eur2024.osuk-mail.top Open in urlscan Pro
172.67.154.144 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://on.golfappweb.com/index.php/campaigns/tr314v068hd9d/track-url/eh370trttf49e/224dac71848aeddadae71d39c187c9c66d245c2d
Effective URL:
https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e
Submission: On June 24 via manual (June 24th 2024, 6:40:04 am UTC) from DE — Scanned from DE

Summary HTTP 24 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 24 HTTP transactions. The main IP is 172.67.154.144, located in United States and belongs to CLOUDFLARENET, US. The main domain is eur2024.osuk-mail.top.
TLS certificate: Issued by GTS CA 1P5 on April 30th 2024. Valid for: 3 months.

This is the only time eur2024.osuk-mail.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.188.73 172.67.188.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.154.144 172.67.154.144	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	172.67.147.84 172.67.147.84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:8ef5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	4

1 172.67.188.73 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

on.golfappweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

google-checked-verified.youngold1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.154.144 (United States)

ASN13335 (CLOUDFLARENET, US)

eur2024.osuk-mail.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.67.147.84 (United States)

ASN13335 (CLOUDFLARENET, US)

google-checked-verified.assurance-multirisque-pro.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	assurance-multirisque-pro.top google-checked-verified.assurance-multirisque-pro.top	2 MB
2	osuk-mail.top eur2024.osuk-mail.top google1.comeur2024.osuk-mail.top Failed	6 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1381	426 KB
1	youngold1.com 1 redirects google-checked-verified.youngold1.com	508 B
1	golfappweb.com 1 redirects on.golfappweb.com	697 B
24	5

	Domain	Requested by
19	google-checked-verified.assurance-multirisque-pro.top	eur2024.osuk-mail.top google-checked-verified.assurance-multirisque-pro.top
2	eur2024.osuk-mail.top
1	use.fontawesome.com	eur2024.osuk-mail.top
1	google-checked-verified.youngold1.com	1 redirects
1	on.golfappweb.com	1 redirects
0	google1.comeur2024.osuk-mail.top Failed	eur2024.osuk-mail.top
24	6

This site contains links to these domains. Also see Links.

Domain
www.robertmillso.com

Subject Issuer	Validity	Valid
osuk-mail.top GTS CA 1P5	`2024-04-30` - `2024-07-29`	3 months	crt.sh
assurance-multirisque-pro.top WE1	`2024-06-09` - `2024-09-07`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e
Frame ID: 40FD336575E57D83E3D6E3AE0EC7BC77
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Belohnungen für Umfragen

Page URL History Show full URLs

https://on.golfappweb.com/index.php/campaigns/tr314v068hd9d/track-url/eh370trttf49e/224dac71848aeddada... HTTP 301
https://google-checked-verified.youngold1.com/mo7hjwpuqesr5xca2q41cvsf?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e HTTP 301
http://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e HTTP 307
https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

24
Requests

92 %
HTTPS

20 %
IPv6

5
Domains

6
Subdomains

4
IPs

2
Countries

2592 kB
Transfer

3435 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.robertmillso.com/kelora//?source_id=G-EUR24&s1=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e
Title: Continuer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://on.golfappweb.com/index.php/campaigns/tr314v068hd9d/track-url/eh370trttf49e/224dac71848aeddadae71d39c187c9c66d245c2d HTTP 301
https://google-checked-verified.youngold1.com/mo7hjwpuqesr5xca2q41cvsf?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e HTTP 301
http://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e HTTP 307
https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response eur2024.osuk-mail.top/ Redirect Chain https://on.golfappweb.com/index.php/campaigns/tr314v068hd9d/track-url/eh370trttf49e/224dac71848aeddadae71d39c187c9c66d245c2d https://google-checked-verified.youngold1.com/mo7hjwpuqesr5xca2q41cvsf?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e http://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e	31 KB 6 KB	312ms 61ms	Document text/html	172.67.154.144 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.144 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash `f57e5cb04e0f4657c98f600163baa46256175311165856570e7ce1a78e3a8a5d` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 898ab94b9ffb0414-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 24 Jun 2024 06:39:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8V%2F7V5uAD3ai5%2B6yNBHjlUmuS3Zmp5doxsBTG3baqOJ2uxhzpC%2B2hqSO70vAh5vgHDEoYVucN9Arkfo%2FmAhCDllFFklq8%2BinpMkpnxZ03ihbaswocejuh7broYqZ%2FHaUTR4AQG%2BRW6g%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.34 Redirect headers Location https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Non-Authoritative-Reason HttpsUpgrades
GET H3	200	style.css google-checked-verified.assurance-multirisque-pro.top/EURO_2024/css/	15 KB 4 KB	526ms 48ms	Stylesheet text/css	172.67.147.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://google-checked-verified.assurance-multirisque-pro.top/EURO_2024/css/style.css Requested by Host: eur2024.osuk-mail.top URL: https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.147.84 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d4a73e2f5e93d221826a3318e0ec20ebfd4a5304b418c498bc8309c532905c07` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 06:39:59 GMT content-encoding br cf-cache-status HIT last-modified Fri, 21 Jun 2024 20:30:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6675e2c8-3d09" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HgpWGOJJghiHixlmvbJOqlGpSIdGNjRMCLolLZogRggsaRryZPpsrjx%2BGOw2hBaP74mKXdXufvn8SE3DlSPU8Fss9%2BjaDrSDNyDo6krNuNDG%2BXzFTt64y7QSpdPmKHiEDe0PNIS%2F4AvTs1JaWqu2dxpXz%2FzHK73ERWrDyKwQdK7WBE4q4sDmbw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 898ab94f08132c35-FRA alt-svc h3=":443"; ma=86400
GET H3	200	animate.min.css google-checked-verified.assurance-multirisque-pro.top/EURO_2024/css/	70 KB 6 KB	549ms 71ms	Stylesheet text/css	172.67.147.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://google-checked-verified.assurance-multirisque-pro.top/EURO_2024/css/animate.min.css Requested by Host: eur2024.osuk-mail.top URL: https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.147.84 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `721fd25fad2ceea766b483f7692fc840097de75bb54185273920adf62da63e15` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 06:39:59 GMT content-encoding br cf-cache-status HIT last-modified Fri, 21 Jun 2024 20:29:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6675e2c7-11847" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yJmcITNA8cBrkDaIhW79LioJ9i1wdJ%2BQ4AxXnfXW8yAEPnGrnB7WtJZBQ6VWvxBCwoh%2FP2yrvHzpW8XeB%2BEpATLi1erDn8arrW1pbc2aik1vz%2Bh1Z1JPi0NR%2F%2BF44v%2B46pzuTQT5Jjr7dKdPBr9XVEoHxv%2FLxrgNOR7r5H7BzbtngOAGfdLUgw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 898ab94f080f2c35-FRA alt-svc h3=":443"; ma=86400
GET H2	200	all.js Show response use.fontawesome.com/releases/v5.15.4/js/	1 MB 426 KB	116ms 54ms	Script application/javascript	2606:4700:3037::ac43:8ef5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.15.4/js/all.js Requested by Host: eur2024.osuk-mail.top URL: https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Origin https://eur2024.osuk-mail.top Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 06:40:00 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Sep 2023 01:45:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 202352 etag W/"5e29440867fdb02a48dffded02338c31" vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pDEVL38n38SFgrw%2BCzCheSayDkNeUJA9Rm8yBCGLOf09O2ZDVVk%2B%2BmkGnhtHmo2bDiVYZf38CGcxjIyFW0a6FIak5cxt%2FNpJHf%2Bvrn8GWH3AamD3b2%2BJybvzTmkEXu2XYJCsbIInOleRqGQOHfKcBLGQ"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=31556926 cf-ray 898ab94fea5f363f-FRA alt-svc h3=":443"; ma=86400
GET H3	200	datehead.js Show response google-checked-verified.assurance-multirisque-pro.top/EURO_2024/js/	2 KB 1013 B	550ms 72ms	Script application/javascript	172.67.147.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://google-checked-verified.assurance-multirisque-pro.top/EURO_2024/js/datehead.js Requested by Host: eur2024.osuk-mail.top URL: https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.147.84 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b0dbb86d81a9c6caa671bcb57a009a64f2010036b7ea5b09249207f70f8af875` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 06:39:59 GMT content-encoding br cf-cache-status HIT last-modified Fri, 21 Jun 2024 20:29:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6675e2c6-6ab" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bIKxJEZLX%2Fb73nBXdDCIgU%2FRKlkEL7C6w2WBHzQl84csxke97wZKEo56LuyoC%2BprG8Cqdxt2PXHF7tGzi7PQMjXdlMci0G8X9sRO9ARSZ9VXPiet%2FmoRx2rVfsZvE27dzfq%2BfcDH5bhJZy3Ne%2BHo3tyNDikjwvi1sAnAXZvvXlz9aED1xKYZyQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 898ab94f08112c35-FRA alt-svc h3=":443"; ma=86400
GET H3	200	logo.png google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/	60 KB 60 KB	528ms 51ms	Image image/png	172.67.147.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/logo.png Requested by Host: eur2024.osuk-mail.top URL: https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.147.84 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f11d8c24cf98c836c7bb37a67f21e574a0596bdb9e26d4977e6b074b2d0e6213` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 06:39:59 GMT cf-cache-status HIT last-modified Fri, 21 Jun 2024 20:30:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6675e2d6-ee5f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YmGzVGFdyk9sDS3aAmaHp8nWbKcATLK0VhftBiDRCFwVSkoBrf4sZE61lLZl%2BVMqgJ0%2FXl%2FyoZ1Qz5nmZq8QBj5NmOH1srnE3Nyq0AqF7PVn3m26CkkR%2B1PZ%2BHYIYiy7%2B4jS5kZrT3bghOmUfOoxy2T%2ByD0%2B3dTXTy%2B3%2FoIXYqdHGBJ5WwMBvw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 898ab94f08142c35-FRA alt-svc h3=":443"; ma=86400 content-length 61023
GET H3	200	flaglogo.png google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/	2 KB 3 KB	569ms 92ms	Image image/png	172.67.147.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/flaglogo.png Requested by Host: eur2024.osuk-mail.top URL: https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.147.84 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9876a7ae2fff3841f6815203eea614d8cd0022ebbe6b9b4d97bfbc53bf422fe4` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 06:39:59 GMT cf-cache-status HIT last-modified Fri, 21 Jun 2024 20:30:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6675e2d3-998" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ELocqFLfeBGY3cvVp7PrHMk9YmiST9v0j1xF3raj1pKfCmj1ffUFmCe1vn6UhMvX8vs%2FeErsB%2BhhFuX99jN93kI7Iuj4IokqDrjzl3MD8lA%2FlEEWaxJAh1ncEGrp6oc2srY72BfjR2Y%2FFy0n0hZZU61bHUMiBZ1Smdoyw44dNr%2BNjY0QscdeDg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 898ab94f08182c35-FRA alt-svc h3=":443"; ma=86400 content-length 2456
GET H3	200	product.png google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/	626 KB 626 KB	32ms 30ms	Image image/png	172.67.147.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/product.png Requested by Host: eur2024.osuk-mail.top URL: https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.147.84 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4f274432a076901d7bafed3b4752e076c5162f7e298fd68883da0ad154fdabd` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 06:39:59 GMT cf-cache-status HIT last-modified Fri, 21 Jun 2024 20:30:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3027 etag "6675e2d1-9c702" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lzGmvK7vGqB2qsvHAvRz01p83DiJZ1QPPUvaZrYhWbZZKCkvrD0n9KHdQyqUNwE7%2BVX6TUPdaxHwmIqAD0VtslvjCMspDpTI5zo6%2FiDfnJI35af%2FdvIi2gFX6XfqHOVNEpoQZ4m8lJzRkkZbJh2344v3A86Gsbc%2BHCZbROApspVsWG2rj2%2FRHA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 898ab94f88b92c35-FRA alt-svc h3=":443"; ma=86400 content-length 640770
GET H3	200	loadingBL.gif google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/	122 KB 122 KB	107ms 105ms	Image image/gif	172.67.147.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/loadingBL.gif Requested by Host: eur2024.osuk-mail.top URL: https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.147.84 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d31df4c7c89a74d3c73b6f6acb8191c2f2430fb4a5521eeb0507dfac269b7613` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 06:39:59 GMT cf-cache-status HIT last-modified Fri, 21 Jun 2024 20:30:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3027 etag "6675e2cb-1e6dc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RLH3E09Ak4zXB7DDbGnWCgAYCrRoh9vvv%2F1lZAC2iuBfFioyJ%2FXqOSCL2Vmyi0vFIkkA7I4kP3dlU0UDBobDfbgJeGxEF5SJ2HlOEDjtiy1BGNRJ%2FoHCri9H5UfWngg0NhU%2B1j09pIZ2kl%2F4Hhb1xRhKY4OWtWQ1fpfyo%2B0piixZGf5Og8JBhg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 898ab94f88bc2c35-FRA alt-svc h3=":443"; ma=86400 content-length 124636
GET H3	200	prize1.png google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/	803 KB 804 KB	109ms 106ms	Image image/png	172.67.147.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/prize1.png Requested by Host: eur2024.osuk-mail.top URL: https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.147.84 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6fa31e78c7bd16dcb0f25f1ef247d75cb3b9ce99ac3c181e365d5bf390eeded9` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 06:39:59 GMT cf-cache-status HIT last-modified Fri, 21 Jun 2024 20:30:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6675e2ca-c8b9d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aSGAeL%2BMITnkquU2lp7bx5O%2Bdkw2FlJOKGghrSjIOJrTaauysR9qMVjp5QzU5jK62cYr90DddtbgYi%2FXjvwhx8q86Z62fI%2BisSeXbs3y5Ju8CNeUyQIsXgTpN2TSkrgKdq3YKfd0lk3g17PLkRkQS1OrQolKZzl3shAfxe4QOZpw6p5tt82NBQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 898ab94f88bd2c35-FRA alt-svc h3=":443"; ma=86400 content-length 822173
GET H3	200	1.jpg google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/	44 KB 45 KB	127ms 125ms	Image image/jpeg	172.67.147.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/1.jpg Requested by Host: eur2024.osuk-mail.top URL: https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.147.84 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `08cca3a01826c51da3ba67e576c6edc01819ad7d1fac69888e1cb18638b62bd6` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 06:39:59 GMT cf-cache-status HIT last-modified Fri, 21 Jun 2024 20:30:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6675e2d5-b0d0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BWLQHmltr8NEAanAuqvllQAYqkrSMODpN29iX%2Bkb%2Bibr7NhSX3UTz7pbzf7HqizamDWTwkiKFq%2FwDbDpn3S%2BV6EhPpAPop3LhZme9Ytn7aEbdA1ovTL2s%2F%2Bqi06SESUtE2XZocR0byDTnjPYE4i%2FthmEKy1ayrae6kd4xJACCatMO5QG2WYVCg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 898ab94f88c02c35-FRA alt-svc h3=":443"; ma=86400 content-length 45264
GET H3	200	2.jpg google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/	45 KB 45 KB	128ms 126ms	Image image/jpeg	172.67.147.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/2.jpg Requested by Host: eur2024.osuk-mail.top URL: https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.147.84 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `12848411efa2d4d07a355d984599585dcf70a54213f832586e3a59761b349529` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 06:39:59 GMT cf-cache-status HIT last-modified Fri, 21 Jun 2024 20:30:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6675e2d3-b223" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YRfsWB7vUf%2FxOUyLqQgCBWReP%2B3fKl8C3aTJBXVs3ht2LdICNTHOXxjU5BJ1nHytnTR90uFsugM4rz%2BBUIsNP9Lae4Ckcbkr0cmVZufuAfLwoQO3eI6CMH4gleEAikGtJovBG9KVTDyFrh5gCDbh8%2FKINoEW8YTGCtc2TlbPsE0meZYWVB%2BGew%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 898ab94f88c22c35-FRA alt-svc h3=":443"; ma=86400 content-length 45603
GET H3	200	comm_pic_1.jpg google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/	89 KB 90 KB	129ms 127ms	Image image/jpeg	172.67.147.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/comm_pic_1.jpg Requested by Host: eur2024.osuk-mail.top URL: https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.147.84 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a2ddd4f2e356260409b3eb12c30e67658a0146bdf54c1a15803274f7a74271b6` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 06:39:59 GMT cf-cache-status HIT last-modified Fri, 21 Jun 2024 20:30:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6675e2d0-1644a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZZEpna1p1hvT4gOSzdW%2B5Bz%2FKN6gy%2Fwljak62JYGnycUivHglQcNbwrnyneFge3ZJiPiRavX%2Blw%2FURv5hM7r4f5bee%2F0IB0%2BuxH2dxzj1F6300FkExtRh0YYYUOtnsERT8bVMt7b8OFgBp7SFaKuX9wXj4gRcvXGaSVvKVWITcX5AWQoPxuW7g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 898ab94f88c32c35-FRA alt-svc h3=":443"; ma=86400 content-length 91210
GET H3	200	3.jpg google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/	38 KB 39 KB	149ms 147ms	Image image/jpeg	172.67.147.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/3.jpg Requested by Host: eur2024.osuk-mail.top URL: https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.147.84 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `80e4781f9a5c59e6dd06e2a0663c83a74a6e7f72b75240e1251d0f47822baaa0` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 06:39:59 GMT cf-cache-status HIT last-modified Fri, 21 Jun 2024 20:30:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6675e2d4-982d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fS9MusWZXSxtb9TU800arBl3gmbuWJ4wmuJsV8UwtSfpRwoGBLYD%2BTKHSIJueFfB2VY9SGrS%2Fs2g6nHOkYMZd9zeWbm69nwKycGCl5t7nd6oB%2B2FedL1O1yr9Dtw0NT%2FtYgaw7kyUVUtpyy80HqSrKKYQbRqKq7L9bat8V1WDcG10US7Q26sqA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 898ab94f88c52c35-FRA alt-svc h3=":443"; ma=86400 content-length 38957
GET H3	200	4.jpg google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/	38 KB 38 KB	150ms 148ms	Image image/jpeg	172.67.147.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/4.jpg Requested by Host: eur2024.osuk-mail.top URL: https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.147.84 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d59f849bd004f0145fe46845f941fa5787ef30c4b333839c74085839cdd2eba3` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 06:39:59 GMT cf-cache-status HIT last-modified Fri, 21 Jun 2024 20:30:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6675e2ca-97bf" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cRdNXrj27X7P8xIucBJd4tcVvy08bxFXrMD%2F%2BIQYt19OXNP%2BElbCNpfxvyNNc763VQdUjJMUQWeKDH8nRq2uzH9V79WkJvfnS2rHWZMwoUNeFLHSY7LNmujAFqoE9BBYEq%2BV8Js%2BoNK8GrEE1yMTsHSuumLBduVgNrRFTcYSjl7a1a3DfIDqcg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 898ab94f88c72c35-FRA alt-svc h3=":443"; ma=86400 content-length 38847
GET H3	200	comm_pic_2.jpg google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/	71 KB 72 KB	151ms 149ms	Image image/jpeg	172.67.147.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/comm_pic_2.jpg Requested by Host: eur2024.osuk-mail.top URL: https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.147.84 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8120c5a8f6fce7867a216d724e6cbd93210ee0a0d151751ce6e394fd32deda98` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 06:39:59 GMT cf-cache-status HIT last-modified Fri, 21 Jun 2024 20:30:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6675e2cf-11c49" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FlKXPMaV16p1SwZTBhl0uCyzcfWnoUhI6yEjFRPjQLkMa9CYJkfAvw9wPVnGoVQQI9xzi1HtTRvLUgP204XgOoPOdjYBk4mWqjSG%2BHgexodJFLlp71gVgB7l7NhYI2kQCr51lU4uLsLTvRVsAHiRbi4780yA3LT7gVWV6DJkCesdpTgI%2BTAmTA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 898ab94f88c82c35-FRA alt-svc h3=":443"; ma=86400 content-length 72777
GET H3	200	5.jpg google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/	46 KB 46 KB	152ms 150ms	Image image/jpeg	172.67.147.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/5.jpg Requested by Host: eur2024.osuk-mail.top URL: https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.147.84 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `36940f375ccd0d827d78f05e0b3296d140efe4e586abc40ffdbb5395e3277f18` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 06:39:59 GMT cf-cache-status HIT last-modified Fri, 21 Jun 2024 20:30:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6675e2cc-b7ec" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JI%2BgOTjuLWJ0d%2BvRaJI263akZ3fyqsS%2FuoBJe%2BCXuZFjTy25R6qaySdhf6UtGK1a0%2FeYTkpJriD8NG%2BreG1E5zHnbu%2F9y40Ho0vLwfihIUwS1lmVB6N4oG9oHeR0Rt%2FepCxpAs7pybIV6mOeTFlgz4Dox%2FjdawOGdkDo5lzKJTlLkyItwgrYZw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 898ab94f88ca2c35-FRA alt-svc h3=":443"; ma=86400 content-length 47084
GET H3	200	f_guarantee.png google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/	6 KB 7 KB	154ms 152ms	Image image/png	172.67.147.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/f_guarantee.png Requested by Host: eur2024.osuk-mail.top URL: https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.147.84 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 06:39:59 GMT cf-cache-status HIT last-modified Fri, 21 Jun 2024 20:30:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6675e2cd-18d0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2WB0N%2Fof2P439NWQ3CfG41wjqylurFLy7xPG8D7Ezq7Vwja%2FpN5xt9aYmQTHz%2FqTwu0UGSfpmcJ2n6%2FxHB7a%2Fnq7%2FqIpMjG6FnDhZY9iqXRFzLPLNaIk7XrNiHHsdKuV7dcP6p8ejNSjlIWRjkeXzhqQBHMUfs0GS4daZE8UiJz0Pur%2F3T9nMQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 898ab94f88cc2c35-FRA alt-svc h3=":443"; ma=86400 content-length 6352
GET H3	200	f_secure_1.png google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/	10 KB 10 KB	156ms 155ms	Image image/png	172.67.147.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/f_secure_1.png Requested by Host: eur2024.osuk-mail.top URL: https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.147.84 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 06:39:59 GMT cf-cache-status HIT last-modified Fri, 21 Jun 2024 20:30:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6675e2ce-2686" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=shp5x9Fls1Fyal1i47SV1RX3rdrLcgZgDMQQiX4MOkjhqCK0WoDu0hq%2FTjADN%2FLH6MLOd8gfqMD2a4IApjn530h7e8KSu6CQOLAMaBWhr%2FDBLt0EvMP3%2F90nRsySiuBWDsrDOSDmi3gXw7l3ZaexzoQjIr2rHenTVApoYWjpbx5rBjIn3QoRpA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 898ab94f88ce2c35-FRA alt-svc h3=":443"; ma=86400 content-length 9862
GET H3	200	logo2.png google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/	139 KB 140 KB	159ms 158ms	Image image/png	172.67.147.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/logo2.png Requested by Host: eur2024.osuk-mail.top URL: https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.147.84 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c7ae084ba9034f9f69404dfb0a0b53bef7ebd82839864069c074a362d24b01d2` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 06:39:59 GMT cf-cache-status HIT last-modified Fri, 21 Jun 2024 20:30:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6675e2d2-22d6a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rIZQ1XQ3m2ZwS5hgcq3a78x%2BWPGhNYHmRWQ%2FKcNceWo%2BN47MpLBL%2BL2tHWL6SLKBtiJGxIaj9TBbnL%2BEskGV65%2BGYrVI5%2BKZK068zomchiuG9ZB3aAxcEQg8P8fg8mVWrnZgzpvDqA0wwGYDIOX6hY5o%2Bgm51pLCCxbbMY2Evo%2B4a4MvXqcFoA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 898ab94f88d22c35-FRA alt-svc h3=":443"; ma=86400 content-length 142698
GET H3	200	script.js Show response google-checked-verified.assurance-multirisque-pro.top/EURO_2024/js/	10 KB 2 KB	127ms 124ms	Script application/javascript	172.67.147.84 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://google-checked-verified.assurance-multirisque-pro.top/EURO_2024/js/script.js Requested by Host: eur2024.osuk-mail.top URL: https://eur2024.osuk-mail.top/?customer-id=tr314v068hd9d-oc0811yvlr51b-eh370trttf49e Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.147.84 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0001ae0e6dd12a8d3bd2ce7fe738c887e17012cb71918285431c0f48cdb8612f` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 06:39:59 GMT content-encoding br cf-cache-status HIT last-modified Fri, 21 Jun 2024 20:29:57 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6675e2c5-2780" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a2Tabvmb8lZXOBGp1laxUVYj9Bst7%2Fd3U1jRZh64vNQMVDZh4PaoF8YuRPmiS07LcUW25Ps12GLmQ9Z234s33lAlTs%2BzxE63JSh6y6rAS%2FgE1Pv3ITj9gPr4LodKgloG3Bc%2BCrLyYefahom4Vw%2BRX80Z0Gn0ZRkPd30MJvDy%2BFNHAMdF8qPeCw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 898ab94f88bf2c35-FRA alt-svc h3=":443"; ma=86400
GET		bg.png google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/	0 0

GET		/ google1.comeur2024.osuk-mail.top/	0 0

GET H3	404	favicon.ico eur2024.osuk-mail.top/	209 B 594 B	65ms 64ms	Other text/html	172.67.154.144 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://eur2024.osuk-mail.top/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.154.144 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 24 Jun 2024 06:40:00 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YeR1k4KsebQ0d6iG6lBpH49YfMZ6Za5i7BgPpWblMCpISrpuK3rKdF%2FK8EC1%2B8Gk66cF6GeHJBe8jPxw3hQ2mNBDYji6wiaMXFH5Z0z4XGc%2BH7NqCQx%2FpbKMvOELEHiqAEyoiKw3mtg%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 898ab950ffd60414-FRA alt-svc h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: google-checked-verified.assurance-multirisque-pro.top
URL: https://google-checked-verified.assurance-multirisque-pro.top/EURO_2024/images/bg.png

Domain: google1.comeur2024.osuk-mail.top
URL: https://google1.comeur2024.osuk-mail.top/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			on.golfappweb.com/	1969-12-31 23:59:59	Name: mwsid Value: 70s4rallskm9p496oj5e9il3e6

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://google1.comeur2024.osuk-mail.top/ Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://eur2024.osuk-mail.top/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eur2024.osuk-mail.top
google-checked-verified.assurance-multirisque-pro.top
google-checked-verified.youngold1.com
google1.comeur2024.osuk-mail.top
on.golfappweb.com
use.fontawesome.com
google-checked-verified.assurance-multirisque-pro.top
google1.comeur2024.osuk-mail.top
172.67.147.84
172.67.154.144
172.67.188.73
188.114.97.3
2606:4700:3037::ac43:8ef5
0001ae0e6dd12a8d3bd2ce7fe738c887e17012cb71918285431c0f48cdb8612f
08cca3a01826c51da3ba67e576c6edc01819ad7d1fac69888e1cb18638b62bd6
12848411efa2d4d07a355d984599585dcf70a54213f832586e3a59761b349529
36940f375ccd0d827d78f05e0b3296d140efe4e586abc40ffdbb5395e3277f18
6fa31e78c7bd16dcb0f25f1ef247d75cb3b9ce99ac3c181e365d5bf390eeded9
721fd25fad2ceea766b483f7692fc840097de75bb54185273920adf62da63e15
80e4781f9a5c59e6dd06e2a0663c83a74a6e7f72b75240e1251d0f47822baaa0
8120c5a8f6fce7867a216d724e6cbd93210ee0a0d151751ce6e394fd32deda98
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
9876a7ae2fff3841f6815203eea614d8cd0022ebbe6b9b4d97bfbc53bf422fe4
a2ddd4f2e356260409b3eb12c30e67658a0146bdf54c1a15803274f7a74271b6
b0dbb86d81a9c6caa671bcb57a009a64f2010036b7ea5b09249207f70f8af875
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
c7ae084ba9034f9f69404dfb0a0b53bef7ebd82839864069c074a362d24b01d2
d31df4c7c89a74d3c73b6f6acb8191c2f2430fb4a5521eeb0507dfac269b7613
d4a73e2f5e93d221826a3318e0ec20ebfd4a5304b418c498bc8309c532905c07
d59f849bd004f0145fe46845f941fa5787ef30c4b333839c74085839cdd2eba3
f11d8c24cf98c836c7bb37a67f21e574a0596bdb9e26d4977e6b074b2d0e6213
f4f274432a076901d7bafed3b4752e076c5162f7e298fd68883da0ad154fdabd
f57e5cb04e0f4657c98f600163baa46256175311165856570e7ce1a78e3a8a5d

eur2024.osuk-mail.top Open in urlscan Pro 172.67.154.144 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

92 %HTTPS

20 %IPv6

5 Domains

6 Subdomains

4 IPs

2 Countries

2592 kBTransfer

3435 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

20 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

eur2024.osuk-mail.top Open in urlscan Pro
172.67.154.144 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

92 %
HTTPS

20 %
IPv6

5
Domains

6
Subdomains

4
IPs

2
Countries

2592 kB
Transfer

3435 kB
Size

1
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!