urlscan.io logo urlscan.io
SecurityTrails logo

831kkk.ottoshaw.workers.dev Open in urlscan Pro
2606:4700:3032::ac43:9ac7  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://831kkk.ottoshaw.workers.dev/
Submission: On October 26 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 2 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3032::ac43:9ac7, located in United States and belongs to CLOUDFLARENET, US. The main domain is 831kkk.ottoshaw.workers.dev.
TLS certificate: Issued by WE1 on September 4th 2024. Valid for: 3 months.
This is the only time 831kkk.ottoshaw.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 7 2606:4700:303... 13335 (CLOUDFLAR...)
7 2600:1408:c40... 20940 (AKAMAI-ASN1)
6 172.67.154.199 13335 (CLOUDFLAR...)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 23.212.250.88 20940 (AKAMAI-ASN1)
21 6
7    2606:4700:3032::ac43:9ac7 (United States)

ASN13335 (CLOUDFLARENET, US)
831kkk.ottoshaw.workers.dev
7    2600:1408:c400:16::17d4:f81a (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
r.bing.com
6    172.67.154.199 (United States)

ASN13335 (CLOUDFLARENET, US)
831kkk.ottoshaw.workers.dev
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.bing.com
1    23.212.250.88 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-250-88.deploy.static.akamaitechnologies.com
r.bing.com
Apex Domain
Subdomains		 Transfer
13 workers.dev
831kkk.ottoshaw.workers.dev
316 KB
9 bing.com
r.bing.com — Cisco Umbrella Rank: 449
www.bing.com — Cisco Umbrella Rank: 53
195 KB
21 2
Domain Requested by
13 831kkk.ottoshaw.workers.dev 1 redirects 831kkk.ottoshaw.workers.dev
8 r.bing.com 831kkk.ottoshaw.workers.dev
r.bing.com
1 www.bing.com 831kkk.ottoshaw.workers.dev
21 3
Subject Issuer Validity Valid
ottoshaw.workers.dev
WE1		 2024-09-04 -
2024-12-03		 3 months crt.sh
r.bing.com
Microsoft Azure ECC TLS Issuing CA 04		 2024-06-24 -
2025-06-19		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://831kkk.ottoshaw.workers.dev/
Frame ID: F524F8E12AAABF7F0ACD3B33C4262C00
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bing Search

Page URL History Show full URLs

  1. https://831kkk.ottoshaw.workers.dev/ Page URL
  2. https://831kkk.ottoshaw.workers.dev/cdn-cgi/phish-bypass?atok=S1VpaHq8d6Tic6ICE_jg0ecTIRzx21Yvv_3R3gtJ1AU-172998... HTTP 301
    https://831kkk.ottoshaw.workers.dev/ Page URL

Page Statistics

21
Requests

100 %
HTTPS

60 %
IPv6

2
Domains

3
Subdomains

6
IPs

1
Countries

511 kB
Transfer

868 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://831kkk.ottoshaw.workers.dev/ Page URL
  2. https://831kkk.ottoshaw.workers.dev/cdn-cgi/phish-bypass?atok=S1VpaHq8d6Tic6ICE_jg0ecTIRzx21Yvv_3R3gtJ1AU-1729981118-0.0.1.1-%2F HTTP 301
    https://831kkk.ottoshaw.workers.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
831kkk.ottoshaw.workers.dev/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://831kkk.ottoshaw.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e09e7916841e519ec48d6dcc62661ac290fbf12ae3403659e9f224ec2990e21
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-ray
8d8dd2c72af0713e-YUL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 26 Oct 2024 22:18:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=udZOVNJbzBbVaeaeplI%2FuLVwbRZnm%2FUSUVRzZ42sxeqCepDyK4Y3OhE25ATwPH3uqugPj9xkXtHv3lqW6Sw9exgto%2BVIUz%2BOn0NQip8wh5dk8dEPXr9EvLS0NLi0ya7LY9HXzdHHWvGqmwcCrU0pwQTiPga%2BajGfrJw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf.errors.css
831kkk.ottoshaw.workers.dev/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://831kkk.ottoshaw.workers.dev/cdn-cgi/styles/cf.errors.css
Requested by
Host: 831kkk.ottoshaw.workers.dev
URL: https://831kkk.ottoshaw.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://831kkk.ottoshaw.workers.dev/

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
content-encoding
gzip
etag
W/"67180f5f-5df3"
x-content-type-options
nosniff
cf-ray
8d8dd2c76b31713e-YUL
expires
Sun, 27 Oct 2024 00:18:38 GMT
date
Sat, 26 Oct 2024 22:18:38 GMT
content-type
text/css
last-modified
Tue, 22 Oct 2024 20:47:27 GMT
server
cloudflare
x-frame-options
DENY
icon-exclamation.png
831kkk.ottoshaw.workers.dev/cdn-cgi/images/ 		452 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://831kkk.ottoshaw.workers.dev/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: 831kkk.ottoshaw.workers.dev
URL: https://831kkk.ottoshaw.workers.dev/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://831kkk.ottoshaw.workers.dev/cdn-cgi/styles/cf.errors.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"67180f5f-1c4"
x-content-type-options
nosniff
cf-ray
8d8dd2c7bb63713e-YUL
expires
Sun, 27 Oct 2024 00:18:38 GMT
accept-ranges
bytes
content-length
452
date
Sat, 26 Oct 2024 22:18:38 GMT
content-type
image/png
last-modified
Tue, 22 Oct 2024 20:47:27 GMT
server
cloudflare
x-frame-options
DENY
favicon.ico
831kkk.ottoshaw.workers.dev/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://831kkk.ottoshaw.workers.dev/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
607095c86bdf8fa19dc14e99aa0b12bca27fd72a7f12e15c0d1a901424f76e57
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://831kkk.ottoshaw.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m80iS0KAQwr4nkHTEwkS27aYirypypCiIOf5fy5eeDhac4f9X%2BwL%2FfWbFAFBckZFVbpEJHLjTIYxzcK9DNu%2F6%2FDn5NLHOifLenYRWbTsdLnnThRSVS0hFqkbAwFRw5JbH8O3ofLlgzYRNEkpi1jtb872YPOuvP%2FHPPQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8dd2c7db7b713e-YUL
date
Sat, 26 Oct 2024 22:18:38 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
Primary Request /
831kkk.ottoshaw.workers.dev/
Redirect Chain
  • https://831kkk.ottoshaw.workers.dev/cdn-cgi/phish-bypass?atok=S1VpaHq8d6Tic6ICE_jg0ecTIRzx21Yvv_3R3gtJ1AU-1729981118-0.0.1.1-%2F
  • https://831kkk.ottoshaw.workers.dev/
170 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://831kkk.ottoshaw.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b290a0fb4377efd59bb47377c1720307e7e32b332a20e26a3b841bfbc389bbe9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://831kkk.ottoshaw.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8d8dd2e72f93713e-YUL
content-encoding
br
content-security-policy-report-only
script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-LVag5vCZ3xl/Q2Oh7utwTVWGSErmiR1gD3ktLSuc8jo='; base-uri 'self';report-to csp-endpoint
content-type
text/html; charset=utf-8
cross-origin-embedder-policy-report-only
'same-origin; report-to=\"crossorigin-errors\"'
cross-origin-opener-policy-report-only
'require-corp; report-to=\"crossorigin-errors\"'
date
Sat, 26 Oct 2024 22:18:43 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0,"include_subdomains":true}
p3p
CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
report-to
{"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]} {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=binghp&ndcParam=QWthbWFp"}]} {"group":"crossorigin-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=binghp"}]}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=17633&sent=32&recv=32&lost=0&retrans=0&sent_bytes=14424&recv_bytes=2969&delivery_rate=481648&cwnd=257&unsent_bytes=0&cid=53eefa1f669e74a7&ts=5492&x=0"
strict-transport-security
max-age=31536000; includeSubDomains; preload
useragentreductionoptout
A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
vary
Accept-Encoding
x-cdn-traceid
0.0c043517.1729981123.39b2a0b3
x-eventid
671d6ac38fc34bf2b518e31d10c7c788
x-frame-options
SAMEORIGIN

Redirect headers

cache-control
private, no-cache
cf-ray
8d8dd2e6ff75713e-YUL
content-length
167
content-type
text/html
date
Sat, 26 Oct 2024 22:18:43 GMT
location
https://831kkk.ottoshaw.workers.dev/
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
th
831kkk.ottoshaw.workers.dev/ 		239 KB
240 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://831kkk.ottoshaw.workers.dev/th?id=OHR.GhostForest_EN-CA5302994217_1920x1080.webp&qlt=50
Requested by
Host: 831kkk.ottoshaw.workers.dev
URL: https://831kkk.ottoshaw.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c52036cf2b9d042c0ae7eaa32455b4d55012da978008ed1acb045087c5d62ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://831kkk.ottoshaw.workers.dev/

Response headers

cf-cache-status
DYNAMIC
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QWthbWFp"}]}
access-control-allow-methods
GET, POST, OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=16362&sent=89&recv=80&lost=0&retrans=0&sent_bytes=66806&recv_bytes=3097&delivery_rate=2740242&cwnd=257&unsent_bytes=0&cid=53eefa1f669e74a7&ts=5560&x=0"
date
Sat, 26 Oct 2024 22:18:43 GMT
content-type
image/webp
vary
Accept-Encoding
access-control-allow-headers
*
cache-control
public, max-age=691200
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin
*
x-cdn-traceid
0.05043517.1729981123.36b5fc7f
cf-ray
8d8dd2e8b907713e-YUL
access-control-allow-origin
*
content-length
244386
server
cloudflare
ICf9X-WMafiZOnS_3M9RpM8994E.gz.js
r.bing.com/rp/ 		1 B
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://r.bing.com/rp/ICf9X-WMafiZOnS_3M9RpM8994E.gz.js
Requested by
Host: 831kkk.ottoshaw.workers.dev
URL: https://831kkk.ottoshaw.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:16::17d4:f81a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://831kkk.ottoshaw.workers.dev/

Response headers

content-md5
AtUQRHwMLfUWfUcUVx5RxQ==
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DC8B0F8C83D358
x-ms-lease-status
unlocked
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires
Mon, 28 Oct 2024 13:15:44 GMT
alt-svc
h3=":443"; ma=93600
date
Sat, 26 Oct 2024 22:18:44 GMT
last-modified
Wed, 12 Jun 2024 18:43:27 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, no-transform, max-age=140220
timing-allow-origin
*
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id
540cbb8e-a01e-0043-3b49-1878a0000000
access-control-allow-origin
*
content-length
21
akamai-grn
0.1a68dc17.1729981124.2200e0c0
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
STSX1v_EARslKwMlqzSiMHDtqf8.gz.css
r.bing.com/rp/ 		0
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://r.bing.com/rp/STSX1v_EARslKwMlqzSiMHDtqf8.gz.css
Requested by
Host: 831kkk.ottoshaw.workers.dev
URL: https://831kkk.ottoshaw.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:16::17d4:f81a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://831kkk.ottoshaw.workers.dev
Referer
https://831kkk.ottoshaw.workers.dev/

Response headers

content-md5
Rei39mpx8LSUTAbIQ/3u8Q==
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCF51D61E1410B
x-ms-lease-status
unlocked
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires
Thu, 31 Oct 2024 02:29:24 GMT
alt-svc
h3=":443"; ma=93600
date
Sat, 26 Oct 2024 22:18:44 GMT
content-type
text/css
last-modified
Fri, 25 Oct 2024 17:49:32 GMT
vary
Accept-Encoding
cache-control
public, no-transform, max-age=360640
timing-allow-origin
*
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id
82294529-c01e-001c-4d4e-278a5e000000
access-control-allow-origin
*
content-length
6183
akamai-grn
0.1168dc17.1729981124.233e97fd
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
bhp_scope_cplt16.png
831kkk.ottoshaw.workers.dev/sa/simg/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://831kkk.ottoshaw.workers.dev/sa/simg/bhp_scope_cplt16.png
Requested by
Host: 831kkk.ottoshaw.workers.dev
URL: https://831kkk.ottoshaw.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b03c6e116b0a1894cfef797da24399054b9e17432c03f26b84c438b8992a549
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://831kkk.ottoshaw.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h8QPMIJBPeNWNDSeSmuBLmXI1IwG4Cf8W2DdZ%2F2Yb01VAB7azmFjXuohobfF%2FWFR%2Boy5%2BUxM6t%2BEuK5DAAvWtUZftDJOkyzqlcTgT5Jz%2FHJxvNsOQr2LpPpSMeCTsWI5j2e9%2FVI%2BjbqP4cHCsGc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8dd2e8fa3e711b-YYZ
date
Sat, 26 Oct 2024 22:18:43 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
ytiieusXgM2K8bLkEDP-AS1ePds.png
831kkk.ottoshaw.workers.dev/rp/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://831kkk.ottoshaw.workers.dev/rp/ytiieusXgM2K8bLkEDP-AS1ePds.png
Requested by
Host: 831kkk.ottoshaw.workers.dev
URL: https://831kkk.ottoshaw.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c59b7906f08aade0781682c3bbcc1514487bf3fc72c41e855c961ce509e2b3bf
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://831kkk.ottoshaw.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0K5fWkUjebC0EnJ9sAdwONneXVhz3YKUjcg9lGdbY5Gi0k2GqV2QMSARKsPVfvpU8MPxorB2BjorqCSR3TQ9J4w%2F4u%2B8uPLSoqynxvMP3sM5SL1jrrkEG83HtFq0dTkbOmzOOME7TjwxIvT7SCU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8dd2e8fa3f711b-YYZ
date
Sat, 26 Oct 2024 22:18:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
OkNPLxtMtQ9XH802BeUyMZL41ao.gz.js
r.bing.com/rp/ 		810 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.bing.com/rp/OkNPLxtMtQ9XH802BeUyMZL41ao.gz.js
Requested by
Host: 831kkk.ottoshaw.workers.dev
URL: https://831kkk.ottoshaw.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:16::17d4:f81a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
32bc53d0db6efb86bf56e71e3fa09523e7e80bd2179074f07abcc05a357ab361

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://831kkk.ottoshaw.workers.dev
Referer
https://831kkk.ottoshaw.workers.dev/

Response headers

content-md5
z1og0mC8P9X696//Hn4Opg==
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCD88DBCB7F548
x-ms-lease-status
unlocked
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires
Tue, 29 Oct 2024 09:43:00 GMT
alt-svc
h3=":443"; ma=93600
date
Sat, 26 Oct 2024 22:18:44 GMT
last-modified
Thu, 19 Sep 2024 09:30:44 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, no-transform, max-age=213856
timing-allow-origin
*
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id
f184f45d-901e-0040-4cc6-167ba7000000
access-control-allow-origin
*
content-length
444
akamai-grn
0.1168dc17.1729981124.233e97c9
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
rIF66pYofPmgbMKlcDHxaoct35w.gz.js
r.bing.com/rp/ 		76 B
706 B 		Script
General
Check archive.org
Download Go to
Full URL
https://r.bing.com/rp/rIF66pYofPmgbMKlcDHxaoct35w.gz.js
Requested by
Host: 831kkk.ottoshaw.workers.dev
URL: https://831kkk.ottoshaw.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:16::17d4:f81a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8149ebbab97636b492c4577e5d86b65001e672718bbd01218d8888b9989e7e4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://831kkk.ottoshaw.workers.dev
Referer
https://831kkk.ottoshaw.workers.dev/

Response headers

content-md5
JdYlqnhHoMoMrNfnT20MmA==
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCD89101F3B7C0
x-ms-lease-status
unlocked
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires
Wed, 30 Oct 2024 08:50:06 GMT
alt-svc
h3=":443"; ma=93600
date
Sat, 26 Oct 2024 22:18:44 GMT
last-modified
Thu, 19 Sep 2024 09:54:09 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, no-transform, max-age=297082
timing-allow-origin
*
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id
01f2b5f8-001e-006c-7f10-1cf99a000000
access-control-allow-origin
*
content-length
80
akamai-grn
0.1168dc17.1729981124.233e97fc
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
STSX1v_EARslKwMlqzSiMHDtqf8.gz.css
r.bing.com/rp/ 		20 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r.bing.com/rp/STSX1v_EARslKwMlqzSiMHDtqf8.gz.css
Requested by
Host: 831kkk.ottoshaw.workers.dev
URL: https://831kkk.ottoshaw.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:16::17d4:f81a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
14e4c8ac3df6daf4bcbcaaa70e38c47f9f6db9a29fd6ecbeaf2b24f0ef5ca84c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://831kkk.ottoshaw.workers.dev
Referer
https://831kkk.ottoshaw.workers.dev/

Response headers

content-md5
Rei39mpx8LSUTAbIQ/3u8Q==
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCF51D61E1410B
x-ms-lease-status
unlocked
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires
Thu, 31 Oct 2024 02:29:24 GMT
alt-svc
h3=":443"; ma=93600
date
Sat, 26 Oct 2024 22:18:44 GMT
content-type
text/css
last-modified
Fri, 25 Oct 2024 17:49:32 GMT
vary
Accept-Encoding
cache-control
public, no-transform, max-age=360640
timing-allow-origin
*
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id
82294529-c01e-001c-4d4e-278a5e000000
access-control-allow-origin
*
content-length
6183
akamai-grn
0.1168dc17.1729981124.233e97fd
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
widget.js
www.bing.com/rewardsapp/widgetassets/prod/medallion/1.0.0/js/ 		126 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bing.com/rewardsapp/widgetassets/prod/medallion/1.0.0/js/widget.js?t=241026
Requested by
Host: 831kkk.ottoshaw.workers.dev
URL: https://831kkk.ottoshaw.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0534063b785a8be57aa01291be838543ef612562f90951d186087e972069b679

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://831kkk.ottoshaw.workers.dev/

Response headers

content-encoding
br
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
x-fd-int-roxy-purgeid
0
x-cache
CONFIG_NOCACHE
date
Sat, 26 Oct 2024 22:18:43 GMT
content-type
application/json
last-modified
Thu, 26 Sep 2024 14:00:34 GMT
vary
Accept-Encoding
cache-control
public, max-age=21600
x-ceto-ref
671d6ac464684efe83f5370c792e27d1|AFD:671d6ac464684efe83f5370c792e27d1|2024-10-26T22:18:44.546Z
x-msedge-ref
Ref A: 2B58AF23FE404E228F6C290FB5F29473 Ref B: YMQ01EDGE0321 Ref C: 2024-10-26T22:18:44Z
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-ms-request-id
e171d4fd-a01e-000e-4074-274e3b000000
access-control-allow-origin
*
x-azure-ref
20241026T221844Z-186f6d49965jw2vccbrbn4dtnw000000047000000001f3ds
x-ms-blob-type
BlockBlob
xNbhbyLDC53WgzusXbz-k1ZPyIs.gz.css
r.bing.com/rp/ 		256 KB
133 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r.bing.com/rp/xNbhbyLDC53WgzusXbz-k1ZPyIs.gz.css
Requested by
Host: 831kkk.ottoshaw.workers.dev
URL: https://831kkk.ottoshaw.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:16::17d4:f81a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
311bc268e2679c85ddb6ce7a076b182b2307686130fd8c15586c1d4803e3832b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://831kkk.ottoshaw.workers.dev/

Response headers

content-md5
N8/9izx9L2p/ZiQTaX5kBw==
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCF43D2FAAA4C7
x-ms-lease-status
unlocked
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires
Wed, 30 Oct 2024 11:12:58 GMT
alt-svc
h3=":443"; ma=93600
date
Sat, 26 Oct 2024 22:18:44 GMT
content-type
text/css
last-modified
Thu, 24 Oct 2024 15:04:40 GMT
vary
Accept-Encoding
cache-control
public, no-transform, max-age=305654
timing-allow-origin
*
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id
07daa3d5-501e-0074-03ce-26d40f000000
access-control-allow-origin
*
content-length
135324
akamai-grn
0.1a68dc17.1729981124.2200e913
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vYhrUWJwQuxFDxb-DJDTggEaBl4.gz.css
r.bing.com/rp/ 		30 B
663 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r.bing.com/rp/vYhrUWJwQuxFDxb-DJDTggEaBl4.gz.css
Requested by
Host: 831kkk.ottoshaw.workers.dev
URL: https://831kkk.ottoshaw.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:16::17d4:f81a Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d7213c51946975f61ba549e0b3fa83567c854557c673d56c9dddcccab6fdad0a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://831kkk.ottoshaw.workers.dev/

Response headers

content-md5
Z6CK/5uVYFe4GrvtnJzrYg==
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DCD8918BB5144E
x-ms-lease-status
unlocked
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires
Tue, 29 Oct 2024 16:29:27 GMT
alt-svc
h3=":443"; ma=93600
date
Sat, 26 Oct 2024 22:18:44 GMT
last-modified
Thu, 19 Sep 2024 09:58:00 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, no-transform, max-age=238243
timing-allow-origin
*
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-ms-request-id
01c85949-b01e-0018-137b-187fdc000000
access-control-allow-origin
*
content-length
50
akamai-grn
0.1a68dc17.1729981124.2200e914
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
l
831kkk.ottoshaw.workers.dev/fd/ls/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://831kkk.ottoshaw.workers.dev/fd/ls/l?IG=0E20065798744B4484D7CBC285F1E5E9&CID=26457952E1AE695A1B7E6C76E00968B8&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:-1,%22BC%22:-1,%22SE%22:-1,%22TC%22:-1,%22H%22:-1,%22BP%22:326,%22CT%22:327,%22IL%22:3},%22net%22:%22undefined%22}&P=SERP&DA=BNZE01
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b668d5a3b7392acf40e5383cac62eb36d84bd17c9b299c8837d070ffc9ad9f5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://831kkk.ottoshaw.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lENG7o2GwPHzc28il%2Fu1HaBsjzuB%2FtBWZn%2FTVXO0fLVi7M8hE400WybfB3NLAC%2Fh0ThU%2FmZSImbc13iWA2EOG%2BANrWhuS7MH9RNiXtMaFUD5k%2FgZhT%2B3n%2FBzkF4qyBxyApiYKXujKzkp6WJd8WY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8dd2ed2d87711b-YYZ
date
Sat, 26 Oct 2024 22:18:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
favicon-trans-bg-000-mg.ico
831kkk.ottoshaw.workers.dev/sa/simg/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://831kkk.ottoshaw.workers.dev/sa/simg/favicon-trans-bg-000-mg.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cefe7989154ab582b63d69832fec58f5e8d8815e17616e2ed128878d40ef4f59
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://831kkk.ottoshaw.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ExA9c4F0mQKofB4CdM%2F2vAxm3JFHToq5KXG4JqAHdG9euESw5aSDfyaOcFWR8vbxK8iQjMZeE1j%2BIZ3WymkfLhluoSWOFF1DnCEn0NTMELLyirQaW4vyJRpJuOw5tJZTy1PPpEVeatL7gE35ToI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8dd2ed2d88711b-YYZ
date
Sat, 26 Oct 2024 22:18:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
lsp.aspx
831kkk.ottoshaw.workers.dev/fd/ls/ 		4 KB
2 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://831kkk.ottoshaw.workers.dev/fd/ls/lsp.aspx?
Requested by
Host: 831kkk.ottoshaw.workers.dev
URL: https://831kkk.ottoshaw.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d38eb4392e4748ad0180ebdd73ce01e0a8e5425e3ae13fc325de19340cb2888
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://831kkk.ottoshaw.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bk8oZu%2FS3NjBxy%2BqhVkvk7CCJqSkBQE%2B%2BmSk%2ByROz6dUk0sPWlM8VflTOjW3mFIwEp%2F0DVtSHGu9MTa0FH8%2FBdsBDNNHMhSuRkaqztl2YT7kKVCiA9up3JmBSCdS7LEKk1EGi%2F0BAVDlA3Tdt3o%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8dd2ed2d8a711b-YYZ
date
Sat, 26 Oct 2024 22:18:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
v-9MDlZf3UpTm3z78CHvLGE8SMU.gz.js
831kkk.ottoshaw.workers.dev/rp/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://831kkk.ottoshaw.workers.dev/rp/v-9MDlZf3UpTm3z78CHvLGE8SMU.gz.js
Requested by
Host: 831kkk.ottoshaw.workers.dev
URL: https://831kkk.ottoshaw.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.154.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://831kkk.ottoshaw.workers.dev
Referer
https://831kkk.ottoshaw.workers.dev/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0E9QD83G1tllFPd1GLtgFH801bIQTndv3TH%2FjGLu1uU9SZ35HNb7x1AUEa8AvyKYIl30GD9p%2BNlizLwdmEdatrlNU4BIvB%2F8VylfGtQ23XGkostNy8hL58hyEGAdwSpULMe3vfU0Jb%2BS5JofYQs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d8dd2ed2d8b711b-YYZ
date
Sat, 26 Oct 2024 22:18:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
29PIludr0ouX7uObDIN9ORIKUhg.png
r.bing.com/rp/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.bing.com/rp/29PIludr0ouX7uObDIN9ORIKUhg.png
Requested by
Host: r.bing.com
URL: https://r.bing.com/rp/xNbhbyLDC53WgzusXbz-k1ZPyIs.gz.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.212.250.88 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-250-88.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
31ee0b33f7393eb212728cbab82119f00aa8a539ee6b0bb517af5b6ccc6f9879

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://r.bing.com/rp/xNbhbyLDC53WgzusXbz-k1ZPyIs.gz.css

Response headers

content-md5
uY+5CYfOSs2LgdhiWj0GTg==
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8DCEC8677498324
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
expires
Sun, 27 Oct 2024 23:34:11 GMT
alt-svc
h3=":443"; ma=93600
date
Sat, 26 Oct 2024 22:18:44 GMT
last-modified
Mon, 14 Oct 2024 19:29:05 GMT
content-type
image/png
cache-control
public, no-transform, max-age=90927
timing-allow-origin
*
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
quic-version
0x00000001
x-ms-request-id
b6926171-d01e-006e-7bc9-1efb60000000
access-control-allow-origin
*
content-length
3828
akamai-grn
0.586adc17.1729981124.159b1545
x-ms-blob-type
BlockBlob
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| sj_log function| logJSText function| logCSP function| getHref object| ignErr object| ignCSPErr number| maxErr function| ignoreCurrentError function| regexEsc function| ignoreCSPLog object| _d object| sb_de function| jsErrorHandler function| cspErrorHandler object| img_p object| preloadBg function| si_T object| _model object| _vs object| si_ST object| _H object| _w function| _ge function| _qs function| sb_st function| sb_rst function| sb_ct function| sb_gt function| sj_gx object| amd function| define function| require function| lb object| clc object| SerpMode object| perf function| PostloadResources function| getBrowserWidth_Desk function| getBrowserHeight_Desk function| getBrowserScrollWidth_Desk function| getBrowserScrollHeight_Desk function| sa_preactloader function| sa_preactcompsloader object| sa_storage object| ipd object| BM object| Identity number| wlc_d number| wlc_t object| BingAtWork object| _G string| curUrl function| sj_ce object| sj_cook function| sk_merge object| ChatMergeLogHelper string| bbe function| fb_is object| rms object| sj_evt function| sj_jb function| sj_wf function| sj_pd function| sj_sp function| sj_be function| sj_go function| sj_ev function| sj_ue function| sj_et object| Log function| sj_mo function| sj_so function| si_sbwu object| ClTrCo function| si_ct function| si_PP string| DMMode object| ClientObserver object| sa_config object| sa_loc function| sa_loader function| FallBackToDefaultProfilePic object| LGUtility function| __assign function| __spreadArray object| rewardsWidgetScript object| bepcfg object| LightLogger object| sch string| data_iid boolean| IsHomepage function| RewWid object| RewardsWidget

3 Cookies

Domain/Path Name / Value
.831kkk.ottoshaw.workers.dev/ Name: __cf_mw_byp
Value: S1VpaHq8d6Tic6ICE_jg0ecTIRzx21Yvv_3R3gtJ1AU-1729981118-0.0.1.1-/
831kkk.ottoshaw.workers.dev/ Name: MUIDB
Value: 26457952E1AE695A1B7E6C76E00968B8
.bing.com/ Name: MUID
Value: 023F067FB03D6BC8338E135BB1EB6A11

9 Console Messages

Source Level URL
Text
network error URL: https://831kkk.ottoshaw.workers.dev/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://831kkk.ottoshaw.workers.dev/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://831kkk.ottoshaw.workers.dev/sa/simg/bhp_scope_cplt16.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://831kkk.ottoshaw.workers.dev/rp/ytiieusXgM2K8bLkEDP-AS1ePds.png
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://831kkk.ottoshaw.workers.dev/fd/ls/l?IG=0E20065798744B4484D7CBC285F1E5E9&CID=26457952E1AE695A1B7E6C76E00968B8&Type=Event.CPT&DATA={%22pp%22:{%22S%22:%22L%22,%22FC%22:-1,%22BC%22:-1,%22SE%22:-1,%22TC%22:-1,%22H%22:-1,%22BP%22:326,%22CT%22:327,%22IL%22:3},%22net%22:%22undefined%22}&P=SERP&DA=BNZE01
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://831kkk.ottoshaw.workers.dev/sa/simg/favicon-trans-bg-000-mg.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://831kkk.ottoshaw.workers.dev/fd/ls/lsp.aspx?
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://831kkk.ottoshaw.workers.dev/rp/v-9MDlZf3UpTm3z78CHvLGE8SMU.gz.js
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://831kkk.ottoshaw.workers.dev/
Message:
The resource https://r.bing.com/rp/ICf9X-WMafiZOnS_3M9RpM8994E.gz.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

831kkk.ottoshaw.workers.dev
r.bing.com
www.bing.com
172.67.154.199
23.212.250.88
2600:1408:c400:16::17d4:f81a
2606:4700:3032::ac43:9ac7
2620:1ec:c11::237
0534063b785a8be57aa01291be838543ef612562f90951d186087e972069b679
14e4c8ac3df6daf4bcbcaaa70e38c47f9f6db9a29fd6ecbeaf2b24f0ef5ca84c
1c52036cf2b9d042c0ae7eaa32455b4d55012da978008ed1acb045087c5d62ca
311bc268e2679c85ddb6ce7a076b182b2307686130fd8c15586c1d4803e3832b
31ee0b33f7393eb212728cbab82119f00aa8a539ee6b0bb517af5b6ccc6f9879
32bc53d0db6efb86bf56e71e3fa09523e7e80bd2179074f07abcc05a357ab361
5d38eb4392e4748ad0180ebdd73ce01e0a8e5425e3ae13fc325de19340cb2888
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
607095c86bdf8fa19dc14e99aa0b12bca27fd72a7f12e15c0d1a901424f76e57
643ac89572093a4c907c1af802b3d354453c64d545dc3f1be1ce689046064511
6b03c6e116b0a1894cfef797da24399054b9e17432c03f26b84c438b8992a549
6e09e7916841e519ec48d6dcc62661ac290fbf12ae3403659e9f224ec2990e21
8149ebbab97636b492c4577e5d86b65001e672718bbd01218d8888b9989e7e4e
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
9b668d5a3b7392acf40e5383cac62eb36d84bd17c9b299c8837d070ffc9ad9f5
b290a0fb4377efd59bb47377c1720307e7e32b332a20e26a3b841bfbc389bbe9
c59b7906f08aade0781682c3bbcc1514487bf3fc72c41e855c961ce509e2b3bf
cefe7989154ab582b63d69832fec58f5e8d8815e17616e2ed128878d40ef4f59
d7213c51946975f61ba549e0b3fa83567c854557c673d56c9dddcccab6fdad0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016