urlscan.io logo urlscan.io
SecurityTrails logo

mute-sun-1abb.uqgeg0c7.workers.dev Open in urlscan Pro
172.67.198.218  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mute-sun-1abb.uqgeg0c7.workers.dev/
Effective URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Submission: On April 05 via api from BY — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 24 HTTP transactions. The main IP is 172.67.198.218, located in United States and belongs to CLOUDFLARENET, US. The main domain is mute-sun-1abb.uqgeg0c7.workers.dev.
TLS certificate: Issued by GTS CA 1P5 on March 10th 2024. Valid for: 3 months.
This is the only time mute-sun-1abb.uqgeg0c7.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: OneDrive (Online) Generic (Online)

Domain & IP information

IP Address AS Autonomous System
1 172.67.198.218 13335 (CLOUDFLAR...)
3 172.64.154.107 13335 (CLOUDFLAR...)
2 2a04:4e42:400... 54113 (FASTLY)
1 ()
11 2620:0:890::100 54113 (FASTLY)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 104.18.10.207 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
24 9
1    172.67.198.218 (United States)

ASN13335 (CLOUDFLARENET, US)
mute-sun-1abb.uqgeg0c7.workers.dev
3    172.64.154.107 (None, )

ASN13335 (CLOUDFLARENET, US)
codesandbox.io
2    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    (None, )

ASN- ()
mute-sun-1abb.uqgeg0c7.workers.dev
11    2620:0:890::100 (United States)

ASN54113 (FASTLY, US)
mugahfntrcos.web.app
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
Apex Domain
Subdomains		 Transfer
11 web.app
mugahfntrcos.web.app
178 KB
3 codesandbox.io
codesandbox.io — Cisco Umbrella Rank: 102201
48 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 759
54 KB
2 workers.dev
mute-sun-1abb.uqgeg0c7.workers.dev
285 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 372
30 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1126
15 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
7 KB
0 Failed
function sub() { [native code] }. Failed
24 8
Domain Requested by
11 mugahfntrcos.web.app mute-sun-1abb.uqgeg0c7.workers.dev
3 codesandbox.io mute-sun-1abb.uqgeg0c7.workers.dev
codesandbox.io
2 code.jquery.com mute-sun-1abb.uqgeg0c7.workers.dev
2 mute-sun-1abb.uqgeg0c7.workers.dev mute-sun-1abb.uqgeg0c7.workers.dev
1 ajax.googleapis.com mute-sun-1abb.uqgeg0c7.workers.dev
1 maxcdn.bootstrapcdn.com mute-sun-1abb.uqgeg0c7.workers.dev
1 cdnjs.cloudflare.com mute-sun-1abb.uqgeg0c7.workers.dev
0 scrapbook Failed mute-sun-1abb.uqgeg0c7.workers.dev
24 8

This site contains no links.

Subject Issuer Validity Valid
uqgeg0c7.workers.dev
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
codesandbox.io
E1		 2024-03-25 -
2024-06-23		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
web.app
GTS CA 1D4		 2024-03-21 -
2024-06-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-03-27 -
2024-06-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Frame ID: 423DA983C2C48D518903A4EBAABD2606
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Share Point Online

Page URL History Show full URLs

  1. http://mute-sun-1abb.uqgeg0c7.workers.dev/ HTTP 307
    https://mute-sun-1abb.uqgeg0c7.workers.dev/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

88 %
HTTPS

38 %
IPv6

8
Domains

8
Subdomains

9
IPs

3
Countries

616 kB
Transfer

5765 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mute-sun-1abb.uqgeg0c7.workers.dev/ HTTP 307
    https://mute-sun-1abb.uqgeg0c7.workers.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mute-sun-1abb.uqgeg0c7.workers.dev/
Redirect Chain
  • http://mute-sun-1abb.uqgeg0c7.workers.dev/
  • https://mute-sun-1abb.uqgeg0c7.workers.dev/
3 MB
285 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mute-sun-1abb.uqgeg0c7.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.198.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
192c33eed05d114b36acab2ca5b17c79205e59bcf367c1549064519533505cf0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
86f9d3195adf9945-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Fri, 05 Apr 2024 13:18:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hy%2FJJDaUiNpH5EqlFNAWKfsbahPZFrKStiriSkVuh3jvlShK4gNUdVrUE0i0nxZQMgOT%2BJ4sGRG717FyrpUfHHw32TzucdB2XPNa2WAlU8vRsclf9BA%2BxoQ6NQ6JlHIXzOizGo1EXY3d%2BABikc95uYjB2tjk"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://mute-sun-1abb.uqgeg0c7.workers.dev/
Non-Authoritative-Reason
HSTS
sse-hooks.7a01a0f7b828579aff40884fc77e13bc.js
codesandbox.io/public/sse-hooks/ 		172 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codesandbox.io/public/sse-hooks/sse-hooks.7a01a0f7b828579aff40884fc77e13bc.js
Requested by
Host: mute-sun-1abb.uqgeg0c7.workers.dev
URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c6a569fb784b0325cb43340ff96072f6283d2dc904f8af1a047f69cdafe4c54

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mute-sun-1abb.uqgeg0c7.workers.dev/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:18:32 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
1970243
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 28 Feb 2024 15:36:48 GMT
server
cloudflare
etag
W/"65df5310-2b1a3"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
86f9d31b8a6c3651-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
banner.d9cb10a38.js
codesandbox.io/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codesandbox.io/static/js/banner.d9cb10a38.js
Requested by
Host: mute-sun-1abb.uqgeg0c7.workers.dev
URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74850bad3411bc2540a6928159967088a555cb990e9569065a878e9e8a864830

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mute-sun-1abb.uqgeg0c7.workers.dev/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:18:32 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
age
1979049
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 22 Nov 2023 10:23:27 GMT
server
cloudflare
etag
W/"655dd69f-efa"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
86f9d31b8a6b3651-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: mute-sun-1abb.uqgeg0c7.workers.dev
URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mute-sun-1abb.uqgeg0c7.workers.dev/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:18:32 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
4241609
x-cache
HIT, HIT
content-length
30638
x-served-by
cache-lga21923-LGA, cache-fra-etou8220121-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1712323112.222495,VS0,VE0
etag
W/"28feccc0-15851"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
34, 35368
watermark-button.eeb14a97b.js
codesandbox.io/static/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://codesandbox.io/static/js/watermark-button.eeb14a97b.js
Requested by
Host: mute-sun-1abb.uqgeg0c7.workers.dev
URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.154.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c9937bb6f9d154f49699393da35aaa6d5fb9218daa1ec4cba7b4ee097d0d65b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://mute-sun-1abb.uqgeg0c7.workers.dev/
Origin
https://mute-sun-1abb.uqgeg0c7.workers.dev
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:18:32 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Apr 2024 15:57:55 GMT
server
cloudflare
etag
W/"660d7c83-ac1"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
86f9d31bfe044d76-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
phishing
codesandbox.io/api/v1/sandboxes/mute-sun-1abb/ 		0
0
49e1b3c1-6f6e-4427-8d13-ebc1bef741cb
https://mute-sun-1abb.uqgeg0c7.workers.dev/ 		2 MB
0 		Document
General
Check archive.org
Download Go to
Full URL
blob:https://mute-sun-1abb.uqgeg0c7.workers.dev/49e1b3c1-6f6e-4427-8d13-ebc1bef741cb
Requested by
Host: mute-sun-1abb.uqgeg0c7.workers.dev
URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa99c2bef11f9fc4a269ba710abbb822bd02bf8b782f65218b81bde6421a47dd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Content-Length
2145578
Content-Type
text/html
favicon.ico
mute-sun-1abb.uqgeg0c7.workers.dev/ 		0
0
bootstrap.min.css
mugahfntrcos.web.app/ 		140 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mugahfntrcos.web.app/bootstrap.min.css
Requested by
Host: mute-sun-1abb.uqgeg0c7.workers.dev
URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ce87a38d1614591b28ddb556ce7cda9f8e88f5a638d3cce97c7c82496b9c451
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-eddf8230073-FRA
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Fri, 05 Apr 2024 13:18:32 GMT
last-modified
Sat, 02 Jul 2022 02:59:37 GMT
x-timer
S1712323113.992805,VS0,VE2
etag
"aae946acdc2fd362a19e5fca23e82286e57c6fd794e9977eb1574416fc1449b6-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/css; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
14992
x-cache-hits
1
css.css
mugahfntrcos.web.app/ 		885 B
426 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mugahfntrcos.web.app/css.css
Requested by
Host: mute-sun-1abb.uqgeg0c7.workers.dev
URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e5f0b99a980ce4fd3e8c027a5eb5edeed7ca416bfd1396b106332a735ad4821
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-eddf8230073-FRA
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Fri, 05 Apr 2024 13:18:33 GMT
last-modified
Sat, 02 Jul 2022 02:59:37 GMT
x-timer
S1712323113.991947,VS0,VE338
etag
"ba8d9c903169c235d18821288466b2e99ffbb5d4ed32d63ea5ec4bb32205911b-br"
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/css; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
288
x-cache-hits
0
hover.css
scrapbook:download:error:https://bafybeiheusk5n3szx42gyl63nn6pscjtktjv634ks6rp2mg7b3ewjg5dsq.ipfs.nftstorage.link/css/ 		0
0
jquery-3.2.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: mute-sun-1abb.uqgeg0c7.workers.dev
URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Origin
https://mute-sun-1abb.uqgeg0c7.workers.dev
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:18:32 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
17419313
x-cache
HIT, HIT
content-length
23856
x-served-by
cache-lga21963-LGA, cache-fra-etou8220158-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1712323113.973002,VS0,VE0
etag
W/"28feccc0-10fdd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
2, 619
292d09fb0a8be4163b49f8756b9af48b3f6fc2d2.png
mugahfntrcos.web.app/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mugahfntrcos.web.app/292d09fb0a8be4163b49f8756b9af48b3f6fc2d2.png
Requested by
Host: mute-sun-1abb.uqgeg0c7.workers.dev
URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eb30ccb0c4d8275620947780d68c61f93849c86c6085f100a7744b83328ac482
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-eddf8230073-FRA
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Fri, 05 Apr 2024 13:18:32 GMT
last-modified
Sat, 02 Jul 2022 02:59:37 GMT
x-timer
S1712323113.992468,VS0,VE6
etag
"1001083762fba4230e8df73ff2004ba105b4d9a4d265bef9370c19f7490613e0-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
10977
x-cache-hits
1
e9c4a10389fbaa3cd4c25a5d00dfae6060549f58.jpeg
mugahfntrcos.web.app/ 		61 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mugahfntrcos.web.app/e9c4a10389fbaa3cd4c25a5d00dfae6060549f58.jpeg
Requested by
Host: mute-sun-1abb.uqgeg0c7.workers.dev
URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d5a6b16241b54c1029551db26820dd95a660e029d8d7231f874152bebb0356ca
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-eddf8230073-FRA
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Fri, 05 Apr 2024 13:18:32 GMT
last-modified
Sat, 02 Jul 2022 02:59:37 GMT
x-timer
S1712323113.992528,VS0,VE2
etag
"a10d58be6eb7d8be4d44782d310dd1d7e798252e3d98405100e85dac1e691805-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
38089
x-cache-hits
1
519096ad3f03410cf9ce3c9b9fcca6b439d97b23.png
mugahfntrcos.web.app/ 		771 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mugahfntrcos.web.app/519096ad3f03410cf9ce3c9b9fcca6b439d97b23.png
Requested by
Host: mute-sun-1abb.uqgeg0c7.workers.dev
URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
57898461712a639d119bdf88b7145919dcc8956c7a271d2e4a1084b29eae6785
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-eddf8230073-FRA
strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Fri, 05 Apr 2024 13:18:32 GMT
last-modified
Sat, 02 Jul 2022 02:59:37 GMT
x-timer
S1712323113.992385,VS0,VE2
etag
"181232938be6b7bd118aacdee7c09fedfe42c183843baa23a645f0262b8fb326"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
771
x-cache-hits
1
17c27c038644bdb141381b606c7c94a177c07326.png
mugahfntrcos.web.app/ 		26 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mugahfntrcos.web.app/17c27c038644bdb141381b606c7c94a177c07326.png
Requested by
Host: mute-sun-1abb.uqgeg0c7.workers.dev
URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f8a8cf4f1928938c796e2f35f8c21b0d510d4e3f16e016ee83d1f206f8ebde14
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-eddf8230073-FRA
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Fri, 05 Apr 2024 13:18:32 GMT
last-modified
Sat, 02 Jul 2022 02:59:37 GMT
x-timer
S1712323113.992790,VS0,VE2
etag
"dd7f7f55e783563d8fc532b4e4126d742794a7683b9653e7f9b91ada85bb925d-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
12234
x-cache-hits
1
cec15f6470d0237569e931d7d11752b41ac5d8a3.png
mugahfntrcos.web.app/ 		18 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mugahfntrcos.web.app/cec15f6470d0237569e931d7d11752b41ac5d8a3.png
Requested by
Host: mute-sun-1abb.uqgeg0c7.workers.dev
URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
71e729939e175f4ae9d3fcc645d6b7389ec341a47a84950e047197331fdc22f1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-eddf8230073-FRA
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Fri, 05 Apr 2024 13:18:33 GMT
last-modified
Sat, 02 Jul 2022 02:59:37 GMT
x-timer
S1712323113.999923,VS0,VE2
etag
"42fa0ba0204a61d1b8c3baf6f50fdd22c35a7becb928510effaf056fdc99c9d1-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3687
x-cache-hits
1
45a8b436d07d7ed7973b87a1c393d6973afe6fb5.png
mugahfntrcos.web.app/ 		18 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mugahfntrcos.web.app/45a8b436d07d7ed7973b87a1c393d6973afe6fb5.png
Requested by
Host: mute-sun-1abb.uqgeg0c7.workers.dev
URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aad24ed5f36320964c515b9889cb2943bbf830b40703999ad3976fce8176e554
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-eddf8230073-FRA
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Fri, 05 Apr 2024 13:18:33 GMT
last-modified
Sat, 02 Jul 2022 02:59:37 GMT
x-timer
S1712323113.999866,VS0,VE2
etag
"f2d304de10d16a02a7bc326b30647410d678ee08b53d4d6643ec20a3a268166e-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3585
x-cache-hits
1
0e1c691f87cc4fa35c88344974f2829c40176b70.png
mugahfntrcos.web.app/ 		21 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mugahfntrcos.web.app/0e1c691f87cc4fa35c88344974f2829c40176b70.png
Requested by
Host: mute-sun-1abb.uqgeg0c7.workers.dev
URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3a9b144d6482b78afc4e0a940a1d3c22240f14fa535b808cf4dab9635339569f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-eddf8230073-FRA
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Fri, 05 Apr 2024 13:18:33 GMT
last-modified
Sat, 02 Jul 2022 02:59:37 GMT
x-timer
S1712323113.010972,VS0,VE2
etag
"702685aceaca9ed1ba709d4a1508fb913b5a4b2001c7c96548651d10b57446be-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7679
x-cache-hits
1
d0a69c159304edc08db005163e7a0daf5a1e98a6.png
mugahfntrcos.web.app/ 		65 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mugahfntrcos.web.app/d0a69c159304edc08db005163e7a0daf5a1e98a6.png
Requested by
Host: mute-sun-1abb.uqgeg0c7.workers.dev
URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
acf087c1757f08b0cfd53d59066544d7ef0bfcc50999e77c5813739cd9dc1479
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-eddf8230073-FRA
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Fri, 05 Apr 2024 13:18:33 GMT
last-modified
Sat, 02 Jul 2022 02:59:37 GMT
x-timer
S1712323113.010944,VS0,VE2
etag
"cf7fbbb1613832a431b620911a0c86395c0414fe4a81ffcb6073ed75b15c9710-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
57443
x-cache-hits
1
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Requested by
Host: mute-sun-1abb.uqgeg0c7.workers.dev
URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Origin
https://mute-sun-1abb.uqgeg0c7.workers.dev
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:18:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
56569
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6157
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4af4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fiVe8Wi18YbR8A3rDnq3mdUislebME1G0WfyvwzGY21cgLAHw%2BgJLuhyzHJ3inzylP9uC9JqmJZLzUXakcKPh%2B%2FHeOVnaKir92uol0YlZytT4LPYK4R0G%2FePGyJkS0L6Q%2FAGUXka"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86f9d31ffacb362a-FRA
expires
Wed, 26 Mar 2025 13:18:32 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: mute-sun-1abb.uqgeg0c7.workers.dev
URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Origin
https://mute-sun-1abb.uqgeg0c7.workers.dev
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 13:18:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1048
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
317148
cdn-cachedat
03/18/2024 12:46:36
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
07faf8a20bd2990e384a2209fbc1917a
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
86f9d32018f83834-FRA
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: mute-sun-1abb.uqgeg0c7.workers.dev
URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 20:15:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
147788
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Apr 2025 20:15:24 GMT
d5c7b5b8b5ce6484ba8871ba798c13cc1e73b078.jpeg
mugahfntrcos.web.app/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mugahfntrcos.web.app/d5c7b5b8b5ce6484ba8871ba798c13cc1e73b078.jpeg
Requested by
Host: mute-sun-1abb.uqgeg0c7.workers.dev
URL: blob:https://mute-sun-1abb.uqgeg0c7.workers.dev/49e1b3c1-6f6e-4427-8d13-ebc1bef741cb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5b1c0e1f78176fe1c432d5038c383b0bf467e15ee5cd122e871d85fc583d1f33
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-eddf8230073-FRA
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Fri, 05 Apr 2024 13:18:33 GMT
last-modified
Sat, 02 Jul 2022 02:59:37 GMT
x-timer
S1712323113.356155,VS0,VE1
etag
"f729f1253a247ac83e00465167faf79101fe6197703b51045f6a630cd1fdc916-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
30738
x-cache-hits
1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
codesandbox.io
URL
https://codesandbox.io/api/v1/sandboxes/mute-sun-1abb/phishing
Domain
mute-sun-1abb.uqgeg0c7.workers.dev
URL
https://mute-sun-1abb.uqgeg0c7.workers.dev/favicon.ico
Domain
scrapbook
URL
urn:scrapbook:download:error:https://bafybeiheusk5n3szx42gyl63nn6pscjtktjv634ks6rp2mg7b3ewjg5dsq.ipfs.nftstorage.link/css/hover.css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OneDrive (Online) Generic (Online)

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| s string| m function| $ function| jQuery function| Popper object| bootstrap function| llll6y4ca56nc1o2nfu6se6iiii function| LlLl6Y4CA56Nc1o2nfu6se6iii function| lLll6Y4CA56Nc1o2nfu6se6lli string| Kzh1rO2 object| hXMrAK function| SVaju7 object| Sh_7lVP number| CdTZa4C object| kGemXcN string| fxViC31 string| S3n5zk string| sEdrjvc string| fZ2uWd8 string| iRWf4ce string| gO0kMhk string| SRAhAp9 string| ovHt0HV string| ED0BEp string| SMOM7_ string| QrojO_ string| VZsATO1 string| Vhh_2j string| ccBI9Kb string| AIflj5U string| iV5fqkc string| eBQs341 string| uGYFhk string| acOFa8 string| DABJfN string| pBGnmI9 string| Vbj_wP string| l42GIH string| xYwUX_ string| cusk0GJ string| w0lcMyv string| FsROphc string| vQy7OK string| NNBSiv string| Qb1DE__ string| Ob47hA string| gF92TWh string| oLn39c string| Wi5l2P string| wiizVC string| KQxwNw string| yFLQq6Y string| IbhyRkg string| w2MiPuP string| ImaDlh string| CNzfVub string| dbv8M8 string| U332BSe string| xfFVh7h string| LjvakC string| Hu__xG string| hTfF_1E string| out6joY string| gu0No5 string| w913dh string| aiwCH6O string| QZJGeK string| oRSqHe string| laRhhA string| WY5Pn4H string| c3McMlz string| fFYmhkh string| Mm0TUA string| m0bUhA string| vw3BIQ string| _Yuqmn string| dzbJ2pB string| Et7Exw6 string| KaCHDv string| YXoWNx9 string| YYTk08 string| cnidzlM string| hiSSDC string| ivwz0T string| DtJIqJQ string| iMtszJ string| p8MqSs string| xQaruD object| gTXZEad object| TKrAMu object| x5tKoof object| _zSmIHR function| nC0XDP function| B9BbaDj undefined| AiyNj1g function| B4tJP4 function| SCZoWY function| TvXw7Gs function| aSxiKUQ function| nBpmuFl function| llll6y4ca56nc1o2nfu6se6lli function| rCg1YGf function| DHyqfQ function| kY9x3a function| llli6y4ca56nc1o2nfu6se6iiii function| llii6y4ca56nc1o2nfu6se6iiii

1 Cookies

Domain/Path Name / Value
.codesandbox.io/ Name: _cfuvid
Value: Om2WWtdLkKhp6x2MmKhu9jG24sY52ipKN9EiIqXkwow-1712323112256-0.0.1.1-604800000

10 Console Messages

Source Level URL
Text
other warning URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://mute-sun-1abb.uqgeg0c7.workers.dev/
Message:
Access to fetch at 'https://codesandbox.io/api/v1/sandboxes/mute-sun-1abb/phishing' from origin 'https://mute-sun-1abb.uqgeg0c7.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://codesandbox.io/api/v1/sandboxes/mute-sun-1abb/phishing
Message:
Failed to load resource: net::ERR_FAILED
javascript warning (Line 22)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.2.1.slim.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning (Line 22)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.2.1.slim.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning (Line 22)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning (Line 22)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning (Line 22)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: urn:scrapbook:download:error:https://bafybeiheusk5n3szx42gyl63nn6pscjtktjv634ks6rp2mg7b3ewjg5dsq.ipfs.nftstorage.link/css/hover.css
Message:
Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
codesandbox.io
maxcdn.bootstrapcdn.com
mugahfntrcos.web.app
mute-sun-1abb.uqgeg0c7.workers.dev
scrapbook
codesandbox.io
mute-sun-1abb.uqgeg0c7.workers.dev
scrapbook

104.17.24.14
104.18.10.207
172.64.154.107
172.67.198.218
2620:0:890::100
2a00:1450:4001:813::200a
2a04:4e42:400::649
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0ce87a38d1614591b28ddb556ce7cda9f8e88f5a638d3cce97c7c82496b9c451
192c33eed05d114b36acab2ca5b17c79205e59bcf367c1549064519533505cf0
1c9937bb6f9d154f49699393da35aaa6d5fb9218daa1ec4cba7b4ee097d0d65b
3a9b144d6482b78afc4e0a940a1d3c22240f14fa535b808cf4dab9635339569f
57898461712a639d119bdf88b7145919dcc8956c7a271d2e4a1084b29eae6785
5b1c0e1f78176fe1c432d5038c383b0bf467e15ee5cd122e871d85fc583d1f33
71e729939e175f4ae9d3fcc645d6b7389ec341a47a84950e047197331fdc22f1
74850bad3411bc2540a6928159967088a555cb990e9569065a878e9e8a864830
7c6a569fb784b0325cb43340ff96072f6283d2dc904f8af1a047f69cdafe4c54
7e5f0b99a980ce4fd3e8c027a5eb5edeed7ca416bfd1396b106332a735ad4821
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
aa99c2bef11f9fc4a269ba710abbb822bd02bf8b782f65218b81bde6421a47dd
aad24ed5f36320964c515b9889cb2943bbf830b40703999ad3976fce8176e554
acf087c1757f08b0cfd53d59066544d7ef0bfcc50999e77c5813739cd9dc1479
d5a6b16241b54c1029551db26820dd95a660e029d8d7231f874152bebb0356ca
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
eb30ccb0c4d8275620947780d68c61f93849c86c6085f100a7744b83328ac482
f8a8cf4f1928938c796e2f35f8c21b0d510d4e3f16e016ee83d1f206f8ebde14