urlscan.io logo urlscan.io
SecurityTrails logo

mambo.myfreesites.net Open in urlscan Pro
2606:4700::6811:8407  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://myurl.fans/xbmkz5jxr5
Effective URL: https://mambo.myfreesites.net/
Submission: On May 04 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 24 HTTP transactions. The main IP is 2606:4700::6811:8407, located in United States and belongs to CLOUDFLARENET, US. The main domain is mambo.myfreesites.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 6th 2024. Valid for: 10 months.
This is the only time mambo.myfreesites.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 109.234.164.178 50474 (O2SWITCH)
1 12 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.190.14.35 15169 (GOOGLE)
4 2606:4700::42... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 149.56.240.127 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 13.92.180.208 8075 (MICROSOFT...)
24 9
1    109.234.164.178 (Levallois-Perret, France)

ASN50474 (O2SWITCH, FR)
PTR: 109-234-164-178.reverse.odns.fr
myurl.fans
12    2606:4700::6811:8407 (United States)

ASN13335 (CLOUDFLARENET, US)
mambo.myfreesites.net
1    35.190.14.35 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 35.14.190.35.bc.googleusercontent.com
components.mywebsitebuilder.com
4    2606:4700::42eb:c80d (United States)

ASN13335 (CLOUDFLARENET, US)
gfonts-proxy.wzdev.co
2    2606:4700::6811:3f6f (United States)

ASN13335 (CLOUDFLARENET, US)
runtime.builderservices.io
images.builderservices.io
2    2606:4700:10::6814:4273 (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    149.56.240.127 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534295.ip-149-56-240.net
s4.histats.com
1    2606:4700::6810:286d (United States)

ASN13335 (CLOUDFLARENET, US)
in-app.mywebsitebuilder.com
2    13.92.180.208 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
in-us-east-event-hubs.servicebus.windows.net
Apex Domain
Subdomains		 Transfer
12 myfreesites.net
mambo.myfreesites.net
1 MB
4 wzdev.co
gfonts-proxy.wzdev.co — Cisco Umbrella Rank: 199407
80 KB
3 histats.com
s10.histats.com — Cisco Umbrella Rank: 13913
s4.histats.com — Cisco Umbrella Rank: 13947
11 KB
2 windows.net
in-us-east-event-hubs.servicebus.windows.net — Cisco Umbrella Rank: 91861
316 B
2 builderservices.io
runtime.builderservices.io — Cisco Umbrella Rank: 185724
images.builderservices.io — Cisco Umbrella Rank: 203421
1 MB
2 mywebsitebuilder.com
components.mywebsitebuilder.com — Cisco Umbrella Rank: 85227
in-app.mywebsitebuilder.com — Cisco Umbrella Rank: 204255
40 KB
1 myurl.fans
myurl.fans
405 B
24 7
Domain Requested by
12 mambo.myfreesites.net 1 redirects mambo.myfreesites.net
runtime.builderservices.io
4 gfonts-proxy.wzdev.co mambo.myfreesites.net
gfonts-proxy.wzdev.co
2 in-us-east-event-hubs.servicebus.windows.net in-app.mywebsitebuilder.com
2 s10.histats.com mambo.myfreesites.net
s10.histats.com
1 in-app.mywebsitebuilder.com runtime.builderservices.io
1 s4.histats.com s10.histats.com
1 images.builderservices.io mambo.myfreesites.net
1 runtime.builderservices.io mambo.myfreesites.net
1 components.mywebsitebuilder.com mambo.myfreesites.net
1 myurl.fans 1 redirects
24 10

This site contains links to these domains. Also see Links.

Domain
www.563mg.com
www.sitebuilder.com
Subject Issuer Validity Valid
myfreesites.net
Cloudflare Inc ECC CA-3		 2024-03-06 -
2024-12-31		 10 months crt.sh
*.mywebsitebuilder.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-24 -
2024-11-23		 a year crt.sh
wzdev.co
E1		 2024-03-29 -
2024-06-27		 3 months crt.sh
builderservices.io
Cloudflare Inc ECC CA-3		 2024-02-05 -
2024-12-31		 a year crt.sh
s10.histats.com
E1		 2024-04-11 -
2024-07-10		 3 months crt.sh
histats.com
R3		 2024-02-16 -
2024-05-16		 3 months crt.sh
mywebsitebuilder.com
Cloudflare Inc ECC CA-3		 2024-02-29 -
2024-12-31		 10 months crt.sh
servicebus.windows.net
Microsoft Azure TLS Issuing CA 02		 2024-05-03 -
2024-06-27		 2 months crt.sh

This page contains 1 frames:

Primary Page: https://mambo.myfreesites.net/
Frame ID: 88285C0C59877D96ECD46D43AE8F8BB4
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - Mambo

Page URL History Show full URLs

  1. http://myurl.fans/xbmkz5jxr5 HTTP 307
    https://myurl.fans/xbmkz5jxr5 HTTP 301
    https://mambo.myfreesites.net/ Page URL
  2. https://mambo.myfreesites.net/cdn-cgi/phish-bypass?atok=j0sr6_KcmN.ALDIVb00hBTr4QE5TiyLlFpBB0KP7E.g-171486... HTTP 301
    https://mambo.myfreesites.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

24
Requests

100 %
HTTPS

56 %
IPv6

7
Domains

10
Subdomains

9
IPs

3
Countries

2715 kB
Transfer

4164 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://myurl.fans/xbmkz5jxr5 HTTP 307
    https://myurl.fans/xbmkz5jxr5 HTTP 301
    https://mambo.myfreesites.net/ Page URL
  2. https://mambo.myfreesites.net/cdn-cgi/phish-bypass?atok=j0sr6_KcmN.ALDIVb00hBTr4QE5TiyLlFpBB0KP7E.g-1714861042-0.0.1.1-%2F HTTP 301
    https://mambo.myfreesites.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://myurl.fans/xbmkz5jxr5 HTTP 307
  • https://myurl.fans/xbmkz5jxr5 HTTP 301
  • https://mambo.myfreesites.net/

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
mambo.myfreesites.net/
Redirect Chain
  • http://myurl.fans/xbmkz5jxr5
  • https://myurl.fans/xbmkz5jxr5
  • https://mambo.myfreesites.net/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mambo.myfreesites.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28f1da3a0ee929d5b60d3831a9db5933dca718ccf3c213332523a973f39f6529
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cf-ray
87ebdc4c4e7f0248-CDG
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 04 May 2024 22:17:22 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 04 May 2024 22:17:22 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://mambo.myfreesites.net/
pragma
no-cache
server
o2switch-PowerBoost-v3
cf.errors.css
mambo.myfreesites.net/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mambo.myfreesites.net/cdn-cgi/styles/cf.errors.css
Requested by
Host: mambo.myfreesites.net
URL: https://mambo.myfreesites.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mambo.myfreesites.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 22:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Apr 2024 15:12:53 GMT
server
cloudflare
etag
W/"66310a75-5df3"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
87ebdc4c8eaa0248-CDG
expires
Sun, 05 May 2024 00:17:22 GMT
icon-exclamation.png
mambo.myfreesites.net/cdn-cgi/images/ 		452 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mambo.myfreesites.net/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: mambo.myfreesites.net
URL: https://mambo.myfreesites.net/cdn-cgi/styles/cf.errors.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mambo.myfreesites.net/cdn-cgi/styles/cf.errors.css
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 22:17:22 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Apr 2024 15:12:53 GMT
server
cloudflare
etag
"66310a75-1c4"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
87ebdc4cbecb0248-CDG
content-length
452
expires
Sun, 05 May 2024 00:17:22 GMT
favicon.ico
mambo.myfreesites.net/ 		2 KB
557 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mambo.myfreesites.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcb69b44090e710422b3cfe21a52a30d309505c9023d15d0c978aa44a9c1b555

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mambo.myfreesites.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 22:17:22 GMT
content-encoding
br
server
cloudflare
cf-ray
87ebdc4ceee40248-CDG
vary
Accept-Encoding
x-worker-version
1.0.0
content-type
text/html;charset=UTF-8
Primary Request /
mambo.myfreesites.net/
Redirect Chain
  • https://mambo.myfreesites.net/cdn-cgi/phish-bypass?atok=j0sr6_KcmN.ALDIVb00hBTr4QE5TiyLlFpBB0KP7E.g-1714861042-0.0.1.1-%2F
  • https://mambo.myfreesites.net/
208 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mambo.myfreesites.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7a659e81bf4068ecf121d623e1cfd38ad148a2090d237c62a510a60c8489a72

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
https://mambo.myfreesites.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cf-cache-status
MISS
cf-ray
87ebdc6c4b800248-CDG
content-encoding
br
content-type
text/html
date
Sat, 04 May 2024 22:17:28 GMT
last-modified
Tue, 23 Jan 2024 07:23:56 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1705994636887901
x-goog-hash
crc32c=ecl/IA== md5=PB+UZUFed/DHzu5nd630fQ==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
213695
x-guploader-uploadid
ABPtcPpbiaS29EszQBbI4h9t6zgaznEpFMt8c6peInu2eGDYiAC31_YiPEARSgx29BPiGQI0-MlYk70BIQ
x-worker-version
1.0.0

Redirect headers

cache-control
private, no-cache
cf-ray
87ebdc6c1b600248-CDG
content-length
167
content-type
text/html
date
Sat, 04 May 2024 22:17:27 GMT
location
https://mambo.myfreesites.net/
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
font-awesome.css
components.mywebsitebuilder.com/fonts/ 		30 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://components.mywebsitebuilder.com/fonts/font-awesome.css
Requested by
Host: mambo.myfreesites.net
URL: https://mambo.myfreesites.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.35 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
35.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bd1411968f2f8d6fac8407f679d31f30939345c45bf1df811ba149120d879fb1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mambo.myfreesites.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 03:45:58 GMT
age
757890
x-guploader-uploadid
ABPtcPqK9N5EAPs-Ns5FMDZDBIIOFgTAZ4IC42s5Sq1ouLTyith4tbNiviUr3LPPZn8I3E4IhnGkXx6L1Q
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30748
x-goog-meta-
last-modified
Fri, 18 Dec 2020 10:13:33 GMT
server
UploadServer
etag
"9f3af79fa00509146c92bd91454d4eaf"
x-goog-generation
1608286413516447
x-goog-hash
crc32c=ghVUSQ==, md5=nzr3n6AFCRRskr2RRU1Orw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
Cache-Control:public,max-age=315360001
x-goog-stored-content-length
30748
accept-ranges
bytes
content-type
text/css
expires
Sat, 26 Apr 2025 03:45:58 GMT
css
gfonts-proxy.wzdev.co/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gfonts-proxy.wzdev.co/css?display=swap&family=Montserrat:400,400,700|Lato:400,400,700
Requested by
Host: mambo.myfreesites.net
URL: https://mambo.myfreesites.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::42eb:c80d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29f39e58f5381700390323205d68cf82e7b4d61f88101bf920c33f0ba2aab658
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mambo.myfreesites.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 22:17:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
117844
cf-polished
origSize=5190
cross-origin-resource-policy
cross-origin
x-xss-protection
0
last-modified
Fri, 03 May 2024 13:33:24 GMT
cf-bgj
minify
cross-origin-opener-policy
same-origin-allow-popups
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
cf-ray
87ebdc706da6f097-CDG
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
timing-allow-origin
*
expires
Fri, 03 May 2024 13:33:24 GMT
home.afb311e4.js
mambo.myfreesites.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mambo.myfreesites.net/home.afb311e4.js
Requested by
Host: mambo.myfreesites.net
URL: https://mambo.myfreesites.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f018d674b6caaf2c63e2a9574c7ae858aa66ccfdceea05b384019320a337131

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mambo.myfreesites.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 22:17:28 GMT
content-encoding
br
cf-cache-status
MISS
x-guploader-uploadid
ABPtcPqntDjPur-4ca4mXLrL0YpYneGP6g3iUybhvMekw_EJYUiUOtG6a_bmekNZF8TdAyOw-AnC9QIvdA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Tue, 23 Jan 2024 07:23:56 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-hash
crc32c=ASv5yw==, md5=D++6jYx5jF0/8NWjlPwacg==
x-goog-generation
1705994636840946
content-type
application/javascript
x-goog-stored-content-length
6443
cf-ray
87ebdc700e750248-CDG
x-worker-version
1.0.0
m
mambo.myfreesites.net/s/cdn/v1.0/i/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mambo.myfreesites.net/s/cdn/v1.0/i/m?url=https%3A%2F%2Fstorage.googleapis.com%2Fproduction-sitebuilder-v1-0-8%2F868%2F1709868%2FZNodTBYO%2F3bbf6bd12e8c4d9db6acf42a650804a8&methods=resize%2C500%2C5000
Requested by
Host: mambo.myfreesites.net
URL: https://mambo.myfreesites.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57e30c064227480c2f8295a09f939b1e0f89ced80f1a27c11bfa1272a1ec2e5a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mambo.myfreesites.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-engine
cloud
date
Sat, 04 May 2024 22:17:28 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
9259
cf-resized
internal=ram/m q=0 n=0+0 c=5+138 v=2024.4.1 l=9259
last-modified
Tue, 23 Jan 2024 07:20:11 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"cfDYW9YOn1Il_qeC4YvDnh-NNPp3dOmfGDQLNEaFfWDQ:f34cc60647bcce5329f78abd8ecf7c65"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
87ebdc700e760248-CDG
access-control-allow-headers
*
priority
u=4;i=?0,cf-chb=(37;u=2;i=?0 495;u=5;i=?0)
m
mambo.myfreesites.net/s/cdn/v1.0/i/ 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mambo.myfreesites.net/s/cdn/v1.0/i/m?url=https%3A%2F%2Fstorage.googleapis.com%2Fproduction-sitebuilder-v1-0-8%2F868%2F1709868%2FZNodTBYO%2F6e10241d4dbc410cabce598f7874e627&methods=resize%2C1000%2C5000
Requested by
Host: mambo.myfreesites.net
URL: https://mambo.myfreesites.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e8971857df1a9789488db94dae8bef1de310a17cc5ad49b3c69253745b1597
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mambo.myfreesites.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-engine
cloud
date
Sat, 04 May 2024 22:17:29 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
119314
cf-resized
internal=ram/m q=0 n=0+0 c=4+151 v=2024.4.1 l=119314
last-modified
Tue, 23 Jan 2024 07:22:43 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfzS4h5RSSpXv_P6srpcbgSPQB6uiyIMnqoK0Nlj8MDQ:0cdbf9c1d385a1f606c10ac7473d48c3"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2678400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
87ebdc700e780248-CDG
access-control-allow-headers
*
priority
u=1;i=?0,cf-chb=(261;u=3;i=?0 19177;u=5;i=?0 62148;u=6;i=?0)
m
mambo.myfreesites.net/s/cdn/v1.0/i/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mambo.myfreesites.net/s/cdn/v1.0/i/m?url=https%3A%2F%2Fstorage.googleapis.com%2Fproduction-sitebuilder-v1-0-8%2F868%2F1709868%2FZNodTBYO%2F3bbf6bd12e8c4d9db6acf42a650804a8&methods=resize%2C1000%2C5000
Requested by
Host: mambo.myfreesites.net
URL: https://mambo.myfreesites.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c722f7ab2d21b924912877428e3f5ac32fb4783feb62a85e7674cc3e3e41d74c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mambo.myfreesites.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-engine
cloud
date
Sat, 04 May 2024 22:17:28 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
content-length
23736
cf-resized
internal=ram/m q=0 n=0+0 c=3+89 v=2024.4.1 l=23736
last-modified
Tue, 23 Jan 2024 07:20:11 GMT
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"cfDYW9YOn1Il_qeC4YvDnh-NNP6uiyIMnqoK0Nlj8MDQ:f34cc60647bcce5329f78abd8ecf7c65"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
87ebdc70ff050248-CDG
access-control-allow-headers
*
priority
u=4;i=?0,cf-chb=(37;u=2;i=?0 477;u=5;i=?0)
bundle.js
runtime.builderservices.io/runtime-sitebuilder-21762/ 		2 MB
459 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://runtime.builderservices.io/runtime-sitebuilder-21762/bundle.js
Requested by
Host: mambo.myfreesites.net
URL: https://mambo.myfreesites.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3f6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a878123891f523950da1e870dd3ceacd47264bd2968acb628aa1deba05907034

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mambo.myfreesites.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Sat, 04 May 2024 22:17:28 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 03 Nov 2023 11:07:00 GMT
server
cloudflare
content-md5
pEqPND8jpLMVlukV/nncZg==
age
1982180
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
589311e0-e01e-001c-6469-8cb32c000000
cache-control
"max-age=31536000"
x-ms-version
2009-09-19
cf-ray
87ebdc71fd620210-CDG
m
mambo.myfreesites.net/s/cdn/v1.0/i/ 		965 KB
966 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mambo.myfreesites.net/s/cdn/v1.0/i/m?url=https%3A%2F%2Fstorage.googleapis.com%2Fproduction-sitebuilder-v1-0-8%2F868%2F1709868%2FZNodTBYO%2F3ceb3ef2d78e464cac53012e9d93d567&methods=resize%2C2000%2C5000
Requested by
Host: mambo.myfreesites.net
URL: https://mambo.myfreesites.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f561cc1fc73193868f8bcebc9546812cc892fc71970a1a7a256c5bf208d8da8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mambo.myfreesites.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-engine
cloud
date
Sat, 04 May 2024 22:17:30 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
988153
cf-resized
internal=ram/m q=0 n=0+0 c=7+444 v=2024.4.1 l=988153
last-modified
Tue, 23 Jan 2024 07:20:13 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfsPAuDZP6PBiZ5eYsiWDgkoTr3j--lvTFa1FxIuPGDQ:e75a9324967151cd6da55bf02735658c"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
87ebdc719f6b0248-CDG
access-control-allow-headers
*
priority
u=4;i=?0,cf-chb=(37;u=2;i=?0 825;u=5;i)
S6uyw4BMUTPHjx4wXg.woff2
gfonts-proxy.wzdev.co/font/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts-proxy.wzdev.co/font/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: gfonts-proxy.wzdev.co
URL: https://gfonts-proxy.wzdev.co/css?display=swap&family=Montserrat:400,400,700|Lato:400,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::42eb:c80d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gfonts-proxy.wzdev.co/css?display=swap&family=Montserrat:400,400,700|Lato:400,400,700
Origin
https://mambo.myfreesites.net
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 22:17:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
age
1628867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
87ebdc71fe9a1546-CDG
timing-allow-origin
*
expires
Fri, 11 Apr 2025 12:05:29 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
gfonts-proxy.wzdev.co/font/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts-proxy.wzdev.co/font/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: gfonts-proxy.wzdev.co
URL: https://gfonts-proxy.wzdev.co/css?display=swap&family=Montserrat:400,400,700|Lato:400,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::42eb:c80d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gfonts-proxy.wzdev.co/css?display=swap&family=Montserrat:400,400,700|Lato:400,400,700
Origin
https://mambo.myfreesites.net
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 22:17:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
age
1628867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
87ebdc71fe9c1546-CDG
timing-allow-origin
*
expires
Fri, 11 Apr 2025 05:06:25 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
gfonts-proxy.wzdev.co/font/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts-proxy.wzdev.co/font/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: gfonts-proxy.wzdev.co
URL: https://gfonts-proxy.wzdev.co/css?display=swap&family=Montserrat:400,400,700|Lato:400,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::42eb:c80d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://gfonts-proxy.wzdev.co/css?display=swap&family=Montserrat:400,400,700|Lato:400,400,700
Origin
https://mambo.myfreesites.net
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 22:17:28 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
age
1626845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
87ebdc71fe9b1546-CDG
timing-allow-origin
*
expires
Fri, 11 Apr 2025 16:27:41 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
386c452c9e290397a1030703dc28722600805976a4d33d490486bdd474033cd3

Request headers

Accept-Language
fr-FR,fr;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: mambo.myfreesites.net
URL: https://mambo.myfreesites.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4273 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mambo.myfreesites.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 22:17:28 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
17407
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
87ebdc73fcac01f7-CDG
content-length
4547
52526471
mambo.myfreesites.net/v1.0/runtime/appmarket/render/6/ 		720 B
678 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mambo.myfreesites.net/v1.0/runtime/appmarket/render/6/52526471
Requested by
Host: runtime.builderservices.io
URL: https://runtime.builderservices.io/runtime-sitebuilder-21762/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:8407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e609aea1134e4fd1437d7f158c2fe589fb7e3fc93fd08c7f82057ef5c6601f8d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Content-Type
application/json
Referer
https://mambo.myfreesites.net/
Accept-Language
en-us
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 22:17:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 04 May 2024 22:17:29 GMT
server
cloudflare
x-builder-tracking-id
3270fb0cdb4441e5908875ad23141e3c
vary
Accept-Encoding
x-worker-origin
skip-rule
content-type
application/json; charset=utf-8
cf-ray
87ebdc73c8950248-CDG
x-builder-tracking-span-id
3270fb0cdb4441e5908875ad23141e3c
x-worker-version
1.0.0
m
images.builderservices.io/s/cdn/v1.0/i/ 		965 KB
967 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.builderservices.io/s/cdn/v1.0/i/m?url=https%3A%2F%2Fstorage.googleapis.com%2Fproduction-sitebuilder-v1-0-8%2F868%2F1709868%2FZNodTBYO%2F3ceb3ef2d78e464cac53012e9d93d567&methods=resize%2C2000%2C5000
Requested by
Host: mambo.myfreesites.net
URL: https://mambo.myfreesites.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3f6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f561cc1fc73193868f8bcebc9546812cc892fc71970a1a7a256c5bf208d8da8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mambo.myfreesites.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-engine
cloud
date
Sat, 04 May 2024 22:17:30 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-length
988153
cf-resized
internal=ok/h q=0 n=19+0 c=6+349 v=2024.4.1 l=988153
last-modified
Tue, 23 Jan 2024 07:20:13 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfsPAuDZP6PBiZ5eYsiWDgkoTr3j--lvTFa1FxIuPGDQ:e75a9324967151cd6da55bf02735658c"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400
access-control-allow-credentials
true
cf-ray
87ebdc740eb60210-CDG
access-control-allow-headers
*
priority
u=4;i=?0,cf-chb=(37;u=2;i=?0 825;u=5;i)
4823649.php
s4.histats.com/stats/ 		99 B
233 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/4823649.php?4823649&@f16&@g1&@h1&@i1&@j1714861048987&@k0&@l1&@mHome%20-%20Mambo&@n0&@ohttps%3A%2F%2Fmambo.myfreesites.net%2F&@q0&@r0&@s6&@tfr-FR&@u1600&@b1:74783766&@b3:1714861049&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttps%3A%2F%2Fmambo.myfreesites.net%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534295.ip-149-56-240.net
Software
/
Resource Hash
d71122d3450b20e472558edae91871109b6b315f463880a76b742919b4477fa9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mambo.myfreesites.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 04 May 2024 22:17:29 GMT
Connection
close
Content-Length
99
Content-Type
text/html;charset=UTF-8
cc_6.js
s10.histats.com/counters/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/counters/cc_6.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:4273 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0342059b0b31cef365e6b6935be901d3da1730e5b53be9970fe533cb879f691

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mambo.myfreesites.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 22:17:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
server
cloudflare
age
16848
etag
"526342301"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
87ebdc763df101f7-CDG
content-length
6583
sdk-insights-tracker
in-app.mywebsitebuilder.com/ 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://in-app.mywebsitebuilder.com/sdk-insights-tracker?appMarketEnv=prod&debug=true&instanceJwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbnN0YW5jZUlkIjoiNGI4ZjJhNzRiNDM3NGE2N2FlODg1NTAyYzk5MGIzOTIiLCJicmFuZCI6InNpdGVidWlsZGVyIiwiZXhwIjoxNzE0OTQ3NDQ5fQ.v3vIYlrPyYFBlBbVuebuppEzn-Vqrcfin3vBCyo2WIc
Requested by
Host: runtime.builderservices.io
URL: https://runtime.builderservices.io/runtime-sitebuilder-21762/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:286d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fe45c3483985e7ec980603c7ebe92c1ad9ca2804a404fe88eaad7b7b2151305

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mambo.myfreesites.net/
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 22:17:29 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 25 Oct 2019 09:38:44 GMT
server
cloudflare
etag
0x8D7592F1FA5BFFC
x-builder-tracking-id
b40c95b0ed0e468d85a3ee01e16486d0
vary
Accept-Encoding
content-type
application/javascript
cf-ray
87ebdc78af7e0168-CDG
x-builder-tracking-span-id
b40c95b0ed0e468d85a3ee01e16486d0
/
in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/messages/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/messages/?timeout=10
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.92.180.208 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://mambo.myfreesites.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization,content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://mambo.myfreesites.net
Access-Control-Max-Age
3600
Content-Length
0
Date
Sat, 04 May 2024 22:17:29 GMT
Server
Microsoft-HTTPAPI/2.0
Strict-Transport-Security
max-age=31536000
/
in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/messages/ 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in-us-east-event-hubs.servicebus.windows.net/in-us-east-event-hub-a1/messages/?timeout=10
Requested by
Host: in-app.mywebsitebuilder.com
URL: https://in-app.mywebsitebuilder.com/sdk-insights-tracker?appMarketEnv=prod&debug=true&instanceJwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbnN0YW5jZUlkIjoiNGI4ZjJhNzRiNDM3NGE2N2FlODg1NTAyYzk5MGIzOTIiLCJicmFuZCI6InNpdGVidWlsZGVyIiwiZXhwIjoxNzE0OTQ3NDQ5fQ.v3vIYlrPyYFBlBbVuebuppEzn-Vqrcfin3vBCyo2WIc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
13.92.180.208 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
fr-FR,fr;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
SharedAccessSignature sr=http%3A%2F%2Fin-us-east-event-hubs.servicebus.windows.net%2Fin-us-east-event-hub-a1&sig=c%2B34s5ojfa4uhciHvRIF3ofge0SREaf0lIjvH23Ft3Y%3D&se=1714864649.976&skn=Send
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://mambo.myfreesites.net/
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://mambo.myfreesites.net
Strict-Transport-Security
max-age=31536000
Date
Sat, 04 May 2024 22:17:29 GMT
Access-Control-Allow-Credentials
true
Server
Microsoft-HTTPAPI/2.0
Transfer-Encoding
chunked
Content-Type
application/xml; charset=utf-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __features object| _featureSettings object| _page object| _WP_JSONP object| regeneratorRuntime number| 2f1acc6c3a606b082e5eef5e54414ffb object| _xsrfToken function| Velocity object| _GoogleMapsApi object| _Hasync boolean| _isPublished object| _site function| __bi__ object| _feature_events function| showModal object| _zoomUpdateEvents function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_6_setValues boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_6 function| histats_canvascounters_base.js object| EventHubHistory

13 Cookies

Domain/Path Name / Value
myurl.fans/ Name: PHPSESSID
Value: 2d804f8d850f856e255291371f317a0b
myurl.fans/ Name: s_statistics_770
Value: 0
.mambo.myfreesites.net/ Name: __cf_mw_byp
Value: j0sr6_KcmN.ALDIVb00hBTr4QE5TiyLlFpBB0KP7E.g-1714861042-0.0.1.1-/
.builderservices.io/ Name: _cfuvid
Value: fQVm0kO5wpoKVsAMLGmF1K9wJOHjlbSIj0ZmEpdeozk-1714861048651-0.0.1.1-604800000
mambo.myfreesites.net/ Name: HstCfa4823649
Value: 1714861048987
mambo.myfreesites.net/ Name: HstCla4823649
Value: 1714861048987
mambo.myfreesites.net/ Name: HstCmu4823649
Value: 1714861048987
mambo.myfreesites.net/ Name: HstPn4823649
Value: 1
mambo.myfreesites.net/ Name: HstPt4823649
Value: 1
mambo.myfreesites.net/ Name: HstCnv4823649
Value: 1
mambo.myfreesites.net/ Name: HstCns4823649
Value: 1
mambo.myfreesites.net/ Name: app_key
Value: 79046ECD-7E1C-E82B-2CDF-D1BE19B81C2F/1714861049975
mambo.myfreesites.net/ Name: app_ses_key
Value: F794BBA4-3ADB-7673-E754-EB4AFCB22476%3A1714861049975%3A%25/https%3A//mambo.myfreesites.net/

3 Console Messages

Source Level URL
Text
network error URL: https://mambo.myfreesites.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://mambo.myfreesites.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mambo.myfreesites.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

components.mywebsitebuilder.com
gfonts-proxy.wzdev.co
images.builderservices.io
in-app.mywebsitebuilder.com
in-us-east-event-hubs.servicebus.windows.net
mambo.myfreesites.net
myurl.fans
runtime.builderservices.io
s10.histats.com
s4.histats.com
109.234.164.178
13.92.180.208
149.56.240.127
2606:4700:10::6814:4273
2606:4700::42eb:c80d
2606:4700::6810:286d
2606:4700::6811:3f6f
2606:4700::6811:8407
35.190.14.35
28f1da3a0ee929d5b60d3831a9db5933dca718ccf3c213332523a973f39f6529
29f39e58f5381700390323205d68cf82e7b4d61f88101bf920c33f0ba2aab658
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
386c452c9e290397a1030703dc28722600805976a4d33d490486bdd474033cd3
3fe45c3483985e7ec980603c7ebe92c1ad9ca2804a404fe88eaad7b7b2151305
57e30c064227480c2f8295a09f939b1e0f89ced80f1a27c11bfa1272a1ec2e5a
6f561cc1fc73193868f8bcebc9546812cc892fc71970a1a7a256c5bf208d8da8
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
8f018d674b6caaf2c63e2a9574c7ae858aa66ccfdceea05b384019320a337131
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a878123891f523950da1e870dd3ceacd47264bd2968acb628aa1deba05907034
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd1411968f2f8d6fac8407f679d31f30939345c45bf1df811ba149120d879fb1
c0342059b0b31cef365e6b6935be901d3da1730e5b53be9970fe533cb879f691
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c722f7ab2d21b924912877428e3f5ac32fb4783feb62a85e7674cc3e3e41d74c
d2e8971857df1a9789488db94dae8bef1de310a17cc5ad49b3c69253745b1597
d71122d3450b20e472558edae91871109b6b315f463880a76b742919b4477fa9
dcb69b44090e710422b3cfe21a52a30d309505c9023d15d0c978aa44a9c1b555
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e609aea1134e4fd1437d7f158c2fe589fb7e3fc93fd08c7f82057ef5c6601f8d
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f7a659e81bf4068ecf121d623e1cfd38ad148a2090d237c62a510a60c8489a72