www.localcares.com Open in urlscan Pro
2606:4700:3037::6815:bc0 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillog...
Submission: On August 26 via automatic, source openphish (August 26th 2021, 1:06:40 am UTC)

Summary HTTP 15 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3037::6815:bc0, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.localcares.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 12th 2021. Valid for: a year.

This is the only time www.localcares.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BT (Telecommunication)

Domain & IP information

	IP Address		AS Autonomous System
12	2606:4700:303... 2606:4700:3037::6815:bc0		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::200a		15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003		15169 (GOOGLE) (GOOGLE)
15	3

12 2606:4700:3037::6815:bc0 (United States)

ASN13335 (CLOUDFLARENET, US)

www.localcares.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	localcares.com www.localcares.com	216 KB
2	gstatic.com fonts.gstatic.com	31 KB
1	googleapis.com fonts.googleapis.com	729 B
15	3

	Domain	Requested by
12	www.localcares.com	www.localcares.com
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.localcares.com
15	3

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-12` - `2022-07-11`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
Frame ID: 88EB2F01330043B856864575842BDAA2
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ᴠᴀʟɪᴅᴀᴛᴇ ʏᴏᴜʀ ᴘᴀʏᴍᴇɴᴛ ᴍᴇᴛʜᴏᴅ

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

247 kB
Transfer

577 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request pay.php Show response
www.localcares.com/store/images/ 4 KB
2 KB 205ms
179ms Document
text/html 2606:4700:3037::6815:bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03041cbb602ec977069abd02a572fef788374b8c824030c0777d59638eeca632

Request headers

:method: GET
:authority: www.localcares.com
:scheme: https
:path: /store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 01:06:20 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQJMOejUl0Tzj6706owUuiEixjm3U99e%2FWtXqI6zdCu23v6XWJvWsiNFReFFk3jOhlZpduk1AtXOY8yoVvOyypnKuGrJZFiPSQXEIdDcFfzcIHvDYDTI0tRID8FSiUPEV6HduzNWX78KFATNzxt%2BP%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6849282c7f9c0eb7-FRA
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 4 KB
729 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400&display=swap

Requested by

Host: www.localcares.com
URL: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf7eb3c10da480807ef3fc8032324c1c54ba467f74810218e6c3652895551714

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.localcares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 23:23:50 GMT
server: ESF
date: Thu, 26 Aug 2021 01:06:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Aug 2021 01:06:20 GMT

GET
H3-29 200 style.css
www.localcares.com/store/images/fonts/icomoon/ 78 KB
14 KB 49ms
38ms Stylesheet
text/css 2606:4700:3037::6815:bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.localcares.com/store/images/fonts/icomoon/style.css
Requested by: Host: www.localcares.com
URL: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b696dfc59a40f98665773871c86c7efa7b0a8323e589d6a5ef4ddc1fb5d6e8e8

Request headers

:path: /store/images/fonts/icomoon/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.localcares.com
referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 01:06:20 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4785
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13962
last-modified: Fri, 07 Sep 2018 17:25:14 GMT
server: cloudflare
etag: "137cc-5754b4a5a9280-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAjWWds5gkHAK8LHEKrUMYAz8yS9J3C69zh5SXEFpfJjhkWMdehai6QZtNqOCd%2BWEdT4kCYW%2BSXNBepZWlMk3wRUOG4%2Bt0AgBX4FsegR8754hO5DiKN%2F%2BOL1Ycmb7tsOGb09rn63Hqlz7eM5MbhAStk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6849282da8da96da-FRA

GET
H3-29 200 owl.carousel.min.css
www.localcares.com/store/images/css/ 3 KB
2 KB 59ms
47ms Stylesheet
text/css 2606:4700:3037::6815:bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.localcares.com/store/images/css/owl.carousel.min.css
Requested by: Host: www.localcares.com
URL: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

:path: /store/images/css/owl.carousel.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.localcares.com
referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 01:06:20 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4785
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1068
last-modified: Fri, 20 Apr 2018 07:22:10 GMT
server: cloudflare
etag: "d17-56a428bd60c80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVecReXRqUYSoWPWZHihtEhH1HSSUIVSJ3X7F79nUzECdu2GQUEPfiGdCm2f7I2p%2B29JoRT%2B%2Fp1H0oJqOtAv4C%2FH%2BPawE3QLh0Hb%2BpjqEDkFZxvM7HPlW2%2FO1MaW9Q6E7mjLz2eEzcceJzUQcch4W10%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6849282da8e196da-FRA

GET
H3-29 200 bootstrap.min.css
www.localcares.com/store/images/css/ 174 KB
24 KB 59ms
48ms Stylesheet
text/css 2606:4700:3037::6815:bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.localcares.com/store/images/css/bootstrap.min.css
Requested by: Host: www.localcares.com
URL: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 884d66ec062402f452f4151cce4f3c22ae419a897fa1f79c7312c2a2f28b8eab

Request headers

:path: /store/images/css/bootstrap.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.localcares.com
referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 01:06:20 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4785
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 24353
last-modified: Fri, 24 Jan 2020 16:37:30 GMT
server: cloudflare
etag: "2b7fe-59ce55faa6680-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pwX4gHPFQR9sRYdd27r97a5Rj8joB6BelhJIKQEuNqmrdKY5sZqUkWPXI8%2FFm3Gnw23ve2GH9WENc07BfdXhTmzlVsN9QE0Q5Br2c2jYlZeFNerS9rftKN8tnAE9ROegrhcaatvD16WK5A%2BfNJHmCo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6849282da8e296da-FRA

GET
H3-29 200 style.css
www.localcares.com/store/images/css/ 5 KB
2 KB 42ms
31ms Stylesheet
text/css 2606:4700:3037::6815:bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.localcares.com/store/images/css/style.css
Requested by: Host: www.localcares.com
URL: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3d7ba2e8d81ef3c9eae72a93d7e33928d83f569610d6e59f764f81831949616

Request headers

:path: /store/images/css/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.localcares.com
referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 01:06:20 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4785
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1297
last-modified: Fri, 24 Jan 2020 16:37:26 GMT
server: cloudflare
etag: "1466-59ce55f6d5d80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bNKPxfaJtJqXmbMKauX19zNKrdrQ2IAN7y5Y6U7Tn9y5aofsSa1KeBapmFIdtbQNxwTu69Whz50HmoBPAOqh0PRuMbgoFHumLEZZ7TNwVnsvZxV7GmX3y1iKrlkY%2FJyBCxQKrRvoZr7JbN6wkFxWos%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6849282da8de96da-FRA

GET
H3-29 200 header.png
www.localcares.com/store/images/ 7 KB
8 KB 40ms
31ms Image
image/png 2606:4700:3037::6815:bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.localcares.com/store/images/header.png
Requested by: Host: www.localcares.com
URL: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9987e3856eaef9a6953059a65e8d9e7e26f389fbd098771587b20816e62aeca

Request headers

:path: /store/images/header.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.localcares.com
referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 01:06:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4785
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7191
last-modified: Mon, 05 Jul 2021 19:03:32 GMT
server: cloudflare
etag: "1c17-5c664f621e900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbtCsM%2B4inf0i1emylrwqX%2BVo0%2BQXJsvm%2FOf71ce%2FweFNma%2BYQqjqmffye7DqJkDIBPX3LLzjPb%2F%2F5UpZmgjm0mNXP%2BVjUtrooLx9fdiYBIXT7SApsyZJYScvJEXVUZY%2FcP%2FI1sh3watPP0PixchpEE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6849282da8dc96da-FRA

GET
H3-29 200 bg.jpg
www.localcares.com/store/images/images/ 92 KB
92 KB 41ms
31ms Image
image/jpeg 2606:4700:3037::6815:bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.localcares.com/store/images/images/bg.jpg
Requested by: Host: www.localcares.com
URL: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6f39290229b517e0025412702d900018bcbe37e9fa4e32b7bbbacdbb8038dc2

Request headers

:path: /store/images/images/bg.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.localcares.com
referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 01:06:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4785
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 93963
last-modified: Mon, 05 Jul 2021 19:01:22 GMT
server: cloudflare
etag: "16f0b-5c664ee624480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2By0ec%2FUbViNPs4qG7C3fi20IFJ%2BJCwtdy%2ByUBDqdvGFtTeIw9NhzXlFqevPiGrTUhx7fjuSaPTaTze6Re%2BKZWUA9lu9%2FgYKfqsB0oBop4ZyPcaYoXOdptz2nyTB%2BOtshUv7zSW6n1p5McqIUW2CRg0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6849282da8df96da-FRA

GET
H3-29 200 footer.png
www.localcares.com/store/images/ 16 KB
17 KB 25ms
16ms Image
image/png 2606:4700:3037::6815:bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.localcares.com/store/images/footer.png
Requested by: Host: www.localcares.com
URL: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e0b92d8a977a3df0cbe9d0f1448c53f7ba3b58d3e641afe43d6829532600242

Request headers

:path: /store/images/footer.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.localcares.com
referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 01:06:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4785
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 16843
last-modified: Mon, 05 Jul 2021 19:31:04 GMT
server: cloudflare
etag: "41cb-5c66558996e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v52IWZemIxT6irr0G6EIEwjHle0RyGRcGyzHRZyE0yNLc3F9i8gV0%2B3QVknEAxHsfbCTMwIzkzc1Cip9JvYAKiLuvQWDJ2LdWe1eg6Tq6CsYtzD9XLPPEPAiYcKTUam%2FNw1D3m9ahJ0y6sd2cJz6x%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6849282da8db96da-FRA

GET
H3-29 200 jquery-3.3.1.min.js Show response
www.localcares.com/store/images/js/ 85 KB
30 KB 30ms
20ms Script
application/javascript 2606:4700:3037::6815:bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.localcares.com/store/images/js/jquery-3.3.1.min.js
Requested by: Host: www.localcares.com
URL: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

:path: /store/images/js/jquery-3.3.1.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.localcares.com
referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 01:06:20 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4784
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30305
last-modified: Tue, 29 Oct 2019 15:35:36 GMT
server: cloudflare
etag: "1538e-5960e5e19a200-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAAojWeqPU%2FArnvmS29zQt8BtD8eo0LYRElFw13i8vECHAy6EANpj4STmQ4iyxE9v4FWFJpShqnNlj%2BRdkTT4r8dLTIFKuHgqx2GbYGz6iiFspQ4FtuoifaE97Q9P9ckCE3q8M3cDU6XUZPLQjXxX5w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6849282da8dd96da-FRA

GET
H3-29 200 popper.min.js Show response
www.localcares.com/store/images/js/ 21 KB
8 KB 23ms
13ms Script
application/javascript 2606:4700:3037::6815:bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.localcares.com/store/images/js/popper.min.js
Requested by: Host: www.localcares.com
URL: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71ef7c16d75da75a5d417df75ed72144bc5ec65a9c0429b7dee0988adc3e8d29

Request headers

:path: /store/images/js/popper.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.localcares.com
referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 01:06:20 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4785
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7456
last-modified: Tue, 29 Oct 2019 15:37:56 GMT
server: cloudflare
etag: "520b-5960e6671dd00-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqbo1VRGSR4L%2FTiKgm%2Bok1QkYc7srqsn6BqzZtd5wevRRA3WYlF46SNmxU7DC1xxdCcVHszjk9%2BgbKIaWlAipsMnovoEdQr%2FtkuMX8PR5xwfwA9mzVSLB8U5ZAicDPa6SmxOn4iQ95W8kcqzDEwDlnY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6849282da8d996da-FRA

GET
H3-29 200 bootstrap.min.js Show response
www.localcares.com/store/images/js/ 57 KB
16 KB 58ms
48ms Script
application/javascript 2606:4700:3037::6815:bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.localcares.com/store/images/js/bootstrap.min.js
Requested by: Host: www.localcares.com
URL: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Request headers

:path: /store/images/js/bootstrap.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.localcares.com
referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 01:06:20 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4785
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15437
last-modified: Tue, 29 Oct 2019 15:38:36 GMT
server: cloudflare
etag: "e2d8-5960e68d43700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZm%2FF0%2BAFarrkshPPSyxnwkpq1%2B49SOTBuvJxMW48KxL%2BC3Oy6UCQuPFaSJoWXrNWR1Ar5zHuZ1FS7XMsZOjLqAy32cTfabhjugedqql8IuJH47wkbweu3vafxv3YAOPiAqJ3uQH%2BZUJJCvM71ge6hs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6849282da8e396da-FRA

GET
H3-29 200 main.js Show response
www.localcares.com/store/images/js/ 260 B
773 B 57ms
47ms Script
application/javascript 2606:4700:3037::6815:bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.localcares.com/store/images/js/main.js
Requested by: Host: www.localcares.com
URL: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:bc0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 276a0ecd7b8bd8ae5bccd925d47a2c18fd18f93ee963aa07a3875c7da6a50243

Request headers

:path: /store/images/js/main.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.localcares.com
referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.localcares.com/store/images/pay.php?login/loginform?TARGET=%3A%2F%2Fsignin1.bt.com%2Fbtmail%2Fsecure%2Femaillogin?&locale.x=nl_172.68.143.137f32b30c2a289bfca2c9857ffc5871ac8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 01:06:20 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4785
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 173
last-modified: Thu, 23 Jan 2020 15:43:22 GMT
server: cloudflare
etag: "104-59cd0803a7a80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYnxbcQfc1RENFud0nsTRDtTg7EbzVnVMbWwoXFAsx%2FzqTUqsWt%2FYEGM%2F0uUf%2FKtBfp5nSEbWr30QqM3LWjtdqAX1uzaX%2Fvf2K2ad72HWdEDWlptUHswAJ9jv0dEk8D0JK4xrdEzUwjpL4gXP8f7d8Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 6849282da8e096da-FRA

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400&display=swap

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.localcares.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 06:52:18 GMT
x-content-type-options: nosniff
age: 152042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 06:52:18 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.localcares.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 08:57:53 GMT
x-content-type-options: nosniff
age: 144507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 08:57:53 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BT (Telecommunication)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| message function| clickIE4 function| clickNS4 function| $ function| jQuery function| Popper object| bootstrap

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
www.localcares.com
2606:4700:3037::6815:bc0
2a00:1450:4001:802::200a
2a00:1450:4001:82b::2003
03041cbb602ec977069abd02a572fef788374b8c824030c0777d59638eeca632
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
276a0ecd7b8bd8ae5bccd925d47a2c18fd18f93ee963aa07a3875c7da6a50243
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
71ef7c16d75da75a5d417df75ed72144bc5ec65a9c0429b7dee0988adc3e8d29
884d66ec062402f452f4151cce4f3c22ae419a897fa1f79c7312c2a2f28b8eab
8e0b92d8a977a3df0cbe9d0f1448c53f7ba3b58d3e641afe43d6829532600242
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
b3d7ba2e8d81ef3c9eae72a93d7e33928d83f569610d6e59f764f81831949616
b696dfc59a40f98665773871c86c7efa7b0a8323e589d6a5ef4ddc1fb5d6e8e8
b9987e3856eaef9a6953059a65e8d9e7e26f389fbd098771587b20816e62aeca
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf7eb3c10da480807ef3fc8032324c1c54ba467f74810218e6c3652895551714
e6f39290229b517e0025412702d900018bcbe37e9fa4e32b7bbbacdbb8038dc2