff27e82d78a471905edf58f54d412011e0f3b07cb596b50d425151e7df84404
41ea25a5bcabfc71a307222184e7890040cee313b063fc699d78a92224954217
440cbc7f6e57e004584d45ee51466524223ab7f8c4bcfa2890116739ac1dd83c
60b14601da10e9a174af5f64b4b314fbdfadd4c3402410dcf38538e2c60bc2d7
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f
99e691fae5e88eb36bafb24758b35f0f990708295f8f2abe2221891e328f776a
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
b4b125343588c636fe867164ab22d6884ad373d00a7fdf39f52dcf234e4e7c7e
b739861437a5b8a4e6b3ec632886b6fd752634f401569fe9d8c1a2ac6d8bda88
ca0fa04ec30d94ff81212eaf5a814a98976e70cebf98e679f1aee3d58503ffc4
ce44ddee84d5c83e3c11c79bcefe9edfdb62208f146117a5df1107d908974fc0
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

nfrc-myreport-af.com Open in urlscan Pro 2606:4700:3035::6815:102a Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

371 kBTransfer

1566 kBSize

2 Cookies

65 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

nfrc-myreport-af.com Open in urlscan Pro
2606:4700:3035::6815:102a Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

371 kB
Transfer

1566 kB
Size

2
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!