info-prtclier-lc-scurefdse.info Open in urlscan Pro
101.99.91.26 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ramsedcoevrero.info/
Effective URL:
https://info-prtclier-lc-scurefdse.info/clients/login.php?verification
Submission: On April 08 via manual (April 8th 2021, 9:09:42 pm UTC) from CA

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 9 domains to perform 21 HTTP transactions. The main IP is 101.99.91.26, located in Malaysia and belongs to SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY. The main domain is info-prtclier-lc-scurefdse.info.
TLS certificate: Issued by R3 on April 7th 2021. Valid for: 3 months.

This is the only time info-prtclier-lc-scurefdse.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Crédit Lyonnais (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2 10	101.99.91.26 101.99.91.26	45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd)
3	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	130.250.68.51 130.250.68.51	394900 (VXCHNGE-MN01) (VXCHNGE-MN01)
2	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
21	8

10 101.99.91.26 (Malaysia) 2 redirects

ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)

ramsedcoevrero.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
info-prtclier-lc-scurefdse.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.250.68.51 (United States)

ASN394900 (VXCHNGE-MN01, US)

aww.moe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	info-prtclier-lc-scurefdse.info 1 redirects info-prtclier-lc-scurefdse.info	388 KB
3	gstatic.com fonts.gstatic.com	43 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	30 KB
2	cloudflare.com cdnjs.cloudflare.com	358 KB
2	jsdelivr.net cdn.jsdelivr.net	45 KB
2	ramsedcoevrero.info 1 redirects ramsedcoevrero.info	1 KB
1	googleapis.com fonts.googleapis.com	793 B
1	jquery.com code.jquery.com	30 KB
1	aww.moe aww.moe	42 KB
21	9

	Domain	Requested by
8	info-prtclier-lc-scurefdse.info	1 redirects info-prtclier-lc-scurefdse.info
3	fonts.gstatic.com	fonts.googleapis.com
3	maxcdn.bootstrapcdn.com	ramsedcoevrero.info
2	cdnjs.cloudflare.com	info-prtclier-lc-scurefdse.info
2	cdn.jsdelivr.net	info-prtclier-lc-scurefdse.info
2	ramsedcoevrero.info	1 redirects
1	fonts.googleapis.com	info-prtclier-lc-scurefdse.info
1	code.jquery.com	info-prtclier-lc-scurefdse.info
1	aww.moe	ramsedcoevrero.info
21	9

This site contains no links.

Subject Issuer	Validity	Valid
ramsedcoevrero.info R3	`2021-04-07` - `2021-07-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
aww.moe R3	`2021-03-21` - `2021-06-19`	3 months	crt.sh
info-prtclier-lc-scurefdse.info R3	`2021-04-07` - `2021-07-06`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-25` - `2022-03-26`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://info-prtclier-lc-scurefdse.info/clients/login.php?verification
Frame ID: 915039C5DAE083B7EDC7BD3A9D4CB3F7
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ramsedcoevrero.info/ HTTP 301
https://ramsedcoevrero.info/ Page URL
https://info-prtclier-lc-scurefdse.info/?pwd=lcl HTTP 302
https://info-prtclier-lc-scurefdse.info/clients/login.php?verification Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

21
Requests

100 %
HTTPS

75 %
IPv6

9
Domains

9
Subdomains

8
IPs

4
Countries

938 kB
Transfer

2214 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ramsedcoevrero.info/ HTTP 301
https://ramsedcoevrero.info/ Page URL
https://info-prtclier-lc-scurefdse.info/?pwd=lcl HTTP 302
https://info-prtclier-lc-scurefdse.info/clients/login.php?verification Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ramsedcoevrero.info/ HTTP 301
https://ramsedcoevrero.info/

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
ramsedcoevrero.info/
Redirect Chain

http://ramsedcoevrero.info/
https://ramsedcoevrero.info/

3 KB
1 KB

551ms
186ms

Document
text/html

101.99.91.26
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://ramsedcoevrero.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 101.99.91.26 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: b2c51c87f6f39dc3cd904e8485e51850a1d09be9aba1009b7976c8ea88416a59

Request headers

:method: GET
:authority: ramsedcoevrero.info
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Thu, 08 Apr 2021 21:09:22 GMT
content-type: text/html
last-modified: Wed, 07 Apr 2021 08:44:55 GMT
etag: W/"606d7107-b88"
x-powered-by: PleskLin
content-encoding: br

Redirect headers

Server: nginx
Date: Thu, 08 Apr 2021 21:09:21 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://ramsedcoevrero.info/

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
18 KB 24ms
23ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: ramsedcoevrero.info
URL: https://ramsedcoevrero.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://ramsedcoevrero.info
Referer: https://ramsedcoevrero.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 21:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 632, 617, 617, 617
access-control-allow-origin: *
cdn-cachedat: 2021-04-07 13:41:50
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0954ea8a980000d6f1ab858000000001
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 10ea99fbdab1f9c2de69ada52c12baf6
cf-ray: 63ce79f0fb62d6f1-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 bootstrap-theme.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 23 KB
3 KB 33ms
32ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css

Requested by

Host: ramsedcoevrero.info
URL: https://ramsedcoevrero.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://ramsedcoevrero.info
Referer: https://ramsedcoevrero.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 21:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 601, 617, 617
access-control-allow-origin: *
cdn-cachedat: 2021-04-07 13:31:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0954ea8a990000d6f16d2a1000000001
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 92e38447fc14828ea91ecfddac483058
cf-ray: 63ce79f0fb63d6f1-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
9 KB 28ms
27ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: ramsedcoevrero.info
URL: https://ramsedcoevrero.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://ramsedcoevrero.info
Referer: https://ramsedcoevrero.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 21:09:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 722, 617, 617
access-control-allow-origin: *
cdn-cachedat: 2021-04-07 13:44:07
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0954ea8a990000d6f1973cf000000001
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: b7fcf0f2589093ecf0a685f881034bc3
cf-ray: 63ce79f0fb66d6f1-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jyowta.css
aww.moe/ 42 KB
42 KB 380ms
135ms Stylesheet
text/plain 130.250.68.51
VXCHNGE-MN01

General

Check archive.org

Show headers Download Go to

Full URL: https://aww.moe/jyowta.css
Requested by: Host: ramsedcoevrero.info
URL: https://ramsedcoevrero.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.250.68.51 , United States, ASN394900 (VXCHNGE-MN01, US),
Reverse DNS
Software: Caddy /
Resource Hash: 18a569f10c35c4a4739a0cc5972f998cb588b6725c8641ac54a64682be0e57cd

Request headers

Referer: https://ramsedcoevrero.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 21:09:23 GMT
server: Caddy
x-pomf-cache-status: Cached
content-length: 42829
content-type: text/plain

GET
H2

200

Primary Request login.php Show response
info-prtclier-lc-scurefdse.info/clients/
Redirect Chain

https://info-prtclier-lc-scurefdse.info/?pwd=lcl
https://info-prtclier-lc-scurefdse.info/clients/login.php?verification

9 KB
2 KB

991ms
991ms

Document
text/html

101.99.91.26
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://info-prtclier-lc-scurefdse.info/clients/login.php?verification
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 101.99.91.26 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software: nginx / PHP/7.4.16 PleskLin
Resource Hash: fed5fee48829cbeb1239cda06dd24ce4b79e129001cb4787fc58bced0ad444f8

Request headers

:method: GET
:authority: info-prtclier-lc-scurefdse.info
:scheme: https
:path: /clients/login.php?verification
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://ramsedcoevrero.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PHPSESSID=8346dpel4ftq495p5umr7at4s3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ramsedcoevrero.info/

Response headers

server: nginx
date: Thu, 08 Apr 2021 21:09:25 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.16 PleskLin
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: br

Redirect headers

server: nginx
date: Thu, 08 Apr 2021 21:09:24 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/7.4.16 PleskLin
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=8346dpel4ftq495p5umr7at4s3; path=/
location: clients/login.php?verification#_

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ 157 KB
24 KB 21ms
20ms Stylesheet
text/css 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css

Requested by

Host: info-prtclier-lc-scurefdse.info
URL: https://info-prtclier-lc-scurefdse.info/clients/login.php?verification

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://info-prtclier-lc-scurefdse.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 5004611
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 23906
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
x-served-by: cache-fra19153-FRA, cache-hhn4025-HHN
date: Thu, 08 Apr 2021 21:09:26 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 helpers.css
info-prtclier-lc-scurefdse.info/assets/css/ 41 KB
3 KB 200ms
200ms Stylesheet
text/css 101.99.91.26
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://info-prtclier-lc-scurefdse.info/assets/css/helpers.css
Requested by: Host: info-prtclier-lc-scurefdse.info
URL: https://info-prtclier-lc-scurefdse.info/clients/login.php?verification
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 101.99.91.26 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765

Request headers

Referer: https://info-prtclier-lc-scurefdse.info/clients/login.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 21:09:25 GMT
content-encoding: br
etag: W/"5fc805c8-a318"
last-modified: Wed, 02 Dec 2020 21:23:20 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 style.css
info-prtclier-lc-scurefdse.info/assets/css/ 11 KB
2 KB 202ms
201ms Stylesheet
text/css 101.99.91.26
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://info-prtclier-lc-scurefdse.info/assets/css/style.css
Requested by: Host: info-prtclier-lc-scurefdse.info
URL: https://info-prtclier-lc-scurefdse.info/clients/login.php?verification
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 101.99.91.26 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 73f9f1fe329579a64ca0bfc837f53cd3c8a69f464b541510fe01dd6c530f4e5c

Request headers

Referer: https://info-prtclier-lc-scurefdse.info/clients/login.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 21:09:25 GMT
content-encoding: br
etag: W/"602d0182-2a35"
last-modified: Wed, 17 Feb 2021 11:44:02 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 logo.svg
info-prtclier-lc-scurefdse.info/assets/imgs/ 27 KB
27 KB 373ms
371ms Image
image/svg+xml 101.99.91.26
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info-prtclier-lc-scurefdse.info/assets/imgs/logo.svg
Requested by: Host: info-prtclier-lc-scurefdse.info
URL: https://info-prtclier-lc-scurefdse.info/clients/login.php?verification
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 101.99.91.26 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: b0606f6d85632a232a60b68fcb3abd5b05ffaf6e27cb0a202970507144582b60

Request headers

Referer: https://info-prtclier-lc-scurefdse.info/clients/login.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 21:09:25 GMT
last-modified: Wed, 18 Nov 2020 08:29:26 GMT
server: nginx
x-powered-by: PleskLin
etag: "5fb4db66-6c7d"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 27773

GET
H2 200 img.png
info-prtclier-lc-scurefdse.info/assets/imgs/ 2 KB
2 KB 199ms
198ms Image
image/png 101.99.91.26
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info-prtclier-lc-scurefdse.info/assets/imgs/img.png
Requested by: Host: info-prtclier-lc-scurefdse.info
URL: https://info-prtclier-lc-scurefdse.info/clients/login.php?verification
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 101.99.91.26 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 7eb8cd4ae6344d2d95709b85a6b23e51fdfdd9bf2b3ce6cefb532150e051c922

Request headers

Referer: https://info-prtclier-lc-scurefdse.info/clients/login.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 21:09:25 GMT
last-modified: Wed, 18 Nov 2020 08:31:34 GMT
server: nginx
x-powered-by: PleskLin
etag: "5fb4dbe6-87c"
content-type: image/png
accept-ranges: bytes
content-length: 2172

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 5656ms
5640ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: info-prtclier-lc-scurefdse.info
URL: https://info-prtclier-lc-scurefdse.info/clients/login.php?verification
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://info-prtclier-lc-scurefdse.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 21:09:31 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1617916166.dop007.fr8.t,1617916166.cds250.fr8.hc,1617916166.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 82 KB
21 KB 27ms
25ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: info-prtclier-lc-scurefdse.info
URL: https://info-prtclier-lc-scurefdse.info/clients/login.php?verification

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://info-prtclier-lc-scurefdse.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 5004609
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 21785
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
x-served-by: cache-fra19178-FRA, cache-hhn4025-HHN
date: Thu, 08 Apr 2021 21:09:26 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 all.min.js Show response
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/js/ 1 MB
355 KB 17ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/js/all.min.js

Requested by

Host: info-prtclier-lc-scurefdse.info
URL: https://info-prtclier-lc-scurefdse.info/clients/login.php?verification

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20a3ef6979bbe5e4de1afaecc703e1d34cbc5e3ceab36d378539506327692d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://info-prtclier-lc-scurefdse.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 21:09:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5080886
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 362308
cf-request-id: 0954ea9764000017765e8eb000000001
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-123bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MRZIKTFF9xZJTwV1fwRV1hEyMNCu2d7dZ5aJyQ2NNXLinQz024GTvjVF8FuOtNE09e6KSAggl8TkNJOZfuMqLEskBiInczqw09CB5nVe6q477NlyaGgcU%2BxVgLnApGLNAg%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 63ce7a056f241776-FRA
expires: Tue, 29 Mar 2022 21:09:25 GMT

GET
H2 200 jquery.payment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.payment/3.0.0/ 8 KB
3 KB 24ms
23ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.payment/3.0.0/jquery.payment.min.js

Requested by

Host: info-prtclier-lc-scurefdse.info
URL: https://info-prtclier-lc-scurefdse.info/clients/login.php?verification

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://info-prtclier-lc-scurefdse.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 21:09:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7174005
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2420
cf-request-id: 0954ea97650000177654065000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-210b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1d6n9C%2FGu4e4uyA%2FvsrU24Jbhf9ccvrZ%2BDzXV3N1IJpP7QdwXTRoGlodKqsuTwG54tLOmSjkfXzN3HijofUY6ghVHiDFOI08dZb2at1UryEUiJqAl8kr2M6HPR5XOcuxaQ%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 63ce7a056f251776-FRA
expires: Tue, 29 Mar 2022 21:09:25 GMT

GET
H2 200 script.js Show response
info-prtclier-lc-scurefdse.info/assets/js/ 199 B
277 B 201ms
200ms Script
application/javascript 101.99.91.26
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to

Full URL: https://info-prtclier-lc-scurefdse.info/assets/js/script.js
Requested by: Host: info-prtclier-lc-scurefdse.info
URL: https://info-prtclier-lc-scurefdse.info/clients/login.php?verification
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 101.99.91.26 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: e0ea68a0351381f0f69aaa24827fdc4e3208c829c158078d3ed5bf2cd511c74d

Request headers

Referer: https://info-prtclier-lc-scurefdse.info/clients/login.php?verification
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 21:09:25 GMT
content-encoding: br
last-modified: Wed, 17 Feb 2021 10:48:32 GMT
x-accel-version: 0.01
x-powered-by: PleskLin
etag: W/"c7-5bb85f5c62000"
content-type: application/javascript
server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
793 B 14ms
13ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Requested by

Host: info-prtclier-lc-scurefdse.info
URL: https://info-prtclier-lc-scurefdse.info/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

043408d901653af0d904e54849944f83b37d2b20c195d8a900e7fa34c45dc257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://info-prtclier-lc-scurefdse.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Apr 2021 20:03:43 GMT
server: ESF
date: Thu, 08 Apr 2021 21:09:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Apr 2021 21:09:26 GMT

GET
H2 200 img.jpg
info-prtclier-lc-scurefdse.info/assets/imgs/ 351 KB
351 KB 315ms
314ms Image
image/jpeg 101.99.91.26
SHINJIRU-MY-AS-AP...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://info-prtclier-lc-scurefdse.info/assets/imgs/img.jpg
Requested by: Host: info-prtclier-lc-scurefdse.info
URL: https://info-prtclier-lc-scurefdse.info/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 101.99.91.26 , Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 5a447b0ee932cde3ebd1124a9707e77d7e7cf90d0cd965a1364f8fa21434f243

Request headers

Referer: https://info-prtclier-lc-scurefdse.info/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 21:09:26 GMT
last-modified: Wed, 18 Nov 2020 13:10:22 GMT
server: nginx
x-powered-by: PleskLin
etag: "5fb51d3e-57bc0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 359360

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://info-prtclier-lc-scurefdse.info
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 558349
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://info-prtclier-lc-scurefdse.info
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:47 GMT
server: sffe
age: 68784
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14880
x-xss-protection: 0
expires: Fri, 08 Apr 2022 02:03:02 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://info-prtclier-lc-scurefdse.info
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 558349
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Sat, 02 Apr 2022 10:03:37 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Crédit Lyonnais (Banking)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aww.moe
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
info-prtclier-lc-scurefdse.info
maxcdn.bootstrapcdn.com
ramsedcoevrero.info
101.99.91.26
130.250.68.51
2001:4de0:ac18::1:a:2a
2606:4700::6810:125e
2606:4700::6812:bcf
2a00:1450:4001:801::200a
2a00:1450:4001:80f::2003
2a04:4e42:1b::621
043408d901653af0d904e54849944f83b37d2b20c195d8a900e7fa34c45dc257
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
18a569f10c35c4a4739a0cc5972f998cb588b6725c8641ac54a64682be0e57cd
20a3ef6979bbe5e4de1afaecc703e1d34cbc5e3ceab36d378539506327692d72
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5a447b0ee932cde3ebd1124a9707e77d7e7cf90d0cd965a1364f8fa21434f243
653e073e97423adda5bc3917a241ee8497dd38a48f14bcde0098a4e54fd0fa5e
6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37
73f9f1fe329579a64ca0bfc837f53cd3c8a69f464b541510fe01dd6c530f4e5c
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
7eb8cd4ae6344d2d95709b85a6b23e51fdfdd9bf2b3ce6cefb532150e051c922
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
b0606f6d85632a232a60b68fcb3abd5b05ffaf6e27cb0a202970507144582b60
b2c51c87f6f39dc3cd904e8485e51850a1d09be9aba1009b7976c8ea88416a59
e0ea68a0351381f0f69aaa24827fdc4e3208c829c158078d3ed5bf2cd511c74d
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f839760d1621714efedeb3eb08b25e619812dcc33d77aceb0daf405ac727a765
fed5fee48829cbeb1239cda06dd24ce4b79e129001cb4787fc58bced0ad444f8

info-prtclier-lc-scurefdse.info Open in urlscan Pro 101.99.91.26 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

75 %IPv6

9 Domains

9 Subdomains

8 IPs

4 Countries

938 kBTransfer

2214 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

15 JavaScript Global Variables

0 Cookies

Indicators

info-prtclier-lc-scurefdse.info Open in urlscan Pro
101.99.91.26 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

75 %
IPv6

9
Domains

9
Subdomains

8
IPs

4
Countries

938 kB
Transfer

2214 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!