d3v0gm5sia6ove.cloudfront.net Open in urlscan Pro
2600:9000:2251:9e00:18:ede5:5a80:21 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clck.mgid.com/ghits/16332442/i/57707118/0/src/2894127447/pp/1/29
Effective URL:
https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
Submission: On January 18 via manual (January 18th 2024, 3:21:32 pm UTC) from GB — Scanned from GB

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 22 HTTP transactions. The main IP is 2600:9000:2251:9e00:18:ede5:5a80:21, located in United States and belongs to AMAZON-02, US. The main domain is d3v0gm5sia6ove.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 10th 2023. Valid for: a year.

This is the only time d3v0gm5sia6ove.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:1::... 2606:4700:1::6813:854c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	147.182.240.154 147.182.240.154	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
14	2600:9000:225... 2600:9000:2251:9e00:18:ede5:5a80:21	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	6

1 2606:4700:1::6813:854c (United States)

ASN13335 (CLOUDFLARENET, US)

clck.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.182.240.154 (Santa Clara, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 1182594.cloudwaysapps.com

newzshack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:2251:9e00:18:ede5:5a80:21 (United States)

ASN16509 (AMAZON-02, US)

d3v0gm5sia6ove.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	cloudfront.net d3v0gm5sia6ove.cloudfront.net	205 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	31 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	48 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019	7 KB
1	newzshack.com 1 redirects newzshack.com	371 B
1	mgid.com clck.mgid.com — Cisco Umbrella Rank: 42556 c.mgid.com Failed	2 KB
22	6

	Domain	Requested by
14	d3v0gm5sia6ove.cloudfront.net	clck.mgid.com d3v0gm5sia6ove.cloudfront.net
2	cdnjs.cloudflare.com	d3v0gm5sia6ove.cloudfront.net
2	cdn.jsdelivr.net	d3v0gm5sia6ove.cloudfront.net
1	maxcdn.bootstrapcdn.com	d3v0gm5sia6ove.cloudfront.net
1	newzshack.com	1 redirects
1	clck.mgid.com
0	c.mgid.com Failed
22	7

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-11` - `2024-04-10`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
Frame ID: BA979C7FBE43B4AB50B289B575740E04
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Security Center

Page URL History Show full URLs

https://clck.mgid.com/ghits/16332442/i/57707118/0/src/2894127447/pp/1/29 Page URL
https://newzshack.com/2023/05/how-a-quiet-afternoon-on-the-lake-turned-into-a-dramatic-rescue-miss... HTTP 302
https://d3v0gm5sia6ove.cloudfront.net/?number=01224-980361 Page URL
https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361& Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

22
Requests

91 %
HTTPS

83 %
IPv6

6
Domains

7
Subdomains

6
IPs

1
Countries

293 kB
Transfer

1045 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clck.mgid.com/ghits/16332442/i/57707118/0/src/2894127447/pp/1/29 Page URL
https://newzshack.com/2023/05/how-a-quiet-afternoon-on-the-lake-turned-into-a-dramatic-rescue-mission/?utm_medium=cpc&utm_source=mgid.com&utm_campaign=UK-DESKTOP-BEAR&utm_term=57707118s2894127447&utm_content=16332442 HTTP 302
https://d3v0gm5sia6ove.cloudfront.net/?number=01224-980361 Page URL
https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://newzshack.com/2023/05/how-a-quiet-afternoon-on-the-lake-turned-into-a-dramatic-rescue-mission/?utm_medium=cpc&utm_source=mgid.com&utm_campaign=UK-DESKTOP-BEAR&utm_term=57707118s2894127447&utm_content=16332442 HTTP 302
https://d3v0gm5sia6ove.cloudfront.net/?number=01224-980361

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 29
clck.mgid.com/ghits/16332442/i/57707118/0/src/2894127447/pp/1/ 2 KB
2 KB 356ms
224ms Document
text/html 2606:4700:1::6813:854c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://clck.mgid.com/ghits/16332442/i/57707118/0/src/2894127447/pp/1/29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:1::6813:854c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-wow64,sec-ch-ua-bitness,sec-ch-ua-model
alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8477d3d70eb871b6-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 18 Jan 2024 15:21:24 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-mg-click-uuid: 8cce14c7-b4a8-3813-9d89-4a48eb6ed71c
x-robots-tag: noindex

GET
H2

200

/
d3v0gm5sia6ove.cloudfront.net/
Redirect Chain

https://newzshack.com/2023/05/how-a-quiet-afternoon-on-the-lake-turned-into-a-dramatic-rescue-mission/?utm_medium=cpc&utm_source=mgid.com&utm_campaign=UK-DESKTOP-BEAR&utm_term=57707118s2894127447&u...
https://d3v0gm5sia6ove.cloudfront.net/?number=01224-980361

3 KB
3 KB

606ms
431ms

Document
text/html

2600:9000:2251:9e00:18:ede5:5a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v0gm5sia6ove.cloudfront.net/?number=01224-980361
Requested by: Host: clck.mgid.com
URL: https://clck.mgid.com/ghits/16332442/i/57707118/0/src/2894127447/pp/1/29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9e00:18:ede5:5a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://clck.mgid.com/ghits/16332442/i/57707118/0/src/2894127447/pp/1/29
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 18 Jan 2024 15:21:26 GMT
server: nginx/1.14.0 (Ubuntu)
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-id: kdIyWA6wxEIn5aKK3M5AHryIB5mbvINZtzYngySrlE_e1GpOTX6GrA==
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront

Redirect headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 18 Jan 2024 15:21:26 GMT
location: https://d3v0gm5sia6ove.cloudfront.net/?number=01224-980361
pragma: no-cache
server: nginx
x-pingback: https://newzshack.com/xmlrpc.php

GET dog-counter
c.mgid.com/ 0
0

GET queue-up
c.mgid.com/ 0
0

GET
H2 200 Primary Request / Show response
d3v0gm5sia6ove.cloudfront.net/w/ 7 KB
8 KB 42ms
42ms Document
text/html 2600:9000:2251:9e00:18:ede5:5a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
Requested by: Host: d3v0gm5sia6ove.cloudfront.net
URL: https://d3v0gm5sia6ove.cloudfront.net/?number=01224-980361
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9e00:18:ede5:5a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 83a8eaa1e663d9deafd24716c2b0df8baec71b17a2734d68fca758a2e1f13591

Request headers

Referer: https://d3v0gm5sia6ove.cloudfront.net/?number=01224-980361
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 18 Jan 2024 15:21:26 GMT
server: nginx/1.14.0 (Ubuntu)
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-id: 5zVF_I2dtn-dvmlR44CBlAdhWed9AQviqOkmD5_4neqhM5KaXseTKA==
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ 158 KB
25 KB 188ms
62ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css

Requested by

Host: d3v0gm5sia6ove.cloudfront.net
URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://d3v0gm5sia6ove.cloudfront.net/
Origin: https://d3v0gm5sia6ove.cloudfront.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:21:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4266402
x-jsd-version: 4.6.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230111-FRA, cache-lcy-eglc8600020-LCY
x-jsd-version-type: version
server: cloudflare
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhsCbjb8OGZPp8akpJ2XCEsKpd56RvJvcc4u49zfdV8KtKOJlhot6hV%2B7bhap%2FDrqShRQOoMzEh8eIqtP4vxX2TUf6Mh6P%2F5r3Ql%2FBTFvK4hoynptWo%2B%2FJeXh10lqU732TVIIntFcO0zPZ581AA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8477d3e81c7023ef-LHR

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/ 82 KB
27 KB 196ms
90ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: d3v0gm5sia6ove.cloudfront.net
URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://d3v0gm5sia6ove.cloudfront.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 18 Jan 2024 15:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4452487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26660
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14983"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yqj9ec0aDFCUPpCI7mNl7XK3WMh5qjFA%2F3c7PO3hFWE7G6HZOvbegHOYxfXlCrzGipcmO7pEisZ1%2FXYos9u6lXvO8VFxwO62Y5uNeAqySACTh3ZYA5rKOH3HCIdPJN8A0mjQ%2Bx722UG33CaCih%2FA19i8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8477d3e7ec5071d5-LHR
expires: Tue, 07 Jan 2025 15:21:27 GMT

GET
H2 200 main.css
d3v0gm5sia6ove.cloudfront.net/w/ 12 KB
12 KB 42ms
42ms Stylesheet
text/css 2600:9000:2251:9e00:18:ede5:5a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v0gm5sia6ove.cloudfront.net/w/main.css
Requested by: Host: d3v0gm5sia6ove.cloudfront.net
URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9e00:18:ede5:5a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d5d2eaec4d8f18123d2db3b457a892a5566da301d10ddb3afa85d059c64df7f6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:21:26 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jan 2024 05:10:10 GMT
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P3
etag: "65a8b2b2-2f4f"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 12111
x-amz-cf-id: WMZSwsedKTUz8ldyR7DsoxrMQZoELcvJDckSc3pAEhkJmtUZxT5VDA==

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ 27 KB
7 KB 189ms
71ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: d3v0gm5sia6ove.cloudfront.net
URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d3v0gm5sia6ove.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:21:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 946
age: 4963459
cdn-cachedat: 10/31/2023 19:46:58
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"4fbd15cb6047af93373f4f895639c8bf"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 784033ac0022eed070559ef10a0e69db
timing-allow-origin: *
cdn-requestcountrycode: FR
cdn-status: 200
cf-ray: 8477d3e83a45dca3-LHR
cdn-requestpullsuccess: True

GET
H2 200 bg2.jpg
d3v0gm5sia6ove.cloudfront.net/w/ 111 KB
111 KB 41ms
40ms Image
image/jpeg 2600:9000:2251:9e00:18:ede5:5a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v0gm5sia6ove.cloudfront.net/w/bg2.jpg
Requested by: Host: d3v0gm5sia6ove.cloudfront.net
URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9e00:18:ede5:5a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 948b1331677d0f9991d50376bfba436033c5a9cc5919cf9f74c03424b6f3e342

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:21:27 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jan 2024 05:10:10 GMT
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P3
etag: "65a8b2b2-1bbe3"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 113635
x-amz-cf-id: 5g6DAMDQm6Wv-EESrxf8mHmBVfKLI1FDNqzNCKw2iZbsdLnxkyvGyw==

GET
H2 200 microsoft.png
d3v0gm5sia6ove.cloudfront.net/w/ 1 KB
1 KB 63ms
63ms Image
image/png 2600:9000:2251:9e00:18:ede5:5a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v0gm5sia6ove.cloudfront.net/w/microsoft.png
Requested by: Host: d3v0gm5sia6ove.cloudfront.net
URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9e00:18:ede5:5a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:21:27 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jan 2024 05:10:10 GMT
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P3
etag: "65a8b2b2-415"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1045
x-amz-cf-id: NnxN04Y-qyCeOl9Ryv4A5QJMM8KsHVnZ9hiEjn2KUo8GQQOZx3hZNw==

GET
H2 200 def.png
d3v0gm5sia6ove.cloudfront.net/w/ 4 KB
4 KB 57ms
56ms Image
image/png 2600:9000:2251:9e00:18:ede5:5a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v0gm5sia6ove.cloudfront.net/w/def.png
Requested by: Host: d3v0gm5sia6ove.cloudfront.net
URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9e00:18:ede5:5a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:21:27 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jan 2024 05:10:10 GMT
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P3
etag: "65a8b2b2-efa"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3834
x-amz-cf-id: aDncmJeqLixGfFZB3s-5eeRhZmhMu985CjSXgimMQ_bmuvQpiLFj2Q==

GET
H2 200 cross.png
d3v0gm5sia6ove.cloudfront.net/w/ 43 KB
43 KB 55ms
55ms Image
image/png 2600:9000:2251:9e00:18:ede5:5a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v0gm5sia6ove.cloudfront.net/w/cross.png
Requested by: Host: d3v0gm5sia6ove.cloudfront.net
URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9e00:18:ede5:5a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3821ef20f5904fdb993e34d87ff8fb9c5786a382efb0eeee8b4f00c91428b701

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:21:27 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jan 2024 05:10:10 GMT
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P3
etag: "65a8b2b2-ac42"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 44098
x-amz-cf-id: nMLvTuARb6YdanqOk6daAJfrVeQprcE36YVq7MlQjVuT3plVUjKiaw==

GET
H2 200 virus-images.jpg
d3v0gm5sia6ove.cloudfront.net/w/ 8 KB
8 KB 53ms
53ms Image
image/jpeg 2600:9000:2251:9e00:18:ede5:5a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3v0gm5sia6ove.cloudfront.net/w/virus-images.jpg
Requested by: Host: d3v0gm5sia6ove.cloudfront.net
URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9e00:18:ede5:5a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3b531d403dc8ce7cbb0efb1a0c307cfb2bbaaf21feaff9f3546f13bebda71887

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:21:27 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jan 2024 05:10:10 GMT
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P3
etag: "65a8b2b2-2004"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 8196
x-amz-cf-id: cw4x1dxUihEJ2FasrgnVTDJHbz9LldOTTAdV4jaSAZCBjgvP3feBSA==

GET
H2 200 modernizr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ 11 KB
4 KB 211ms
107ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js

Requested by

Host: d3v0gm5sia6ove.cloudfront.net
URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://d3v0gm5sia6ove.cloudfront.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 18 Jan 2024 15:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 519131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3980
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-2b4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FnMIYhQoFn7NAmsw3SydhJq18na2geIBlevPcaj4cp%2BYKPgpQQEZIOY1jyIHxPs13LI98LpPtmFStOjrWdSZtxNW16d7FZrdJ0YONWJu9HmTSfopKpXWoaJ7M7N7TQ7DNxfcaYO78zG5Y3%2FJkiKt5HX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8477d3e7ec6071d5-LHR
expires: Tue, 07 Jan 2025 15:21:27 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ 82 KB
23 KB 169ms
44ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js

Requested by

Host: d3v0gm5sia6ove.cloudfront.net
URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://d3v0gm5sia6ove.cloudfront.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 18 Jan 2024 15:21:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6774211
x-jsd-version: 4.6.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230133-FRA, cache-lcy-eglc8600071-LCY
x-jsd-version-type: version
server: cloudflare
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocUOXhJWkPrrFLZkAtb4FzkFhSPSwlz1Upa45AdatuiRDg2URS%2F8ZEjPjJ0DCvNiIZDRkG8cM4waPP1GAOHhaS%2FR7A59b3XjWSWpFUobR6BLmTpiAWvejlUTLGwp%2F4gjTNC4qhiu%2FRKZjW9N0sg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8477d3e80b9a48cd-LHR

GET
H2 200 fullscreen.js Show response
d3v0gm5sia6ove.cloudfront.net/w/ 1 KB
2 KB 61ms
61ms Script
application/javascript 2600:9000:2251:9e00:18:ede5:5a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v0gm5sia6ove.cloudfront.net/w/fullscreen.js
Requested by: Host: d3v0gm5sia6ove.cloudfront.net
URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9e00:18:ede5:5a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 347c455d151a95b39625413aaee24a55c9458e42806bb57b218e19961bde3df2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:21:26 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jan 2024 05:10:10 GMT
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P3
etag: "65a8b2b2-5bd"
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: _OWRD9looEjqQWQ9MMO6v78cTj13cCMh0Vnh7q2fJxN7BRg7nUWytA==

GET
H2 200 before.js Show response
d3v0gm5sia6ove.cloudfront.net/w/ 1 KB
2 KB 65ms
64ms Script
application/javascript 2600:9000:2251:9e00:18:ede5:5a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v0gm5sia6ove.cloudfront.net/w/before.js
Requested by: Host: d3v0gm5sia6ove.cloudfront.net
URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9e00:18:ede5:5a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 4ed517151e698144e6f99a594bfa61ec10311e6f4d81c1caf2d1694bfc3ac986

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:21:26 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jan 2024 05:10:10 GMT
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P3
etag: "65a8b2b2-57f"
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1407
x-amz-cf-id: jp4jd5rpkcwDifs8V3_HbOVNaE4ZE29g03cof7gVsCpwaQAd5xv6WQ==

GET
H2 200 main.js Show response
d3v0gm5sia6ove.cloudfront.net/w/ 3 KB
3 KB 63ms
62ms Script
application/javascript 2600:9000:2251:9e00:18:ede5:5a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v0gm5sia6ove.cloudfront.net/w/main.js
Requested by: Host: d3v0gm5sia6ove.cloudfront.net
URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9e00:18:ede5:5a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a729786975800da6e1bbaca2dc75de5de7078fa1db35c412d971f483e5ca7a17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:21:26 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jan 2024 05:10:10 GMT
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P3
etag: "65a8b2b2-b11"
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2833
x-amz-cf-id: MiceRsWc7A0_Lk6vG0Fhag7j7f3qRQt_mghooUcnnix2dIPB3ziwpQ==

GET
H2 200 light.js Show response
d3v0gm5sia6ove.cloudfront.net/w/ 503 B
826 B 74ms
74ms Script
application/javascript 2600:9000:2251:9e00:18:ede5:5a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v0gm5sia6ove.cloudfront.net/w/light.js
Requested by: Host: d3v0gm5sia6ove.cloudfront.net
URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9e00:18:ede5:5a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:21:26 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jan 2024 05:10:10 GMT
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P3
etag: "65a8b2b2-1f7"
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 503
x-amz-cf-id: ICmHO4xstl2HNXStgCNAOwWX6dIxKSvRQ64B3rYvIqhNcJ8wSSp45g==

GET
H2 200 jscode.js Show response
d3v0gm5sia6ove.cloudfront.net/w/ 6 KB
7 KB 58ms
58ms Script
application/javascript 2600:9000:2251:9e00:18:ede5:5a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v0gm5sia6ove.cloudfront.net/w/jscode.js
Requested by: Host: d3v0gm5sia6ove.cloudfront.net
URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9e00:18:ede5:5a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5a3f61cf70040916fc2f6a985ace65a1d65e7380a20156cb01312d3dc393df84

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:21:26 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jan 2024 05:10:10 GMT
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P3
etag: "65a8b2b2-194d"
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6477
x-amz-cf-id: hB_cab_-BT3HgNILr3CMlrRWuwI8EcpsTHZzkfct7jzBhHQiAYSs-w==

GET
H2 206 alert-en.wav
d3v0gm5sia6ove.cloudfront.net/w/ 482 KB
0 40ms
39ms Media
application/octet-stream 2600:9000:2251:9e00:18:ede5:5a80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3v0gm5sia6ove.cloudfront.net/w/alert-en.wav
Requested by: Host: d3v0gm5sia6ove.cloudfront.net
URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:9e00:18:ede5:5a80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 18 Jan 2024 15:21:27 GMT
via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jan 2024 05:10:10 GMT
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P3
etag: "65a8b2b2-1382b8"
x-cache: Miss from cloudfront
content-type: application/octet-stream
Content-Range: bytes 0-1278647/1278648
x-amz-cf-id: nOvOI4m--8LUoZ01il9udP60-Wf_INnrbrfB45OcsrpkBMHQ9gzAsg==
Content-Length: 1278648

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.mgid.com
URL: https://c.mgid.com/dog-counter?metric=transit.counter&key=fail_redirect&tags=WyJkb21haW46bmV3enNoYWNrLmNvbSJd

Domain: c.mgid.com
URL: https://c.mgid.com/queue-up?token=eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ&topic=transit_redirect_fails&data=eyJvcyI6NjMsImlwIjoiMC4wLjAuMCIsImNvdW50cnkiOjE0LCJicm93c2VyIjo1LCJ3aWRnZXQiOiI1NzcwNzExOCIsInRlYXNlciI6IjE2MzMyNDQyIiwibWlsbGlzZWNvbmQiOjE3MDU1OTEyODQ0NTEsImNsaWNrX3V1aWQiOiI4Y2NlMTRjNy1iNGE4LTM4MTMtOWQ4OS00YTQ4ZWI2ZWQ3MWMiLCJ1cmxfdG9fcmVkaXJlY3QiOiJodHRwczovL25ld3pzaGFjay5jb20vMjAyMy8wNS9ob3ctYS1xdWlldC1hZnRlcm5vb24tb24tdGhlLWxha2UtdHVybmVkLWludG8tYS1kcmFtYXRpYy1yZXNjdWUtbWlzc2lvbi8%2FdXRtX21lZGl1bT1jcGMmdXRtX3NvdXJjZT1tZ2lkLmNvbSZ1dG1fY2FtcGFpZ249VUstREVTS1RPUC1CRUFSJnV0bV90ZXJtPTU3NzA3MTE4czI4OTQxMjc0NDcmdXRtX2NvbnRlbnQ9MTYzMzI0NDIifQ%3D%3D

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mgid.com/	1970-01-20 17:47:57	Name: mgid Value: 16332442
.mgid.com/	1970-01-20 17:47:57	Name: mtid Value: 57707118
.mgid.com/	1970-01-20 17:47:57	Name: mtuid Value: 57707118s2894127447
.mgid.com/	1970-01-20 17:47:57	Name: mstatus Value: 0
.mgid.com/	1970-01-20 17:47:57	Name: mghd Value: newzshack.com
.mgid.com/	1970-01-20 17:46:33	Name: __cf_bm Value: kynuz.bGQYSFM71d4J1OXL32QIZpE_GhYVb41DbXnOY-1705591284-1-Abv/Kj0V/LX9UcuGEZbcLJEYJgX0ege9Ip1WAtsF3xxogm/lsGfL2KcXYlz5Po7mUNr+Gv/5dzRg3l/BUpOUc9c=
newzshack.com/	1970-01-21 03:22:31	Name: __jcp Value: U21SaUszbG1iREJzV2s5TlExbDNReXN6YkVzemIweG5OQzlPTDJaMWFVaEtSVkl6UVhCM1ozWXpaRkJQTVVwTllXeERXVmhXUmtGb1N6WmFkMEZtY1E9PQ%3D%3D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d3v0gm5sia6ove.cloudfront.net/w/?p=+01224-980361&(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.mgid.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
clck.mgid.com
d3v0gm5sia6ove.cloudfront.net
maxcdn.bootstrapcdn.com
newzshack.com
c.mgid.com
147.182.240.154
2600:9000:2251:9e00:18:ede5:5a80:21
2606:4700:1::6813:854c
2606:4700::6810:5714
2606:4700::6811:190e
2606:4700::6812:bcf
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c
318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479
347c455d151a95b39625413aaee24a55c9458e42806bb57b218e19961bde3df2
3821ef20f5904fdb993e34d87ff8fb9c5786a382efb0eeee8b4f00c91428b701
3b531d403dc8ce7cbb0efb1a0c307cfb2bbaaf21feaff9f3546f13bebda71887
4ed517151e698144e6f99a594bfa61ec10311e6f4d81c1caf2d1694bfc3ac986
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
5a3f61cf70040916fc2f6a985ace65a1d65e7380a20156cb01312d3dc393df84
83a8eaa1e663d9deafd24716c2b0df8baec71b17a2734d68fca758a2e1f13591
948b1331677d0f9991d50376bfba436033c5a9cc5919cf9f74c03424b6f3e342
a729786975800da6e1bbaca2dc75de5de7078fa1db35c412d971f483e5ca7a17
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d5d2eaec4d8f18123d2db3b457a892a5566da301d10ddb3afa85d059c64df7f6
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03

d3v0gm5sia6ove.cloudfront.net Open in urlscan Pro 2600:9000:2251:9e00:18:ede5:5a80:21 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

91 %HTTPS

83 %IPv6

6 Domains

7 Subdomains

6 IPs

1 Countries

293 kBTransfer

1045 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

19 JavaScript Global Variables

7 Cookies

4 Console Messages

Security Headers

Indicators

d3v0gm5sia6ove.cloudfront.net Open in urlscan Pro
2600:9000:2251:9e00:18:ede5:5a80:21 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

91 %
HTTPS

83 %
IPv6

6
Domains

7
Subdomains

6
IPs

1
Countries

293 kB
Transfer

1045 kB
Size

7
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!