dtn.dbv.temporary.site Open in urlscan Pro
50.6.160.197  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://t.co/49ZqNyP1te Page URL
2. https://dtn.dbv.temporary.site/ Page URL
3. https://dtn.dbv.temporary.site/tricolors/seguro.html Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	49ZqNyP1te Show response t.co/	248 B 794 B	286ms 163ms	Document text/html	162.159.140.229 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.co/49ZqNyP1te Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare tsa_f / Resource Hash 9f877beeecf6c04413b31f0b14c10f35447d7e3fb7f9d35ae5409d06e403f86c Security Headers Name Value Strict-Transport-Security max-age=0 X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cache-control private,max-age=300 cf-cache-status DYNAMIC cf-ray 8cc51b9d6d4a653d-LHR content-encoding gzip content-type text/html; charset=utf-8 date Wed, 02 Oct 2024 13:41:04 GMT expires Wed, 02 Oct 2024 13:46:04 GMT perf 7402827104 server cloudflare tsa_f strict-transport-security max-age=0 vary Origin x-connection-hash 1ba926530c0c4cb92ed1caeb0b91c21b4967dd787391c48277653bb9cfbaa106 x-response-time 116 x-transaction-id ac1c13ba765d6683 x-xss-protection 0
GET H2	200	/ Show response dtn.dbv.temporary.site/	725 B 590 B	1209ms 291ms	Document text/html	50.6.160.197 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://dtn.dbv.temporary.site/ Requested by Host: t.co URL: https://t.co/49ZqNyP1te Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.197 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-197.unifiedlayer.com Software Apache / Resource Hash 56240e79e3a2b34b99d7886ca333b79ce66d3d475af5f622f63cfec149b2069d Request headers Referer https://t.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ranges bytes cache-control max-age=7200 content-encoding gzip content-length 419 content-type text/html date Wed, 02 Oct 2024 13:41:05 GMT expires Wed, 02 Oct 2024 15:41:05 GMT last-modified Sun, 25 Aug 2024 15:12:40 GMT server Apache vary Accept-Encoding x-newfold-cache-level 2
GET H2	200	css2 fonts.googleapis.com/	11 KB 2 KB	244ms 99ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap Requested by Host: dtn.dbv.temporary.site URL: https://dtn.dbv.temporary.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 631a2253c93d9db42e74c350607229a629b1878c702051b253e1174b889ee3c2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dtn.dbv.temporary.site/ Response headers content-encoding gzip x-content-type-options nosniff expires Wed, 02 Oct 2024 13:41:05 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 02 Oct 2024 13:41:05 GMT content-type text/css; charset=utf-8 last-modified Wed, 02 Oct 2024 11:49:12 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.6.0/	87 KB 31 KB	244ms 100ms	Script text/javascript	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: dtn.dbv.temporary.site URL: https://dtn.dbv.temporary.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dtn.dbv.temporary.site/ Response headers content-encoding gzip age 104966 report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} x-content-type-options nosniff expires Wed, 01 Oct 2025 08:31:39 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 08:31:39 GMT last-modified Wed, 10 Mar 2021 14:28:09 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=2592000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers accept-ranges bytes access-control-allow-origin * content-length 31017 x-xss-protection 0 server sffe
GET H2	200	Primary Request seguro.html Show response dtn.dbv.temporary.site/tricolors/	8 KB 3 KB	133ms 131ms	Document text/html	50.6.160.197 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://dtn.dbv.temporary.site/tricolors/seguro.html Requested by Host: dtn.dbv.temporary.site URL: https://dtn.dbv.temporary.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.197 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-197.unifiedlayer.com Software Apache / Resource Hash b157b42855251522ec088122f7a1c45aca7f3d05f3d987559c9eadc16552a760 Request headers Referer https://dtn.dbv.temporary.site/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ranges bytes cache-control max-age=7200 content-encoding gzip content-length 2595 content-type text/html date Wed, 02 Oct 2024 13:41:06 GMT expires Wed, 02 Oct 2024 15:41:06 GMT last-modified Sat, 31 Aug 2024 19:19:36 GMT server Apache vary Accept-Encoding x-newfold-cache-level 2
GET H2	200	css2 fonts.googleapis.com/	11 KB 0	244ms 99ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap Requested by Host: dtn.dbv.temporary.site URL: https://dtn.dbv.temporary.site/tricolors/seguro.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 631a2253c93d9db42e74c350607229a629b1878c702051b253e1174b889ee3c2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dtn.dbv.temporary.site/ Response headers content-encoding gzip x-content-type-options nosniff expires Wed, 02 Oct 2024 13:41:05 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 02 Oct 2024 13:41:05 GMT content-type text/css; charset=utf-8 last-modified Wed, 02 Oct 2024 11:49:12 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.6.0/	87 KB 0	244ms 100ms	Script text/javascript	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: dtn.dbv.temporary.site URL: https://dtn.dbv.temporary.site/tricolors/seguro.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dtn.dbv.temporary.site/ Response headers content-encoding gzip age 104966 report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} x-content-type-options nosniff expires Wed, 01 Oct 2025 08:31:39 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 08:31:39 GMT last-modified Wed, 10 Mar 2021 14:28:09 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=2592000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers accept-ranges bytes access-control-allow-origin * content-length 31017 x-xss-protection 0 server sffe
GET H2	200	logo.webp dtn.dbv.temporary.site/img/	3 KB 3 KB	132ms 131ms	Image image/webp	50.6.160.197 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://dtn.dbv.temporary.site/img/logo.webp Requested by Host: dtn.dbv.temporary.site URL: https://dtn.dbv.temporary.site/tricolors/seguro.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.197 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-197.unifiedlayer.com Software Apache / Resource Hash 365782dffac5fd4b2741538fa68029e1ecdda7d61cbc0a5610d693cf707a7e33 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dtn.dbv.temporary.site/tricolors/seguro.html Response headers cache-control max-age=86400 x-newfold-cache-level 2 expires Thu, 03 Oct 2024 13:41:06 GMT accept-ranges bytes content-length 2898 date Wed, 02 Oct 2024 13:41:06 GMT last-modified Sat, 24 Aug 2024 21:38:00 GMT content-type image/webp server Apache
GET H2	200	baner.webp dtn.dbv.temporary.site/img/	22 KB 22 KB	134ms 134ms	Image image/webp	50.6.160.197 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://dtn.dbv.temporary.site/img/baner.webp Requested by Host: dtn.dbv.temporary.site URL: https://dtn.dbv.temporary.site/tricolors/seguro.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.197 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-197.unifiedlayer.com Software Apache / Resource Hash 10fba773e440da810d0942a79dc1fa182be157fb1a343dfb08cef603ee49b213 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dtn.dbv.temporary.site/tricolors/seguro.html Response headers cache-control max-age=86400 x-newfold-cache-level 2 expires Thu, 03 Oct 2024 13:41:06 GMT accept-ranges bytes content-length 22274 date Wed, 02 Oct 2024 13:41:06 GMT last-modified Sat, 24 Aug 2024 21:41:48 GMT content-type image/webp server Apache
GET H2	200	flecha-abajo.jpg dtn.dbv.temporary.site/img/	748 B 804 B	420ms 402ms	Image image/jpeg	50.6.160.197 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://dtn.dbv.temporary.site/img/flecha-abajo.jpg Requested by Host: dtn.dbv.temporary.site URL: https://dtn.dbv.temporary.site/tricolors/seguro.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.197 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-197.unifiedlayer.com Software Apache / Resource Hash d0cbd2960f02bae1cce036c4c4526cc4579c10b3600e33ba0e55b69ae1d22fc4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dtn.dbv.temporary.site/tricolors/seguro.html Response headers cache-control max-age=86400 x-newfold-cache-level 2 expires Thu, 03 Oct 2024 13:41:06 GMT accept-ranges bytes content-length 748 date Wed, 02 Oct 2024 13:41:06 GMT last-modified Sat, 31 Aug 2024 04:56:40 GMT content-type image/jpeg server Apache
GET H2	200	flechas.jpg dtn.dbv.temporary.site/img/	9 KB 9 KB	436ms 419ms	Image image/jpeg	50.6.160.197 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://dtn.dbv.temporary.site/img/flechas.jpg Requested by Host: dtn.dbv.temporary.site URL: https://dtn.dbv.temporary.site/tricolors/seguro.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.197 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-197.unifiedlayer.com Software Apache / Resource Hash 3475ec5d867d14b13cd03fe471582b4bee12abe0a08eb1bea9200a73c72b8dbe Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dtn.dbv.temporary.site/tricolors/seguro.html Response headers cache-control max-age=86400 x-newfold-cache-level 2 expires Thu, 03 Oct 2024 13:41:06 GMT accept-ranges bytes content-length 9111 date Wed, 02 Oct 2024 13:41:06 GMT last-modified Sat, 31 Aug 2024 10:23:42 GMT content-type image/jpeg server Apache
GET H2	200	servicios2.jpg dtn.dbv.temporary.site/img/	129 KB 129 KB	436ms 419ms	Image image/jpeg	50.6.160.197 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://dtn.dbv.temporary.site/img/servicios2.jpg Requested by Host: dtn.dbv.temporary.site URL: https://dtn.dbv.temporary.site/tricolors/seguro.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.197 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-197.unifiedlayer.com Software Apache / Resource Hash 91b0a7240449b50368618efbe47108752ecc5a08de0b97fc661aeb90bc154d46 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dtn.dbv.temporary.site/tricolors/seguro.html Response headers cache-control max-age=86400 x-newfold-cache-level 2 expires Thu, 03 Oct 2024 13:41:06 GMT accept-ranges bytes content-length 131637 date Wed, 02 Oct 2024 13:41:06 GMT last-modified Sat, 31 Aug 2024 17:30:36 GMT content-type image/jpeg server Apache
GET H2	200	1a.jpg dtn.dbv.temporary.site/img/	40 KB 40 KB	416ms 400ms	Image image/jpeg	50.6.160.197 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://dtn.dbv.temporary.site/img/1a.jpg Requested by Host: dtn.dbv.temporary.site URL: https://dtn.dbv.temporary.site/tricolors/seguro.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.197 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-197.unifiedlayer.com Software Apache / Resource Hash 8a248c60ccdf7380eed81d6eb0a0998894b60b091dd7769f4a512cc91b9a36ef Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dtn.dbv.temporary.site/tricolors/seguro.html Response headers cache-control max-age=86400 x-newfold-cache-level 2 expires Thu, 03 Oct 2024 13:41:06 GMT accept-ranges bytes content-length 40662 date Wed, 02 Oct 2024 13:41:06 GMT last-modified Sat, 31 Aug 2024 16:53:30 GMT content-type image/jpeg server Apache
GET H2	200	2a.jpg dtn.dbv.temporary.site/img/	50 KB 50 KB	436ms 419ms	Image image/jpeg	50.6.160.197 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://dtn.dbv.temporary.site/img/2a.jpg Requested by Host: dtn.dbv.temporary.site URL: https://dtn.dbv.temporary.site/tricolors/seguro.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.197 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-197.unifiedlayer.com Software Apache / Resource Hash 2c275911301f0501baafbb7e0eb8c1771cc84d0b6c6a4429bf76ab14b386698c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dtn.dbv.temporary.site/tricolors/seguro.html Response headers cache-control max-age=86400 x-newfold-cache-level 2 expires Thu, 03 Oct 2024 13:41:06 GMT accept-ranges bytes content-length 50866 date Wed, 02 Oct 2024 13:41:06 GMT last-modified Sat, 31 Aug 2024 16:53:52 GMT content-type image/jpeg server Apache
GET H2	200	3a.jpg dtn.dbv.temporary.site/img/	41 KB 41 KB	420ms 403ms	Image image/jpeg	50.6.160.197 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://dtn.dbv.temporary.site/img/3a.jpg Requested by Host: dtn.dbv.temporary.site URL: https://dtn.dbv.temporary.site/tricolors/seguro.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.197 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-197.unifiedlayer.com Software Apache / Resource Hash 8174082b485efbde88056fc32411ae4b2697bf311ecdf96226d393f9d73d5921 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dtn.dbv.temporary.site/tricolors/seguro.html Response headers cache-control max-age=86400 x-newfold-cache-level 2 expires Thu, 03 Oct 2024 13:41:06 GMT accept-ranges bytes content-length 41758 date Wed, 02 Oct 2024 13:41:06 GMT last-modified Sat, 31 Aug 2024 16:54:18 GMT content-type image/jpeg server Apache
GET H2	200	ico3.jpg dtn.dbv.temporary.site/img/	3 KB 3 KB	431ms 415ms	Image image/jpeg	50.6.160.197 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://dtn.dbv.temporary.site/img/ico3.jpg Requested by Host: dtn.dbv.temporary.site URL: https://dtn.dbv.temporary.site/tricolors/seguro.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.197 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-197.unifiedlayer.com Software Apache / Resource Hash 3bf393c09ca4ba5254dac4c5342ca3fff2adde92d494eea75e43fb5546459129 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dtn.dbv.temporary.site/tricolors/seguro.html Response headers cache-control max-age=86400 x-newfold-cache-level 2 expires Thu, 03 Oct 2024 13:41:06 GMT accept-ranges bytes content-length 3309 date Wed, 02 Oct 2024 13:41:06 GMT last-modified Sat, 31 Aug 2024 17:01:12 GMT content-type image/jpeg server Apache
GET H2	200	ico1.jpg dtn.dbv.temporary.site/img/	3 KB 3 KB	420ms 404ms	Image image/jpeg	50.6.160.197 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://dtn.dbv.temporary.site/img/ico1.jpg Requested by Host: dtn.dbv.temporary.site URL: https://dtn.dbv.temporary.site/tricolors/seguro.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.197 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-197.unifiedlayer.com Software Apache / Resource Hash bc2721d3a340e2c69d0c8b7c6b5177d3aac8c39c12477e183fb6e08a650b7ff5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dtn.dbv.temporary.site/tricolors/seguro.html Response headers cache-control max-age=86400 x-newfold-cache-level 2 expires Thu, 03 Oct 2024 13:41:06 GMT accept-ranges bytes content-length 3381 date Wed, 02 Oct 2024 13:41:06 GMT last-modified Sat, 31 Aug 2024 17:00:42 GMT content-type image/jpeg server Apache
GET H2	200	ico2.jpg dtn.dbv.temporary.site/img/	4 KB 4 KB	434ms 418ms	Image image/jpeg	50.6.160.197 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Show image Full URL https://dtn.dbv.temporary.site/img/ico2.jpg Requested by Host: dtn.dbv.temporary.site URL: https://dtn.dbv.temporary.site/tricolors/seguro.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.197 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-197.unifiedlayer.com Software Apache / Resource Hash f9bb05e94ddb78c54f234492f10d3b94ada9a3597b3d134bdf701ba10217fdc8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dtn.dbv.temporary.site/tricolors/seguro.html Response headers cache-control max-age=86400 x-newfold-cache-level 2 expires Thu, 03 Oct 2024 13:41:06 GMT accept-ranges bytes content-length 3672 date Wed, 02 Oct 2024 13:41:06 GMT last-modified Sat, 31 Aug 2024 17:00:58 GMT content-type image/jpeg server Apache
GET H3	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 47 KB	384ms 256ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300..800;1,300..800&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://dtn.dbv.temporary.site Referer https://fonts.googleapis.com/ Response headers age 104278 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 01 Oct 2025 08:43:08 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 08:43:08 GMT last-modified Thu, 14 Dec 2023 02:08:40 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 48236 x-xss-protection 0 server sffe
GET H2	200	favicon.ico dtn.dbv.temporary.site/img/	1 KB 1 KB	138ms 135ms	Other image/x-icon	50.6.160.197 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://dtn.dbv.temporary.site/img/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 50.6.160.197 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 50-6-160-197.unifiedlayer.com Software Apache / Resource Hash 86aee30443ca6bfad771a9bdee19800ebc70101af2b38738f71372232b44a781 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://dtn.dbv.temporary.site/tricolors/seguro.html Response headers cache-control max-age=31536000 x-newfold-cache-level 2 expires Thu, 02 Oct 2025 13:41:06 GMT accept-ranges bytes content-length 1150 date Wed, 02 Oct 2024 13:41:06 GMT last-modified Sat, 24 Aug 2024 21:38:08 GMT content-type image/x-icon server Apache

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bancolombia (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| final

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.t.co/	1970-01-21 09:28:10	Name: muc Value: 11924bf9-a783-48ba-9a5c-51e24806c328
			.t.co/	1970-01-20 23:57:58	Name: __cf_bm Value: ZnwMQ64gCSeo_.SNTMceD5UFSbaC8YO7vvkmeog9Gvc-1727876464-1.0.1.1-VPU6mdKmdSrwbZ3KXz0_lFKWgqscf_8UsXrStsFw5xyJ.FzQZ1ovxbyqc.8ha7oWnNPG2jCu7ezNCteaSDIWgA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
dtn.dbv.temporary.site
fonts.googleapis.com
fonts.gstatic.com
t.co
162.159.140.229
2a00:1450:4001:813::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82b::200a
50.6.160.197
10fba773e440da810d0942a79dc1fa182be157fb1a343dfb08cef603ee49b213
2c275911301f0501baafbb7e0eb8c1771cc84d0b6c6a4429bf76ab14b386698c
3475ec5d867d14b13cd03fe471582b4bee12abe0a08eb1bea9200a73c72b8dbe
365782dffac5fd4b2741538fa68029e1ecdda7d61cbc0a5610d693cf707a7e33
3bf393c09ca4ba5254dac4c5342ca3fff2adde92d494eea75e43fb5546459129
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
56240e79e3a2b34b99d7886ca333b79ce66d3d475af5f622f63cfec149b2069d
631a2253c93d9db42e74c350607229a629b1878c702051b253e1174b889ee3c2
8174082b485efbde88056fc32411ae4b2697bf311ecdf96226d393f9d73d5921
86aee30443ca6bfad771a9bdee19800ebc70101af2b38738f71372232b44a781
8a248c60ccdf7380eed81d6eb0a0998894b60b091dd7769f4a512cc91b9a36ef
91b0a7240449b50368618efbe47108752ecc5a08de0b97fc661aeb90bc154d46
9f877beeecf6c04413b31f0b14c10f35447d7e3fb7f9d35ae5409d06e403f86c
b157b42855251522ec088122f7a1c45aca7f3d05f3d987559c9eadc16552a760
bc2721d3a340e2c69d0c8b7c6b5177d3aac8c39c12477e183fb6e08a650b7ff5
d0cbd2960f02bae1cce036c4c4526cc4579c10b3600e33ba0e55b69ae1d22fc4
f9bb05e94ddb78c54f234492f10d3b94ada9a3597b3d134bdf701ba10217fdc8
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e