urlscan.io logo urlscan.io
SecurityTrails logo

simply2.cloud Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://simply2.cloud/
Effective URL: https://simply2.cloud/
Submission: On November 13 via api from DK — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 14 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is simply2.cloud.
TLS certificate: Issued by E1 on October 29th 2022. Valid for: 3 months.
This is the only time simply2.cloud was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2600:9000:205... 16509 (AMAZON-02)
4 146.75.116.193 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.20.228.67 13335 (CLOUDFLAR...)
5 2600:9000:211... 16509 (AMAZON-02)
14 6
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
simply2.cloud
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
simply2.cloud
1    2600:9000:2057:c200:7:68d6:a080:21 (United States)

ASN16509 (AMAZON-02, US)
d1j9qsxe04m2ki.cloudfront.net
4    146.75.116.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    104.20.228.67 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
5    2600:9000:211e:a200:1b:9327:5500:21 (United States)

ASN16509 (AMAZON-02, US)
dwmsurhf1svv8.cloudfront.net
Apex Domain
Subdomains		 Transfer
6 cloudfront.net
d1j9qsxe04m2ki.cloudfront.net
dwmsurhf1svv8.cloudfront.net
35 KB
4 imgur.com
i.imgur.com — Cisco Umbrella Rank: 5824
264 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 12014
c.statcounter.com — Cisco Umbrella Rank: 8220
15 KB
2 simply2.cloud
simply2.cloud
6 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 304
30 KB
14 5
Domain Requested by
5 dwmsurhf1svv8.cloudfront.net d1j9qsxe04m2ki.cloudfront.net
4 i.imgur.com simply2.cloud
2 simply2.cloud 1 redirects
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com simply2.cloud
1 ajax.googleapis.com simply2.cloud
1 d1j9qsxe04m2ki.cloudfront.net simply2.cloud
14 7

This site contains no links.

Subject Issuer Validity Valid
*.simply2.cloud
E1		 2022-10-29 -
2023-01-27		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.imgur.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-03-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-06 -
2022-12-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://simply2.cloud/
Frame ID: B12E390CBA1CBE27FA468CFC61720BB4
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Robux Generator

Page URL History Show full URLs

  1. http://simply2.cloud/ HTTP 301
    https://simply2.cloud/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

71 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

349 kB
Transfer

461 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://simply2.cloud/ HTTP 301
    https://simply2.cloud/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
simply2.cloud/
Redirect Chain
  • http://simply2.cloud/
  • https://simply2.cloud/
22 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://simply2.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
090b2d97ecacb9049d3f4f8f70cf5aca8b57ae9d3ced9753645b5d6fe96c5f29

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
121532
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7697558eb9eb9b58-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 13 Nov 2022 11:58:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEJ2tI7BHTAlWEQ0B0Bn6rGgkWVuch1Ckhj6xs9g1e5LQBq7N2kClQx4OJb%2BpruqtZ2g9WJ1uu7daBUrPVyq0HUdQ%2BK%2B7sFpPQp7mrwwL8HDxm7uNzj0n3lowIRuzA4KvbQrq1hwzMw7jHrj"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-nf-request-id
01GHRDNDBB83M3Q9CJMTJBNM22

Redirect headers

CF-RAY
7697558e3a3c8ff2-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 13 Nov 2022 11:58:12 GMT
Expires
Sun, 13 Nov 2022 12:58:12 GMT
Location
https://simply2.cloud/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SILVo744M1jUBYNXgnD22NpJ%2ByjWm1GV8wuUSJ0Sq8pV4Doa8qlcmrbsthkcA%2BnF1bD3ut0mUIwZmc1gg1GU78cX4pASQL2jvcq9B27n8zmkoDPpNHHcKRZ9%2BRas2Ag7%2B5%2FfWDzYNsC3DIvc"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
a5313b5.js
d1j9qsxe04m2ki.cloudfront.net/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1j9qsxe04m2ki.cloudfront.net/a5313b5.js
Requested by
Host: simply2.cloud
URL: https://simply2.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c200:7:68d6:a080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
988df212c000f1c5b3043b9813ed991815089f0dac63ad094351eb372166f9ff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 11:31:07 GMT
content-encoding
br
via
1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
last-modified
Sun, 30 Oct 2022 13:50:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
1636
etag
W/"d0adadb877ad5f27d0c2a369cd5acb5e"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-id
4SYYlEeMRonQK_pnTteYFRHCAPzfFw6bdu82Qx8UdZ6PjuCBWybPXg==
VpvACIl.png
i.imgur.com/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/VpvACIl.png
Requested by
Host: simply2.cloud
URL: https://simply2.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
1465ac63e62bff9b63f79bdcee71070f30c9a6be756905f25309d559e7d30f69
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 11:58:12 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
828587
x-cache
HIT, HIT
content-length
67920
x-served-by
cache-iad-kiad7000170-IAD, cache-fra-eddf8230130-FRA
last-modified
Thu, 03 Nov 2022 21:48:25 GMT
server
cat factory 1.0
x-timer
S1668340692.424550,VS0,VE2
etag
"b5a7eae6b9af548d8d9c6082c5767a8e"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
8, 1
DhyMsWb.png
i.imgur.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/DhyMsWb.png
Requested by
Host: simply2.cloud
URL: https://simply2.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
c7d58b920cb71a032dcfed71b60969c279c49a5a88fb789c5b8088f7c331717f
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 11:58:12 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
828587
x-cache
HIT, HIT
content-length
8030
x-served-by
cache-iad-kiad7000116-IAD, cache-fra-eddf8230130-FRA
last-modified
Thu, 03 Nov 2022 21:48:25 GMT
server
cat factory 1.0
x-timer
S1668340693.615533,VS0,VE1
etag
"4155229fa016414ee2b2e31eec0b05d6"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
250, 1
thYMSeL.png
i.imgur.com/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/thYMSeL.png
Requested by
Host: simply2.cloud
URL: https://simply2.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
2cc47580bd26f3187d494a3f2fbb290b1e3dc8030094033b7aa2f837a6965283
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 11:58:12 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
828587
x-cache
HIT, HIT
content-length
41384
x-served-by
cache-iad-kjyo7100131-IAD, cache-fra-eddf8230130-FRA
last-modified
Thu, 03 Nov 2022 21:48:25 GMT
server
cat factory 1.0
x-timer
S1668340693.642925,VS0,VE2
etag
"7501fcc77637134020dba260db34c1ce"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
8, 1
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: simply2.cloud
URL: https://simply2.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 10:37:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 13 Nov 2023 10:37:50 GMT
counter.js
www.statcounter.com/counter/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: simply2.cloud
URL: https://simply2.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.228.67 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38773f599cca495f0904c3d5a9981fc081b743a8d9aa106ed17e0d9b03ae6598

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 11:58:12 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 10 Nov 2022 16:06:42 GMT
server
cloudflare
age
13027
etag
W/"636d2192-aa70"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
769755919aa29116-FRA
expires
Sun, 13 Nov 2022 20:21:05 GMT
html.2987682.6bb6d.0.js
dwmsurhf1svv8.cloudfront.net/public/external/v2/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dwmsurhf1svv8.cloudfront.net/public/external/v2/html.2987682.6bb6d.0.js
Requested by
Host: d1j9qsxe04m2ki.cloudfront.net
URL: https://d1j9qsxe04m2ki.cloudfront.net/a5313b5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a200:1b:9327:5500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
cee7b41657607ef69c9cf6955edfee121cc343f0b0c7fa85997ba7aeb14bae6b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 11:58:13 GMT
via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA56-C2
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
JEGt-J6sJXydXI482cz926awm6uKFJaOZCvl_-H38Kes0CZl3X4b4A==
css_front.css
dwmsurhf1svv8.cloudfront.net/public/external/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dwmsurhf1svv8.cloudfront.net/public/external/css_front.css
Requested by
Host: d1j9qsxe04m2ki.cloudfront.net
URL: https://d1j9qsxe04m2ki.cloudfront.net/a5313b5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a200:1b:9327:5500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 11:58:13 GMT
via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jun 2020 20:06:47 GMT
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA56-C2
etag
"19c4-5a8c5e62e9d0a"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
6596
x-amz-cf-id
U54ngYjrgDlJee1PtweWrrYsv9QwC5xq_QS59MqLowtN_khJa66rxg==
c2CPm7k.jpg
i.imgur.com/ 		148 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/c2CPm7k.jpg
Requested by
Host: simply2.cloud
URL: https://simply2.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
3e7ad1785a50c78423da0fe92dc53a84243177f068284828cc787e0d1d48175b
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://simply2.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 11:58:12 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
828587
x-cache
HIT, HIT
content-length
152047
x-served-by
cache-iad-kcgs7200088-IAD, cache-fra-eddf8230130-FRA
last-modified
Thu, 03 Nov 2022 21:48:26 GMT
server
cat factory 1.0
x-timer
S1668340693.837930,VS0,VE2
etag
"ce3781a4a968bc7e936e2b298e72372e"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
8, 1
t.php
c.statcounter.com/ 		192 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12811462&u1=5C9DC7BB1CBD4F459AD8C0A1E2A9A3D8&java=1&security=bd5af2a1&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//simply2.cloud/&t=Robux%20Generator&invisible=1&sc_rum_e_s=713&sc_rum_e_e=719&sc_rum_f_s=0&sc_rum_f_e=651&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.228.67 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 11:58:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://simply2.cloud
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
769755926c549116-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
css.css
dwmsurhf1svv8.cloudfront.net/public/clockers/CustomButton/ 		1010 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dwmsurhf1svv8.cloudfront.net/public/clockers/CustomButton/css.css
Requested by
Host: d1j9qsxe04m2ki.cloudfront.net
URL: https://d1j9qsxe04m2ki.cloudfront.net/a5313b5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a200:1b:9327:5500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 11:58:13 GMT
via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
last-modified
Fri, 10 Apr 2020 22:29:00 GMT
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA56-C2
etag
"3f2-5a2f7428ae907"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
1010
x-amz-cf-id
K1xm8QZYlj_KA07ZhmvaSTdqLPM1pPBkhMpZ7dUU_vNcU7LmHNnxUA==
guid
dwmsurhf1svv8.cloudfront.net/public/ 		0
277 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dwmsurhf1svv8.cloudfront.net/public/guid?cpguid=d18vy3vz5&e=ll&t=1668340693805
Requested by
Host: d1j9qsxe04m2ki.cloudfront.net
URL: https://d1j9qsxe04m2ki.cloudfront.net/a5313b5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a200:1b:9327:5500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 11:58:13 GMT
via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA56-C2
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
content-length
0
x-amz-cf-id
3Nq3ORcRBvNjmPnfM7YsaUbbF-N-DeTH7IBWooNOgxWnYtqvgOkJrQ==
check.php
dwmsurhf1svv8.cloudfront.net/public/external/ 		78 B
371 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dwmsurhf1svv8.cloudfront.net/public/external/check.php?it=2987682&time=1668340695333
Requested by
Host: d1j9qsxe04m2ki.cloudfront.net
URL: https://d1j9qsxe04m2ki.cloudfront.net/a5313b5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a200:1b:9327:5500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 13 Nov 2022 11:58:15 GMT
via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA56-C2
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
78
x-amz-cf-id
Rqu-PDWTS1y_Fb7laHOpXSZeaPeaQ1fvRH6Ha9miLOjpAcYGHxbN5A==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker object| dt function| SelectedCard function| generate function| $ function| jQuery number| sc_project number| sc_invisible string| sc_security function| _statcounter

4 Cookies

Domain/Path Name / Value
simply2.cloud/ Name: _cpguid
Value: d18vy3vz5
.simply2.cloud/ Name: sc_is_visitor_unique
Value: rx12811462.1668340693.5C9DC7BB1CBD4F459AD8C0A1E2A9A3D8.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12811462.1668340692.0
.statcounter.com/ Name: is_visitor_unique
Value: 1668340692412460120