gex.vmg.mybluehost.me Open in urlscan Pro
70.40.216.156  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://cdnstorageza001.z6.web.core.windows.net/matomo.html Page URL
2. https://gex.vmg.mybluehost.me/ram.co.za/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
11 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	matomo.html cdnstorageza001.z6.web.core.windows.net/	141 B 511 B	118ms 24ms	Document text/html	20.60.130.225 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cdnstorageza001.z6.web.core.windows.net/matomo.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.60.130.225 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Accept-Ranges bytes Content-Length 141 Content-MD5 Ihdx1kXlulwq2DML6f2iTQ== Content-Type text/html Date Thu, 12 Oct 2023 10:14:04 GMT ETag "0x8DBC9D68EE4F279" Last-Modified Tue, 10 Oct 2023 21:19:16 GMT Server Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 x-ms-request-id 9d4284e6-e01e-0082-37f4-fc133f000000 x-ms-version 2018-03-28
GET H2	200	Primary Request / Show response gex.vmg.mybluehost.me/ram.co.za/	1 MB 625 KB	738ms 361ms	Document text/html	70.40.216.156 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://gex.vmg.mybluehost.me/ram.co.za/ Requested by Host: cdnstorageza001.z6.web.core.windows.net URL: https://cdnstorageza001.z6.web.core.windows.net/matomo.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 70.40.216.156 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2134.bluehost.com Software nginx/1.21.6 / Resource Hash d6066709c04a53d291b5b0b864878e29532cf4266b25a6e7097475bdae08637c Request headers Referer https://cdnstorageza001.z6.web.core.windows.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers accept-ranges bytes cache-control max-age=7200 content-encoding gzip content-type text/html date Thu, 12 Oct 2023 10:13:55 GMT expires Thu, 12 Oct 2023 12:14:05 GMT host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== last-modified Wed, 11 Oct 2023 03:57:20 GMT server nginx/1.21.6 vary Accept-Encoding x-endurance-cache-level 2 x-newfold-cache-level 2 x-nginx-cache WordPress x-server-cache false
GET H2	200	reset.min.css gex.vmg.mybluehost.me/ram.co.za/files/	773 B 574 B	594ms 594ms	Stylesheet text/css	70.40.216.156 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://gex.vmg.mybluehost.me/ram.co.za/files/reset.min.css Requested by Host: gex.vmg.mybluehost.me URL: https://gex.vmg.mybluehost.me/ram.co.za/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 70.40.216.156 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2134.bluehost.com Software Apache / Resource Hash 82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e Request headers accept-language nl-NL,nl;q=0.9 Referer https://gex.vmg.mybluehost.me/ram.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 12 Oct 2023 10:14:06 GMT content-encoding gzip x-nginx-cache WordPress last-modified Sat, 21 Jan 2023 01:59:00 GMT server Apache vary Accept-Encoding x-newfold-cache-level 2 x-endurance-cache-level 2 content-type text/css cache-control max-age=2592000 accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 442 expires Sat, 11 Nov 2023 10:14:06 GMT
GET H2	200	css gex.vmg.mybluehost.me/ram.co.za/files/	1 KB 1 KB	594ms 594ms	Stylesheet text/plain	70.40.216.156 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://gex.vmg.mybluehost.me/ram.co.za/files/css Requested by Host: gex.vmg.mybluehost.me URL: https://gex.vmg.mybluehost.me/ram.co.za/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 70.40.216.156 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2134.bluehost.com Software nginx/1.21.6 / Resource Hash 4d301db383eb1263ebc0a41ea049c7db16a5a31d8001ca716700f8a52b1cbe26 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gex.vmg.mybluehost.me/ram.co.za/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 12 Oct 2023 10:13:55 GMT x-nginx-cache WordPress last-modified Sat, 21 Jan 2023 01:59:02 GMT server nginx/1.21.6 x-server-cache false x-newfold-cache-level 2 x-endurance-cache-level 2 cache-control max-age=21600 accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 1027 expires Thu, 12 Oct 2023 16:14:06 GMT
GET H2	200	matomo.js Show response cdn.matomo.cloud/twugg.matomo.cloud/	132 KB 39 KB	83ms 27ms	Script application/javascript	2600:9000:2156:ae00:c:7d55:b3c0:93a1
General Check archive.org Show headers Download Go to Full URL https://cdn.matomo.cloud/twugg.matomo.cloud/matomo.js Requested by Host: gex.vmg.mybluehost.me URL: https://gex.vmg.mybluehost.me/ram.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:ae00:c:7d55:b3c0:93a1 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash c1d525781834944d0c42d206d6e31f05b73a947821da73108bdf3a3d53e4c402 Request headers accept-language nl-NL,nl;q=0.9 Referer https://gex.vmg.mybluehost.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 12 Oct 2023 09:23:38 GMT x-amz-version-id cJDnU3iHjqIUlpUcsLqGt9yDdmM9AK3h content-encoding gzip via 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 age 3029 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 03 Oct 2023 21:54:04 GMT server AmazonS3 etag W/"df630c016b0a1d6d650d8d6a411f9d56" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=691200 x-amz-cf-id LZsdQ0ZOXi1xO3llJu70oS3jiCqT1bpVqJku0aGgvDL83D_TGKtwyw==
POST H2	204	matomo.php twugg.matomo.cloud/	0 174 B	128ms 75ms	Ping text/plain	3.126.133.169 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://twugg.matomo.cloud/matomo.php?action_name=&idsite=1&rec=1&r=667525&h=12&m=14&s=6&url=https%3A%2F%2Fgex.vmg.mybluehost.me%2Fram.co.za%2F&urlref=https%3A%2F%2Fcdnstorageza001.z6.web.core.windows.net%2F&_id=027c3574d7aaa912&_idn=1&send_image=0&_refts=1697105646&_ref=https%3A%2F%2Fcdnstorageza001.z6.web.core.windows.net%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=zpteSY&pf_net=379&pf_srv=360&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D Requested by Host: cdn.matomo.cloud URL: https://cdn.matomo.cloud/twugg.matomo.cloud/matomo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-133-169.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://gex.vmg.mybluehost.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers access-control-allow-origin https://gex.vmg.mybluehost.me date Thu, 12 Oct 2023 10:14:06 GMT access-control-allow-credentials true server Apache vary X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
GET H2	403	matomo.js cdn.matomo.cloud/antidot1.matomo.cloud/	0 0	35ms 34ms	Script application/xml	2600:9000:2156:ae00:c:7d55:b3c0:93a1
General Check archive.org Show headers Download Go to Full URL https://cdn.matomo.cloud/antidot1.matomo.cloud/matomo.js Requested by Host: gex.vmg.mybluehost.me URL: https://gex.vmg.mybluehost.me/ram.co.za/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:ae00:c:7d55:b3c0:93a1 , United States, ASN (), Reverse DNS Software / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://gex.vmg.mybluehost.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
GET DATA	200 OK	truncated /	123 KB 123 KB		Font font/otf
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eb5f2c3557023f9aebd1315f78deceb2f5852d3680124fe1e96effc075df3170 Request headers Referer Origin https://gex.vmg.mybluehost.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type font/otf
GET DATA	200 OK	truncated /	28 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ce0ba96a9fed19fe633bc2f9d68a7bd3ddcf07271a0374d623c8616fcc02ce7a Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a09f0a5e11cf9ac35c1d9afb74c2370034a0848391b511ede54b43f7f21d5dc4 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET H2	404	saved_resource.html Show response gex.vmg.mybluehost.me/ram.co.za/index_files/ Frame D559	315 B 344 B	243ms 243ms	Document text/html	70.40.216.156 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://gex.vmg.mybluehost.me/ram.co.za/index_files/saved_resource.html Requested by Host: gex.vmg.mybluehost.me URL: https://gex.vmg.mybluehost.me/ram.co.za/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 70.40.216.156 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2134.bluehost.com Software nginx/1.21.6 / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers Referer https://gex.vmg.mybluehost.me/ram.co.za/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers content-length 315 content-type text/html; charset=iso-8859-1 date Thu, 12 Oct 2023 10:13:56 GMT host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== server nginx/1.21.6
GET H2	404	saved_resource(1).html Show response gex.vmg.mybluehost.me/ram.co.za/index_files/ Frame 4A4B	315 B 389 B	232ms 232ms	Document text/html	70.40.216.156 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://gex.vmg.mybluehost.me/ram.co.za/index_files/saved_resource(1).html Requested by Host: gex.vmg.mybluehost.me URL: https://gex.vmg.mybluehost.me/ram.co.za/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 70.40.216.156 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2134.bluehost.com Software nginx/1.21.6 / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers Referer https://gex.vmg.mybluehost.me/ram.co.za/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers content-length 315 content-type text/html; charset=iso-8859-1 date Thu, 12 Oct 2023 10:13:56 GMT host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== server nginx/1.21.6
GET H2	404	saved_resource(2).html Show response gex.vmg.mybluehost.me/ram.co.za/index_files/ Frame BBA6	315 B 344 B	236ms 236ms	Document text/html	70.40.216.156 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://gex.vmg.mybluehost.me/ram.co.za/index_files/saved_resource(2).html Requested by Host: gex.vmg.mybluehost.me URL: https://gex.vmg.mybluehost.me/ram.co.za/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 70.40.216.156 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2134.bluehost.com Software nginx/1.21.6 / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers Referer https://gex.vmg.mybluehost.me/ram.co.za/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers content-length 315 content-type text/html; charset=iso-8859-1 date Thu, 12 Oct 2023 10:13:56 GMT host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== server nginx/1.21.6
GET H2	404	saved_resource(3).html Show response gex.vmg.mybluehost.me/ram.co.za/index_files/ Frame 21AB	315 B 344 B	234ms 234ms	Document text/html	70.40.216.156 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://gex.vmg.mybluehost.me/ram.co.za/index_files/saved_resource(3).html Requested by Host: gex.vmg.mybluehost.me URL: https://gex.vmg.mybluehost.me/ram.co.za/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 70.40.216.156 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2134.bluehost.com Software nginx/1.21.6 / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers Referer https://gex.vmg.mybluehost.me/ram.co.za/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers content-length 315 content-type text/html; charset=iso-8859-1 date Thu, 12 Oct 2023 10:13:56 GMT host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== server nginx/1.21.6
GET H2	404	saved_resource(4).html Show response gex.vmg.mybluehost.me/ram.co.za/index_files/ Frame C183	315 B 344 B	235ms 235ms	Document text/html	70.40.216.156 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://gex.vmg.mybluehost.me/ram.co.za/index_files/saved_resource(4).html Requested by Host: gex.vmg.mybluehost.me URL: https://gex.vmg.mybluehost.me/ram.co.za/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 70.40.216.156 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box2134.bluehost.com Software nginx/1.21.6 / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers Referer https://gex.vmg.mybluehost.me/ram.co.za/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers content-length 315 content-type text/html; charset=iso-8859-1 date Thu, 12 Oct 2023 10:13:56 GMT host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== server nginx/1.21.6
GET DATA	200 OK	truncated /	144 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dc105508b9e89fca4865dfb1c3870bc8466e0053fc1b96bccd00c557e36b1fd5 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	145 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a410af67a6d538faaa73ac94b6f30c11879504def6e818412c5272374faf809d Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	16 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0f015ed8565b2d9e0ccc0dec0600d051e1b127eef7bf9ea93dca086aa5f88d1f Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	27 KB 27 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 614140f4e094567430afc1307802e4b23e5111100fdc115fba72618cbcdaa416 Request headers Referer Origin https://gex.vmg.mybluehost.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type application/font-woff
GET DATA	200 OK	truncated /	154 KB 154 KB		Font font/otf
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 183be4309aa229c11d790bb79b82a6a181a3f76cd009635a145a9d65c9c80766 Request headers Referer Origin https://gex.vmg.mybluehost.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type font/otf
GET DATA	200 OK	truncated /	33 KB 33 KB		Font font/otf
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1e5ccecfcc7d4fa497f99a6ad1ad25eaa8aefce9b7b61be94bb7a85e09ed4d5 Request headers Referer Origin https://gex.vmg.mybluehost.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type font/otf
GET DATA	200 OK	truncated /	28 KB 28 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a029c06a7260e4ebb19a2a6a3c7b8bb82f7b190a38fb8028820cdaabdbe48e63 Request headers Referer Origin https://gex.vmg.mybluehost.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type application/font-woff
GET DATA	200 OK	truncated /	22 KB 22 KB		Font application/x-font-ttf
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8af891e48cfb3723bd9237afeb680d15b9efc3cb7843f3e27d692eec33187110 Request headers Referer Origin https://gex.vmg.mybluehost.me accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type application/x-font-ttf
POST H2	200	matomo.php antidot1.matomo.cloud/	92 B 274 B	37ms 28ms	Ping text/html	3.126.133.169 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://antidot1.matomo.cloud/matomo.php?action_name=&idsite=1&rec=1&r=969004&h=12&m=14&s=6&url=https%3A%2F%2Fgex.vmg.mybluehost.me%2Fram.co.za%2F&urlref=https%3A%2F%2Fcdnstorageza001.z6.web.core.windows.net%2F&_id=027c3574d7aaa912&_idn=0&send_image=0&_refts=1697105646&_ref=https%3A%2F%2Fcdnstorageza001.z6.web.core.windows.net%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=zNIhBx&pf_net=379&pf_srv=360&uadata=%7B%22brands%22%3A%5B%5D%2C%22platform%22%3A%22%22%7D Requested by Host: cdn.matomo.cloud URL: https://cdn.matomo.cloud/twugg.matomo.cloud/matomo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-133-169.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash 481beea6f83c5c784276df3bfb8693cc60c0ce8ef0a2cb8f47d624e2d6c9b076 Request headers Referer https://gex.vmg.mybluehost.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers date Thu, 12 Oct 2023 10:14:06 GMT content-encoding gzip server Apache content-length 101 vary X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent content-type text/html; charset=UTF-8
POST H2	200	matomo.php antidot1.matomo.cloud/	92 B 274 B	25ms 24ms	Ping text/html	3.126.133.169 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://antidot1.matomo.cloud/matomo.php Requested by Host: cdn.matomo.cloud URL: https://cdn.matomo.cloud/twugg.matomo.cloud/matomo.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-133-169.eu-central-1.compute.amazonaws.com Software Apache / Resource Hash 481beea6f83c5c784276df3bfb8693cc60c0ce8ef0a2cb8f47d624e2d6c9b076 Request headers Referer https://gex.vmg.mybluehost.me/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers date Thu, 12 Oct 2023 10:14:09 GMT content-encoding gzip server Apache content-length 101 vary X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent content-type text/html; charset=UTF-8

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: RAM Couriers (Transportation)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| _paq object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log function| onReady function| setVisible function| savepage_ShadowLoader

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gex.vmg.mybluehost.me/	1970-01-20 19:47:53	Name: _pk_ref.1.cfbc Value: %5B%22%22%2C%22%22%2C1697105646%2C%22https%3A%2F%2Fcdnstorageza001.z6.web.core.windows.net%2F%22%5D
			gex.vmg.mybluehost.me/	1970-01-21 00:51:00	Name: _pk_id.1.cfbc Value: 027c3574d7aaa912.1697105646.
			gex.vmg.mybluehost.me/	1970-01-20 15:25:07	Name: _pk_ses.1.cfbc Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.matomo.cloud/antidot1.matomo.cloud/matomo.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://gex.vmg.mybluehost.me/ram.co.za/index_files/saved_resource(1).html Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gex.vmg.mybluehost.me/ram.co.za/index_files/saved_resource(3).html Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gex.vmg.mybluehost.me/ram.co.za/index_files/saved_resource(2).html Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gex.vmg.mybluehost.me/ram.co.za/index_files/saved_resource(4).html Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gex.vmg.mybluehost.me/ram.co.za/index_files/saved_resource.html Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

antidot1.matomo.cloud
cdn.matomo.cloud
cdnstorageza001.z6.web.core.windows.net
gex.vmg.mybluehost.me
twugg.matomo.cloud
20.60.130.225
2600:9000:2156:ae00:c:7d55:b3c0:93a1
3.126.133.169
70.40.216.156
0f015ed8565b2d9e0ccc0dec0600d051e1b127eef7bf9ea93dca086aa5f88d1f
183be4309aa229c11d790bb79b82a6a181a3f76cd009635a145a9d65c9c80766
481beea6f83c5c784276df3bfb8693cc60c0ce8ef0a2cb8f47d624e2d6c9b076
4d301db383eb1263ebc0a41ea049c7db16a5a31d8001ca716700f8a52b1cbe26
614140f4e094567430afc1307802e4b23e5111100fdc115fba72618cbcdaa416
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
8af891e48cfb3723bd9237afeb680d15b9efc3cb7843f3e27d692eec33187110
a029c06a7260e4ebb19a2a6a3c7b8bb82f7b190a38fb8028820cdaabdbe48e63
a09f0a5e11cf9ac35c1d9afb74c2370034a0848391b511ede54b43f7f21d5dc4
a410af67a6d538faaa73ac94b6f30c11879504def6e818412c5272374faf809d
b1e5ccecfcc7d4fa497f99a6ad1ad25eaa8aefce9b7b61be94bb7a85e09ed4d5
c1d525781834944d0c42d206d6e31f05b73a947821da73108bdf3a3d53e4c402
ce0ba96a9fed19fe633bc2f9d68a7bd3ddcf07271a0374d623c8616fcc02ce7a
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d6066709c04a53d291b5b0b864878e29532cf4266b25a6e7097475bdae08637c
dc105508b9e89fca4865dfb1c3870bc8466e0053fc1b96bccd00c557e36b1fd5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb5f2c3557023f9aebd1315f78deceb2f5852d3680124fe1e96effc075df3170