pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev Open in urlscan Pro
2606:4700:7::eb Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://atos.cerrod.com/l/b0ZJclR1dENNcFc1Ynk3aHVtTGFCQT09-bDh2a2xCS2VaVHRuaUQzenVMaFphUT09
Effective URL:
https://pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev/gov9.html
Submission: On October 18 via manual (October 18th 2024, 1:44:03 am UTC) from SG — Scanned from FR

Summary HTTP 3 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 6 domains to perform 3 HTTP transactions. The main IP is 2606:4700:7::eb, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev.
TLS certificate: Issued by E5 on September 29th 2024. Valid for: 3 months.

This is the only time pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Australian Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.180.91.240 35.180.91.240	16509 (AMAZON-02) (AMAZON-02)
1 1	13.39.121.29 13.39.121.29	16509 (AMAZON-02) (AMAZON-02)
1 1	13.37.210.87 13.37.210.87	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:7::eb 2606:4700:7::eb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1	172.67.74.152 172.67.74.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	4

1 35.180.91.240 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-180-91-240.eu-west-3.compute.amazonaws.com

atos.cerrod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.39.121.29 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-39-121-29.eu-west-3.compute.amazonaws.com

signitic.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.37.210.87 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-210-87.eu-west-3.compute.amazonaws.com

app.signitic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:7::eb (United States)

ASN13335 (CLOUDFLARENET, US)

pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.74.152 (United States)

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2041	156 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 791	31 KB
1	r2.dev pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev	1 MB
1	signitic.com 1 redirects app.signitic.com — Cisco Umbrella Rank: 655295	739 B
1	signitic.app 1 redirects signitic.app — Cisco Umbrella Rank: 119090	280 B
1	cerrod.com 1 redirects atos.cerrod.com	269 B
3	6

	Domain	Requested by
1	api.ipify.org	code.jquery.com
1	code.jquery.com	pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev
1	pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev
1	app.signitic.com	1 redirects
1	signitic.app	1 redirects
1	atos.cerrod.com	1 redirects
3	6

This site contains links to these domains. Also see Links.

Domain
my.gov.au
login.my.gov.au

Subject Issuer	Validity	Valid
*.r2.dev E5	`2024-09-29` - `2024-12-28`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
ipify.org WE1	`2024-09-15` - `2024-12-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev/gov9.html
Frame ID: C12AE8F1BFFB16B90D9A4A598D1169FE
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in with myGov - myGov

Page URL History Show full URLs

https://atos.cerrod.com/l/b0ZJclR1dENNcFc1Ynk3aHVtTGFCQT09-bDh2a2xCS2VaVHRuaUQzenVMaFphUT09 HTTP 302
https://signitic.app/l/b0ZJclR1dENNcFc1Ynk3aHVtTGFCQT09-bDh2a2xCS2VaVHRuaUQzenVMaFphUT09 HTTP 301
https://app.signitic.com/l/b0ZJclR1dENNcFc1Ynk3aHVtTGFCQT09-bDh2a2xCS2VaVHRuaUQzenVMaFphUT09 HTTP 302
https://pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev/gov9.html Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

3
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

4
IPs

2
Countries

1569 kB
Transfer

1754 kB
Size

0
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://my.gov.au/

Search URL Search Domain Scan URL

URL: https://my.gov.au/en/about/help
Title: Help

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/las/mygov-login?execution=e1s1&_eventId=close
Title: Back

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/las/mygov-login?execution=e1s1&_eventId=recoverusername
Title: Forgot username

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/las/mygov-login?execution=e1s1&_eventId=resetpassword
Title: Forgot password

Search URL Search Domain Scan URL

URL: https://my.gov.au/en/create-account/
Title: Create a myGov account

Search URL Search Domain Scan URL

URL: https://login.my.gov.au/las/mygov-login?execution=e1s1&_eventId=digitalIdentity
Title: Sign in with Digital Identity

Search URL Search Domain Scan URL

URL: https://my.gov.au/en/about/help/mygov-website/sign-in-to-mygov/use-passkeys
Title: passkeys opens in a new window

Search URL Search Domain Scan URL

URL: https://my.gov.au/en/about/terms
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://my.gov.au/en/about/privacy-and-security
Title: Privacy and security

Search URL Search Domain Scan URL

URL: https://my.gov.au/en/about/copyright
Title: Copyright

Search URL Search Domain Scan URL

URL: https://my.gov.au/en/about/accessibility
Title: Accessibility

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://atos.cerrod.com/l/b0ZJclR1dENNcFc1Ynk3aHVtTGFCQT09-bDh2a2xCS2VaVHRuaUQzenVMaFphUT09 HTTP 302
https://signitic.app/l/b0ZJclR1dENNcFc1Ynk3aHVtTGFCQT09-bDh2a2xCS2VaVHRuaUQzenVMaFphUT09 HTTP 301
https://app.signitic.com/l/b0ZJclR1dENNcFc1Ynk3aHVtTGFCQT09-bDh2a2xCS2VaVHRuaUQzenVMaFphUT09 HTTP 302
https://pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev/gov9.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request gov9.html Show response pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev/ Redirect Chain https://atos.cerrod.com/l/b0ZJclR1dENNcFc1Ynk3aHVtTGFCQT09-bDh2a2xCS2VaVHRuaUQzenVMaFphUT09 https://signitic.app/l/b0ZJclR1dENNcFc1Ynk3aHVtTGFCQT09-bDh2a2xCS2VaVHRuaUQzenVMaFphUT09 https://app.signitic.com/l/b0ZJclR1dENNcFc1Ynk3aHVtTGFCQT09-bDh2a2xCS2VaVHRuaUQzenVMaFphUT09 https://pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev/gov9.html	1 MB 1 MB	251ms 183ms	Document text/html	2606:4700:7::eb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev/gov9.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::eb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `245b40de40bda1811e6e3f52126b27cbbbf0e94fe82e2419f83bddb7497bbe4a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes CF-RAY 8d44d731cb02d136-CDG Connection keep-alive Content-Length 1519233 Content-Type text/html Date Fri, 18 Oct 2024 01:43:59 GMT ETag "d46da51c89dcbb4c947e8a95df89fc56" Last-Modified Thu, 10 Oct 2024 17:55:01 GMT Server cloudflare Vary Accept-Encoding Redirect headers cache-control max-age=0, must-revalidate, private content-type text/html; charset=utf-8 date Fri, 18 Oct 2024 01:43:58 GMT expires Fri, 18 Oct 2024 01:43:58 GMT location https://pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev/gov9.html referrer-policy no-referrer, strict-origin-when-cross-origin server Apache
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 31 KB	75ms 22ms	Script application/javascript	2a04:4e42:200::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev URL: https://pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev/gov9.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash `ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Referer https://pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev/ Response headers content-encoding gzip etag W/"28feccc0-15d9d" age 5407945 x-cache HIT, HIT date Fri, 18 Oct 2024 01:43:59 GMT content-type application/javascript; charset=utf-8 last-modified Fri, 18 Oct 1991 12:00:00 GMT x-cache-hits 13, 688633 x-served-by cache-lga21931-LGA, cache-lcy-eglc8600081-LCY vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=604800 x-timer S1729215839.498363,VS0,VE0 cross-origin-resource-policy cross-origin via 1.1 varnish, 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 30875 server nginx
GET DATA	200 OK	truncated /	63 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `954aa858b3bffb8511bc41bc88b07d2b24597c37faf522550e26c9aa3b0d220d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `525f354955509f0e68d1de9b4a59e83919c7a1624aaf100a4754fa72eb508f49` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	63 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `10b11a7c97b90bcf7ad520ac94c5769d08540ce1ee3b84d487c587bf128e3388` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	256 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `af454d272466fa84c77ca8028e0b8b8bcc0a193ad4401dfcddbad07dc2dabcfc` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	583 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `8c6fcb4fc5d0a351b5dcc2fa918d157ea61e6fb74a4e083509e6dcb93d4ff2f6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	1022 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e891c017753d1d4ca061d7f6dace627433d3733a42fb2ec2ffd9722b99dd6812` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	18 KB 18 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev Referer Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	18 KB 18 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev Referer Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	18 KB 18 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev Referer Response headers Content-Type font/woff2
GET H2	200	/ Show response api.ipify.org/	23 B 156 B	186ms 103ms	XHR application/json	172.67.74.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.74.152 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c22dc0c0f287a34cd7674b728f78b6e73991687e609c3373afe00ef70006534e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept application/json, text/javascript, /; q=0.01 Referer Response headers cf-cache-status DYNAMIC cf-ray 8d44d7362d00d0ba-CDG access-control-allow-origin * content-length 23 date Fri, 18 Oct 2024 01:43:59 GMT content-type application/json vary Origin server cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Australian Government (Government)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev/gov9.html(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev/gov9.html(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
recommendation	verbose	URL: https://pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev/gov9.html Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
app.signitic.com
atos.cerrod.com
code.jquery.com
pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev
signitic.app
13.37.210.87
13.39.121.29
172.67.74.152
2606:4700:7::eb
2a04:4e42:200::649
35.180.91.240
10b11a7c97b90bcf7ad520ac94c5769d08540ce1ee3b84d487c587bf128e3388
245b40de40bda1811e6e3f52126b27cbbbf0e94fe82e2419f83bddb7497bbe4a
525f354955509f0e68d1de9b4a59e83919c7a1624aaf100a4754fa72eb508f49
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8c6fcb4fc5d0a351b5dcc2fa918d157ea61e6fb74a4e083509e6dcb93d4ff2f6
954aa858b3bffb8511bc41bc88b07d2b24597c37faf522550e26c9aa3b0d220d
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
af454d272466fa84c77ca8028e0b8b8bcc0a193ad4401dfcddbad07dc2dabcfc
c22dc0c0f287a34cd7674b728f78b6e73991687e609c3373afe00ef70006534e
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e891c017753d1d4ca061d7f6dace627433d3733a42fb2ec2ffd9722b99dd6812
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev Open in urlscan Pro 2606:4700:7::eb Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

100 %HTTPS

33 %IPv6

6 Domains

6 Subdomains

4 IPs

2 Countries

1569 kBTransfer

1754 kBSize

0 Cookies

12 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

pub-bfd34a8a1c0642fb98989fbeec51b294.r2.dev Open in urlscan Pro
2606:4700:7::eb Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

4
IPs

2
Countries

1569 kB
Transfer

1754 kB
Size

0
Cookies

3 HTTP transactions
9 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!