urlscan.io logo urlscan.io
SecurityTrails logo

omegacham.s3.fr-par.scw.cloud Open in urlscan Pro
2001:bc8:10::6  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://omegacham.s3.fr-par.scw.cloud/omega_cham.html
Effective URL: https://omegacham.s3.fr-par.scw.cloud/
Submission: On June 27 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 10 HTTP transactions. The main IP is 2001:bc8:10::6, located in France and belongs to Online SAS, FR. The main domain is omegacham.s3.fr-par.scw.cloud.
TLS certificate: Issued by R3 on May 16th 2022. Valid for: 3 months.
This is the only time omegacham.s3.fr-par.scw.cloud was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DocuSign (Online)

Domain & IP information

IP Address AS Autonomous System
2 2001:bc8:10::6 12876 (Online SAS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 192.229.133.221 15133 (EDGECAST)
1 2606:50c0:800... 54113 (FASTLY)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
10 6
2    2001:bc8:10::6 (France)

ASN12876 (Online SAS, FR)
omegacham.s3.fr-par.scw.cloud
1    2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    192.229.133.221 (United States)

ASN15133 (EDGECAST, US)
www.w3schools.com
1    2606:50c0:8002::154 (United States)

ASN54113 (FASTLY, US)
raw.githubusercontent.com
4    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
Apex Domain
Subdomains		 Transfer
5 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1942
ka-f.fontawesome.com — Cisco Umbrella Rank: 4239
32 KB
2 scw.cloud
omegacham.s3.fr-par.scw.cloud
565 KB
1 githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 4620
354 KB
1 w3schools.com
www.w3schools.com — Cisco Umbrella Rank: 15388
5 KB
0 appdomain.cloud Failed
netx-gen-api2-00000000000-chameleon-v2.us-south.cf.appdomain.cloud Failed
10 5
Domain Requested by
4 ka-f.fontawesome.com kit.fontawesome.com
2 omegacham.s3.fr-par.scw.cloud omegacham.s3.fr-par.scw.cloud
1 raw.githubusercontent.com omegacham.s3.fr-par.scw.cloud
1 www.w3schools.com omegacham.s3.fr-par.scw.cloud
1 kit.fontawesome.com omegacham.s3.fr-par.scw.cloud
0 netx-gen-api2-00000000000-chameleon-v2.us-south.cf.appdomain.cloud Failed omegacham.s3.fr-par.scw.cloud
10 6

This site contains no links.

Subject Issuer Validity Valid
s3.fr-par.scw.cloud
R3		 2022-05-16 -
2022-08-14		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-01 -
2023-01-01		 a year crt.sh
*.w3schools.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-08 -
2023-05-04		 a year crt.sh
*.github.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-04-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-12 -
2022-09-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://omegacham.s3.fr-par.scw.cloud/
Frame ID: EAE1525F6AFC002492E13E43C3F0AC84
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://omegacham.s3.fr-par.scw.cloud/omega_cham.html Page URL
  2. https://omegacham.s3.fr-par.scw.cloud/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Page Statistics

10
Requests

90 %
HTTPS

80 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

957 kB
Transfer

1432 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://omegacham.s3.fr-par.scw.cloud/omega_cham.html Page URL
  2. https://omegacham.s3.fr-par.scw.cloud/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
omega_cham.html
omegacham.s3.fr-par.scw.cloud/ 		564 KB
565 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://omegacham.s3.fr-par.scw.cloud/omega_cham.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:bc8:10::6 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
content-length
577642
content-type
text/html
date
Mon, 27 Jun 2022 06:52:47 GMT
etag
"cac285e14ea5e21c66e40630ba055da4"
last-modified
Sun, 19 Jun 2022 22:13:19 GMT
x-amz-id-2
txb48b4161c3cd4a51b8aa1-0062b953be
x-amz-request-id
txb48b4161c3cd4a51b8aa1-0062b953be
x-amz-version-id
1655676799792533
c2d4bde48d.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/c2d4bde48d.js
Requested by
Host: omegacham.s3.fr-par.scw.cloud
URL: https://omegacham.s3.fr-par.scw.cloud/omega_cham.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f419ac55273c9026713c4d9d1e04cb45e1fa7a7db74b28f3ac29c72eb739353e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://omegacham.s3.fr-par.scw.cloud/
Origin
https://omegacham.s3.fr-par.scw.cloud
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 06:52:47 GMT
content-encoding
gzip
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status
HIT
age
3
strict-transport-security
max-age=31536000; preload
x-request-id
Fvonq6KFz-ikH35d5fCB
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
cf-ray
721c430a9dc93bb0-CDG
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
w3.css
www.w3schools.com/w3css/4/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.w3schools.com/w3css/4/w3.css
Requested by
Host: omegacham.s3.fr-par.scw.cloud
URL: https://omegacham.s3.fr-par.scw.cloud/omega_cham.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.221 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (pab/6F93) / ASP.NET
Resource Hash
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;
X-Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://omegacham.s3.fr-par.scw.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
content-encoding
gzip
etag
"0c1aca2c487d81:0"
last-modified
Fri, 24 Jun 2022 12:19:22 GMT
server
ECS (pab/6F93)
age
10245
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
public,max-age=14400,public
date
Mon, 27 Jun 2022 06:52:47 GMT
accept-ranges
bytes
content-length
5258
x-content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
bgmen.jpg
raw.githubusercontent.com/202219910200/cloudrepo/main/ 		354 KB
354 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://raw.githubusercontent.com/202219910200/cloudrepo/main/bgmen.jpg
Requested by
Host: omegacham.s3.fr-par.scw.cloud
URL: https://omegacham.s3.fr-par.scw.cloud/omega_cham.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8a7424d3b8498c186b2fa5b0286661f2d79001303ed7de3dd31a497800ccfdb3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://omegacham.s3.fr-par.scw.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-fastly-request-id
9b14c7231ec7d7b2d6ce5ea2f105dabd5b6a6429
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
via
1.1 varnish
x-content-type-options
nosniff
x-cache
HIT
x-cache-hits
1
vary
Authorization,Accept-Encoding,Origin
content-length
362157
x-xss-protection
1; mode=block
x-served-by
cache-cdg20783-CDG
x-github-request-id
FD5E:7D9C:6D1431:7C7521:62B953BC
x-timer
S1656312767.221392,VS0,VE1
x-frame-options
deny
date
Mon, 27 Jun 2022 06:52:47 GMT
source-age
3
strict-transport-security
max-age=31536000
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
etag
W/"0482106232e0720a3c30e0c16a4408ff729cef35f4dcf7cf9a8ebab143db5184"
accept-ranges
bytes
expires
Mon, 27 Jun 2022 06:57:47 GMT
free.min.css
ka-f.fontawesome.com/releases/v6.1.1/css/ 		99 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.1.1/css/free.min.css?token=c2d4bde48d
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c2d4bde48d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0281802cc2ff5e8b90c99ba9ad7368b961d1260e4337b5a98b4c2127ff2e7c11

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://omegacham.s3.fr-par.scw.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 06:52:47 GMT
via
1.1 987196530f90845d1356080568bb67c6.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
633336
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 22 Mar 2022 15:20:25 GMT
server
cloudflare
etag
W/"e928f2f6625d980162008b5be6edbbd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQ4YdPyVSRRMkJVm7w6TczLKo509%2FpumU3AwjGclzkWEokQ5Bh32bLsmIg2tluREHtdG3BCnLMwXR1Dpy9uqErhpffzmzx18XYfF6nQO5y9GT31aj6%2BLaJAh7z0qpdjC%2FhLwSRN7hpdILqVrNs7KUBg8zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
CDG53-C1
cf-ray
721c430b2f674007-CDG
access-control-allow-headers
fa-kit-token
x-amz-cf-id
_RkQvKimUQ42JnUNMw3letfIChGOP-6O_KSK1GEprmiWAHVqopSRmw==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.1.1/css/ 		26 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.1.1/css/free-v4-shims.min.css?token=c2d4bde48d
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c2d4bde48d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdb6555be3041a9a8cfcc4eb73472e4c8d5ecdaef1fc9348046f2e55744ec271

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://omegacham.s3.fr-par.scw.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 06:52:47 GMT
via
1.1 8118e4598aac4892a3dfbc36812e88d4.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24127
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 22 Mar 2022 15:20:25 GMT
server
cloudflare
etag
W/"b11f2a3228edadb911f3cd3055998a78"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEoGSPhtavXa8wQzkxA7ZSpJ9igNeh3LGmBr07QcyThqaSGzHtT%2ByoTs3aNF7rDp17kTvJEXpSN2f0WqI%2BCfDj80NDDB9qTf%2FRRmgnfj2Wp3CyLkMA34EvVBK%2ByGuMqANntTLgshwJfKVx5nGY%2B661QoHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
AMS1-P2
cf-ray
721c430b2f6c4007-CDG
access-control-allow-headers
fa-kit-token
x-amz-cf-id
p589rtoW3w5pBV2WliQ5wNHLN-ewO9wskxdxAQXBHUuBwSqp1PkiPQ==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.1.1/css/ 		823 B
716 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.1.1/css/free-v5-font-face.min.css?token=c2d4bde48d
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c2d4bde48d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d00b137617ca412b948102cd10f2c393fc78cbce53bf505fdeb161dd0e8e8157

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://omegacham.s3.fr-par.scw.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 06:52:47 GMT
via
1.1 39f309504c11c4fe223e3b1f0425f198.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
633336
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 22 Mar 2022 15:20:24 GMT
server
cloudflare
etag
W/"03dccdffea10bc97343873a08295ab21"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZbfKhNM6APwPx19BcV7jtLG%2Bj13Ey4UiVq3FI3pk10vBh%2BR2petrJgFA1TBy9kXnp6CbGC1QJQNR8oz0xzRxwUroPXscqyRFYBAuPAE7fFBBVb7oPgXAvF6HvmrL1qZV9FcxO0x1X7qdklQzbdlJbEg1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
CDG53-C1
cf-ray
721c430b2f6d4007-CDG
access-control-allow-headers
fa-kit-token
x-amz-cf-id
KuNe2-VMyJkohuho8tSY2D2BcQ7gSXMuyQumFCdQ8pYMmaVD4OT2oA==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.1.1/css/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.1.1/css/free-v4-font-face.min.css?token=c2d4bde48d
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/c2d4bde48d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a077714458698c2b217b2656e483a4055c3af9eef97e0cc26536c171c32359b2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://omegacham.s3.fr-par.scw.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 06:52:47 GMT
via
1.1 3bdef981159de9c713020c64476ba0e4.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24127
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 22 Mar 2022 15:20:24 GMT
server
cloudflare
etag
W/"46869a1d043f8dda8670a973b0773719"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSl6GHEDfGzrKp6F7BZCuNZpC%2Fezzf50DPaPcqRIfxrOX29mUDjWzQzaZDXJz%2BpxafUo%2FWiMtg%2FJey2YwPRg4Upd5jDQn8cSR40oyW%2B0Waa7icekEq0QR8lydo5BjaVWnkEQ2dZ46pPP7JuuIAFNW368Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
AMS1-P2
cf-ray
721c430b2f6e4007-CDG
access-control-allow-headers
fa-kit-token
x-amz-cf-id
W-Ji49M26awtUruNU9J-6DK3Rgw1BtDoY2Au23OFceuJRHgrAnM-gg==
truncated
/ 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1fa82d030aca102b39e357291206b8b133d9f920c781c7d270d2c73f6ee7b61b

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		32 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34b2fa39e4d967d0d32bc42dcc83d20aca8261f7a70bbbd844c5c3700b3162eb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		88 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4b91d1b8888b77fdbf5d54b3ed71f03b1473cd97bb13fadb4fe5efe0e7eaf20

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		222 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/gif
Primary Request /
omegacham.s3.fr-par.scw.cloud/ 		466 B
638 B 		Document
General
Check archive.org
Download Go to
Full URL
https://omegacham.s3.fr-par.scw.cloud/
Requested by
Host: omegacham.s3.fr-par.scw.cloud
URL: https://omegacham.s3.fr-par.scw.cloud/omega_cham.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:bc8:10::6 , France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
/
Resource Hash
0c830967bebc989f2a941c2d495e1dbc40bc7178cd14d543276360d7f696aeb2

Request headers

Referer
https://omegacham.s3.fr-par.scw.cloud/omega_cham.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-length
466
content-type
application/xml
date
Mon, 27 Jun 2022 06:52:47 GMT
x-amz-id-2
tx4cf5674c7b7546b3b7437-0062b953bf
x-amz-request-id
tx4cf5674c7b7546b3b7437-0062b953bf
/
netx-gen-api2-00000000000-chameleon-v2.us-south.cf.appdomain.cloud/ 		0
0
truncated
/ 		112 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9ebfb7c3ecda0476f5c7350a344469673eb940d967b3bf40054fe667570f0a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
netx-gen-api2-00000000000-chameleon-v2.us-south.cf.appdomain.cloud
URL
https://netx-gen-api2-00000000000-chameleon-v2.us-south.cf.appdomain.cloud/?getemailinfo=&dq=

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DocuSign (Online)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| navigation object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts

0 Cookies