divinedownload.com Open in urlscan Pro
192.185.57.186  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request eov.php Show response divinedownload.com/	241 KB 33 KB	1618ms 763ms	Document text/html	192.185.57.186 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://divinedownload.com/eov.php?id=34ed066df378efacc9b924ec161e7639 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.57.186 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS ns199.websitewelcome.com Software Apache / Resource Hash 2beffb9a34502848725e3fd5dd681c3c1f083ae22ba27c26de9769465f23060f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 13 Nov 2024 04:20:55 GMT server Apache vary Accept-Encoding
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/202305.1.0/	403 KB 97 KB	370ms 26ms	Script application/javascript	104.18.86.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202305.1.0/otBannerSdk.js Requested by Host: divinedownload.com URL: https://divinedownload.com/eov.php?id=34ed066df378efacc9b924ec161e7639 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 14f52b612bf622fefd619468f7be882f610ef063cf8c7848f3c3b9efd9180f77 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://divinedownload.com/ Response headers content-md5 fuN6EZWNAh2xn3yE+0HSRQ== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-lease-status unlocked cf-bgj minify cf-cache-status HIT x-ms-version 2009-09-19 age 73951 content-encoding gzip x-content-type-options nosniff cf-polished origSize=413096 date Wed, 13 Nov 2024 04:20:56 GMT content-type application/javascript last-modified Tue, 11 Jul 2023 02:35:48 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id f97551a3-d01e-00a4-706c-25a96e000000 cf-ray 8e1bf8df8caf9176-FRA access-control-allow-origin * x-ms-blob-type BlockBlob server cloudflare
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	22 KB 8 KB	338ms 26ms	Script application/javascript	104.18.86.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: divinedownload.com URL: https://divinedownload.com/eov.php?id=34ed066df378efacc9b924ec161e7639 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ade920fd5b00cd298aae7978673a9a64d0bb3fa593d23e91994ec6b6723ebace Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://divinedownload.com/ Response headers content-md5 Vo/d0f3ZefkwyML/PnJnjg== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DD02CCC182444E x-ms-lease-status unlocked cf-cache-status HIT age 2170 x-content-type-options nosniff date Wed, 13 Nov 2024 04:20:56 GMT content-type application/javascript last-modified Tue, 12 Nov 2024 03:47:39 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 558e0cc4-901e-00a8-6ed6-34479f000000 cf-ray 8e1bf8df8cac9176-FRA accept-ranges bytes access-control-allow-origin * content-length 7212 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	safari-nomodule.js Show response d27la2n6wh4qws.cloudfront.net/1.11.126/assets/libs/	1 KB 1 KB	393ms 21ms	Script application/x-javascript	18.66.121.158 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d27la2n6wh4qws.cloudfront.net/1.11.126/assets/libs/safari-nomodule.js Requested by Host: divinedownload.com URL: https://divinedownload.com/eov.php?id=34ed066df378efacc9b924ec161e7639 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.158 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-121-158.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash ed18db3600e1fb6056a4244321df84eb8fc8a38bdb0c8100342aee0111400eeb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://divinedownload.com/ Response headers content-encoding br etag W/"3a4ec97c91efae40bad580edfb77e395" age 27651408 x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id YTq57r7zr17AgI6EdFmLeQyEb1oEV2iVHF2mw7WobFPRSdGTxBA4TA== date Fri, 29 Dec 2023 03:24:09 GMT content-type application/x-javascript vary Accept-Encoding, Origin last-modified Wed, 15 Mar 2023 12:57:17 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 cache-control max-age=31536000 referrer-policy strict-origin-when-cross-origin via 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront) x-xss-protection 1; mode=block x-amz-cf-pop FRA60-P2 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	modernizr.js Show response d27la2n6wh4qws.cloudfront.net/1.11.126/assets/libs/	8 KB 4 KB	392ms 20ms	Script application/x-javascript	18.66.121.158 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d27la2n6wh4qws.cloudfront.net/1.11.126/assets/libs/modernizr.js Requested by Host: divinedownload.com URL: https://divinedownload.com/eov.php?id=34ed066df378efacc9b924ec161e7639 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.158 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-121-158.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 4a3d4cf982535aaf485c6e3af9ad1498df5c065adf94eed056f0aa13c31e92ed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://divinedownload.com/ Response headers content-encoding br etag W/"4d11af9e90e621d0f067d464959ebd7b" age 27651408 x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id JN-ZkcS8J2EWsH7DVKZcyMlDCMOcS4z01Es2oIUMyEYlef5wy60opQ== date Fri, 29 Dec 2023 03:24:09 GMT content-type application/x-javascript vary Accept-Encoding, Origin last-modified Wed, 15 Mar 2023 12:57:17 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 cache-control max-age=31536000 referrer-policy strict-origin-when-cross-origin via 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront) x-xss-protection 1; mode=block x-amz-cf-pop FRA60-P2 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	launch-6cc731e967aa.min.js Show response assets.adobedtm.com/15ff638fdec4/7a0c4d63ddff/	128 KB 38 KB	393ms 17ms	Script application/x-javascript	184.30.16.231 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.adobedtm.com/15ff638fdec4/7a0c4d63ddff/launch-6cc731e967aa.min.js Requested by Host: divinedownload.com URL: https://divinedownload.com/eov.php?id=34ed066df378efacc9b924ec161e7639 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 184.30.16.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a184-30-16-231.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 7ae84fb2958917888e8cca6508b393e057be35166102e55c5a806cfc5f3b7b15 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://divinedownload.com/ Response headers cache-control max-age=3600 timing-allow-origin * content-encoding gzip etag "ea7f5258d3191b3a4839f64d57cb75c3:1726042166.863419" x-content-type-options nosniff expires Wed, 13 Nov 2024 05:20:56 GMT accept-ranges bytes access-control-allow-origin https://divinedownload.com content-length 38980 date Wed, 13 Nov 2024 04:20:56 GMT content-type application/x-javascript last-modified Wed, 11 Sep 2024 08:09:26 GMT server AkamaiNetStorage vary Accept-Encoding
GET H2	404	env.js divinedownload.com/	0 0	123ms 122ms	Script text/html	192.185.57.186 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://divinedownload.com/env.js?v=1679478838 Requested by Host: divinedownload.com URL: https://divinedownload.com/eov.php?id=34ed066df378efacc9b924ec161e7639 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.57.186 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS ns199.websitewelcome.com Software Apache / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://divinedownload.com/eov.php?id=34ed066df378efacc9b924ec161e7639 Response headers content-encoding gzip accept-ranges bytes content-length 4677 date Wed, 13 Nov 2024 04:20:56 GMT last-modified Tue, 11 Oct 2022 08:00:10 GMT vary Accept-Encoding server Apache content-type text/html
GET H2	200	styles.aeb1a4bd2673a5c2.css d27la2n6wh4qws.cloudfront.net/1.11.126/	410 KB 46 KB	391ms 19ms	Stylesheet text/css	18.66.121.158 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d27la2n6wh4qws.cloudfront.net/1.11.126/styles.aeb1a4bd2673a5c2.css Requested by Host: divinedownload.com URL: https://divinedownload.com/eov.php?id=34ed066df378efacc9b924ec161e7639 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.158 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-121-158.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash f5fcb05402c1939ca6c838831446267679cfd8f045d59d767984d68f5e04a421 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://divinedownload.com/ Response headers content-encoding br etag W/"9e691181ce56500b2554b7eae35697c6" age 27651408 x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id x-n4XEH5znh2iIATsC7c5GXCNSEUeUF2lprpazOyZ7bKahmk5B01HA== date Fri, 29 Dec 2023 03:24:09 GMT content-type text/css vary Accept-Encoding, Origin last-modified Wed, 15 Mar 2023 12:57:22 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 cache-control max-age=31536000 referrer-policy strict-origin-when-cross-origin via 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront) x-xss-protection 1; mode=block x-amz-cf-pop FRA60-P2 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/6.33.0/	335 KB 79 KB	360ms 50ms	Script application/javascript	104.18.86.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.33.0/otBannerSdk.js Requested by Host: divinedownload.com URL: https://divinedownload.com/eov.php?id=34ed066df378efacc9b924ec161e7639 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f70806a03e311ba7470b652c8a39881e27a79fe48982f6cfb003745d00008cd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://divinedownload.com/ Response headers content-md5 snqI9a2h7X2bbSiony0guw== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-lease-status unlocked cf-bgj minify cf-cache-status HIT x-ms-version 2009-09-19 age 2063 content-encoding gzip x-content-type-options nosniff cf-polished origSize=343588 date Wed, 13 Nov 2024 04:20:56 GMT content-type application/javascript last-modified Wed, 13 Apr 2022 01:38:27 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id d1da7d3e-001e-000c-2d72-257d7b000000 cf-ray 8e1bf8df8cae9176-FRA access-control-allow-origin * x-ms-blob-type BlockBlob server cloudflare
GET H2	200	logo_mobile.svg d27la2n6wh4qws.cloudfront.net/1.11.126/assets/resources/img/	8 KB 4 KB	391ms 20ms	Image image/svg+xml	18.66.121.158 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d27la2n6wh4qws.cloudfront.net/1.11.126/assets/resources/img/logo_mobile.svg?v=190221144011 Requested by Host: divinedownload.com URL: https://divinedownload.com/eov.php?id=34ed066df378efacc9b924ec161e7639 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.158 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-121-158.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 32b83cf286ae208689cf5d7695135cb8c9b57626c1fd35797b4d44d9740fd61a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://divinedownload.com/ Response headers content-encoding br etag W/"006467bf223dbeb73f9206aadbc71a74" age 27670614 x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id BC0JnKozMFvXjif4TJ_E5w_8iToZRfnZHvSIJYiDqgfFkSLjuZ6M2A== date Thu, 28 Dec 2023 22:04:03 GMT content-type image/svg+xml vary Accept-Encoding, Origin last-modified Wed, 15 Mar 2023 12:57:19 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 cache-control max-age=31536000 referrer-policy strict-origin-when-cross-origin via 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront) x-xss-protection 1; mode=block x-amz-cf-pop FRA60-P2 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	logo_mobile.svg d27la2n6wh4qws.cloudfront.net/1.11.126/assets/resources/img/	8 KB 4 KB	398ms 27ms	Image image/svg+xml	18.66.121.158 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d27la2n6wh4qws.cloudfront.net/1.11.126/assets/resources/img/logo_mobile.svg Requested by Host: divinedownload.com URL: https://divinedownload.com/eov.php?id=34ed066df378efacc9b924ec161e7639 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.158 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-121-158.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 32b83cf286ae208689cf5d7695135cb8c9b57626c1fd35797b4d44d9740fd61a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://divinedownload.com/ Response headers content-encoding br etag W/"006467bf223dbeb73f9206aadbc71a74" age 27670614 x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id sS6Kz6GfPxNyuNR04vY8wL0j4nzzgh89a3BD_V6CvA-elrSeATEltw== date Thu, 28 Dec 2023 22:04:03 GMT content-type image/svg+xml vary Accept-Encoding, Origin last-modified Wed, 15 Mar 2023 12:57:19 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 cache-control max-age=31536000 referrer-policy strict-origin-when-cross-origin via 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront) x-xss-protection 1; mode=block x-amz-cf-pop FRA60-P2 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	logo.svg d27la2n6wh4qws.cloudfront.net/1.11.126/assets/resources/img/	7 KB 3 KB	394ms 23ms	Image image/svg+xml	18.66.121.158 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d27la2n6wh4qws.cloudfront.net/1.11.126/assets/resources/img/logo.svg?v=190221144011 Requested by Host: divinedownload.com URL: https://divinedownload.com/eov.php?id=34ed066df378efacc9b924ec161e7639 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.158 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-121-158.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash deeee170c3759a6ed35c0c05c5b935d0e7638f1c0c5677166918ecff6edb1909 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://divinedownload.com/ Response headers content-encoding br etag W/"795242580bfa3135028bd0750fdc1654" age 14705789 x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id kqQRumUzT7lDKTr6tvDgAFPaMyrrdRYWmPtAZD-yGml6hSk3Jn9fUg== date Sun, 26 May 2024 23:24:28 GMT content-type image/svg+xml vary Accept-Encoding, Origin last-modified Wed, 15 Mar 2023 12:57:19 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 cache-control max-age=31536000 referrer-policy strict-origin-when-cross-origin via 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront) x-xss-protection 1; mode=block x-amz-cf-pop FRA60-P2 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	logo.svg d27la2n6wh4qws.cloudfront.net/1.11.126/assets/resources/img/	7 KB 3 KB	34ms 22ms	Image image/svg+xml	18.66.121.158 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d27la2n6wh4qws.cloudfront.net/1.11.126/assets/resources/img/logo.svg Requested by Host: divinedownload.com URL: https://divinedownload.com/eov.php?id=34ed066df378efacc9b924ec161e7639 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.158 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-121-158.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash deeee170c3759a6ed35c0c05c5b935d0e7638f1c0c5677166918ecff6edb1909 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://divinedownload.com/ Response headers content-encoding br etag W/"795242580bfa3135028bd0750fdc1654" age 14705789 x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id lpKMjONZuIoSHxaPXl3RY2q1Qy5fde9Hx_A716E8T7t3ex3cdAW4LQ== date Sun, 26 May 2024 23:24:28 GMT content-type image/svg+xml vary Accept-Encoding, Origin last-modified Wed, 15 Mar 2023 12:57:19 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 cache-control max-age=31536000 referrer-policy strict-origin-when-cross-origin via 1.1 fce673b0e9c8ffbca0678547d3b9c424.cloudfront.net (CloudFront) x-xss-protection 1; mode=block x-amz-cf-pop FRA60-P2 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	e91f4b90-f9aa-4ace-891b-96dd07595d9f.json Show response cdn.cookielaw.org/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f/	4 KB 2 KB	382ms 64ms	XHR application/json	104.18.86.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f/e91f4b90-f9aa-4ace-891b-96dd07595d9f.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b834bb95d907649fcd05494d4debcc126a48b5a912e8e2078a67c15231e0c0f2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://divinedownload.com/ Response headers content-md5 kx6bTQPGYqHhsKxTxTEuAQ== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip cf-cache-status HIT etag 0x8DC8B8A31E8A1BD x-ms-lease-status unlocked x-ms-version 2009-09-19 x-content-type-options nosniff expires Thu, 14 Nov 2024 04:20:57 GMT date Wed, 13 Nov 2024 04:20:57 GMT content-type application/json last-modified Thu, 13 Jun 2024 09:21:23 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=86400 cross-origin-resource-policy cross-origin, cross-origin x-ms-request-id 02c9e79d-601e-003e-6b4c-2c25ab000000 cf-ray 8e1bf8e1ed459274-FRA accept-ranges bytes access-control-allow-origin * content-length 1624 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	SBBWeb-Light.bc18b368199ae515.woff d27la2n6wh4qws.cloudfront.net/1.11.126/	73 KB 74 KB	323ms 8ms	Font application/octet-stream	18.66.121.158 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d27la2n6wh4qws.cloudfront.net/1.11.126/SBBWeb-Light.bc18b368199ae515.woff Requested by Host: d27la2n6wh4qws.cloudfront.net URL: https://d27la2n6wh4qws.cloudfront.net/1.11.126/styles.aeb1a4bd2673a5c2.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.158 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-121-158.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 827f57b69d5c20311780ef5c23fc1ab8437b398b5e052767735177ec842ef338 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://divinedownload.com Referer https://d27la2n6wh4qws.cloudfront.net/1.11.126/styles.aeb1a4bd2673a5c2.css Response headers access-control-max-age 3000 etag "cd78c9b37c110283ebb483bd7ec231d8" age 27615773 access-control-allow-methods GET, PUT, POST, DELETE, HEAD x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id pjPxHYIJHKajg34nw-SnOfgrx5F7QgvFz8A3Y_K6wIkOSHwpvmERnA== date Fri, 29 Dec 2023 13:18:05 GMT content-type application/octet-stream last-modified Wed, 15 Mar 2023 12:57:16 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 cache-control max-age=31536000 referrer-policy strict-origin-when-cross-origin via 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 74672 x-xss-protection 1; mode=block x-amz-cf-pop FRA60-P2 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	icomoon.455940b2a559ab48.woff2 d27la2n6wh4qws.cloudfront.net/1.11.126/	7 KB 7 KB	335ms 20ms	Font application/octet-stream	18.66.121.158 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d27la2n6wh4qws.cloudfront.net/1.11.126/icomoon.455940b2a559ab48.woff2?7m5yri Requested by Host: d27la2n6wh4qws.cloudfront.net URL: https://d27la2n6wh4qws.cloudfront.net/1.11.126/styles.aeb1a4bd2673a5c2.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.158 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-121-158.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 45b8f30ef99295a0d738416e4e5af9fa2dd41619499622c2c57416580fc7197b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://divinedownload.com Referer https://d27la2n6wh4qws.cloudfront.net/1.11.126/styles.aeb1a4bd2673a5c2.css Response headers access-control-expose-headers * etag "175797213b8b8dffcc1bd588a9ecec2f" age 511944 x-content-type-options nosniff x-cache Hit from cloudfront x-amz-cf-id MVKTWafr1JndyOW4QLgC9t-XzkjaO8eKk9LF5NQpxAxUwWz9tytMzA== date Thu, 07 Nov 2024 06:08:34 GMT content-type application/octet-stream last-modified Wed, 15 Mar 2023 12:57:22 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 cache-control max-age=31536000 referrer-policy strict-origin-when-cross-origin via 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront) accept-ranges bytes access-control-allow-origin * content-length 6944 x-xss-protection 1; mode=block x-amz-cf-pop FRA60-P2 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	66 B 312 B	351ms 31ms	XHR application/json	172.64.155.119 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.155.119 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 accept application/json Referer https://divinedownload.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip access-control-allow-methods GET, OPTIONS cf-ray 8e1bf8e459dbdc56-FRA access-control-allow-origin * date Wed, 13 Nov 2024 04:20:57 GMT content-type application/json vary Accept-Encoding server cloudflare access-control-allow-headers Content-Type
GET H2	404	favicon.ico divinedownload.com/	12 KB 5 KB	121ms 121ms	Other text/html	192.185.57.186 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://divinedownload.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.185.57.186 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS ns199.websitewelcome.com Software Apache / Resource Hash bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://divinedownload.com/eov.php?id=34ed066df378efacc9b924ec161e7639 Response headers content-encoding gzip accept-ranges bytes content-length 4677 date Wed, 13 Nov 2024 04:20:57 GMT last-modified Tue, 11 Oct 2022 08:00:10 GMT vary Accept-Encoding server Apache content-type text/html
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/202405.1.0/	450 KB 109 KB	22ms 22ms	Script application/javascript	104.18.86.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc750f921cf29a7897435f868856c4c63e22f7fd66ac456a72ced5f6eca584e7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://divinedownload.com/ Response headers content-md5 FvJhOHkAv4E9FRANYIql4g== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCA5E2E4131AEC x-ms-lease-status unlocked cf-cache-status HIT age 3184 x-content-type-options nosniff date Wed, 13 Nov 2024 04:20:57 GMT content-type application/javascript last-modified Tue, 16 Jul 2024 22:01:48 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 6a308df6-b01e-005a-73f9-2c950b000000 cf-ray 8e1bf8e48e989176-FRA accept-ranges bytes access-control-allow-origin * content-length 111551 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	en-ch.json Show response cdn.cookielaw.org/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f/ba92dbb5-02d7-443f-8481-b67e4427328b/	46 KB 13 KB	47ms 46ms	Fetch application/json	104.18.86.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/e91f4b90-f9aa-4ace-891b-96dd07595d9f/ba92dbb5-02d7-443f-8481-b67e4427328b/en-ch.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d17ec0d35eddc21e31533e4f5277736b14f53bb589f35decf76b184ed37b8d0c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://divinedownload.com/ Response headers content-md5 cErb2Uj+aByfsM3nIuqoVQ== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip cf-cache-status HIT etag 0x8DC8B8A34066281 x-ms-lease-status unlocked x-ms-version 2009-09-19 x-content-type-options nosniff expires Thu, 14 Nov 2024 04:20:57 GMT date Wed, 13 Nov 2024 04:20:57 GMT content-type application/json last-modified Thu, 13 Jun 2024 09:21:27 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=86400 cross-origin-resource-policy cross-origin, cross-origin x-ms-request-id 62746812-d01e-0101-424c-2cd422000000 cf-ray 8e1bf8e4ddff9274-FRA accept-ranges bytes access-control-allow-origin * content-length 13225 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/202405.1.0/assets/	13 KB 3 KB	41ms 41ms	Fetch application/json	104.18.86.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202405.1.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://divinedownload.com/ Response headers content-md5 6UG/zXBA1N2ENale+jpn7g== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCA5E2DF2F81FC x-ms-lease-status unlocked cf-cache-status HIT x-content-type-options nosniff date Wed, 13 Nov 2024 04:20:57 GMT content-type application/json last-modified Tue, 16 Jul 2024 22:01:40 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 633761eb-001e-0061-574c-2cd755000000 cf-ray 8e1bf8e53e159274-FRA accept-ranges bytes access-control-allow-origin * content-length 3041 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/202405.1.0/assets/	24 KB 4 KB	58ms 57ms	Fetch text/css	104.18.86.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202405.1.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202405.1.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://divinedownload.com/ Response headers content-md5 9eusssrwoAzVOVsIadvhfQ== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-ms-lease-status unlocked cf-cache-status MISS content-encoding gzip x-content-type-options nosniff date Wed, 13 Nov 2024 04:20:57 GMT content-type text/css last-modified Tue, 16 Jul 2024 22:01:57 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id d5cd9203-701e-004c-5683-355495000000 cf-ray 8e1bf8e53e169274-FRA access-control-allow-origin * x-ms-blob-type BlockBlob server cloudflare

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Schweizerische Bundesbahnen (Transportation)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| OptanonWrapper object| html5 object| Modernizr object| digitalDataLayer object| _satellite boolean| __satelliteLoaded object| OtTrustedType string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| Optanon object| OneTrust

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://divinedownload.com/env.js?v=1679478838 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://divinedownload.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdn.cookielaw.org
d27la2n6wh4qws.cloudfront.net
divinedownload.com
geolocation.onetrust.com
104.18.86.42
172.64.155.119
18.66.121.158
184.30.16.231
192.185.57.186
14f52b612bf622fefd619468f7be882f610ef063cf8c7848f3c3b9efd9180f77
1f70806a03e311ba7470b652c8a39881e27a79fe48982f6cfb003745d00008cd
2beffb9a34502848725e3fd5dd681c3c1f083ae22ba27c26de9769465f23060f
32b83cf286ae208689cf5d7695135cb8c9b57626c1fd35797b4d44d9740fd61a
45b8f30ef99295a0d738416e4e5af9fa2dd41619499622c2c57416580fc7197b
4a3d4cf982535aaf485c6e3af9ad1498df5c065adf94eed056f0aa13c31e92ed
7ae84fb2958917888e8cca6508b393e057be35166102e55c5a806cfc5f3b7b15
827f57b69d5c20311780ef5c23fc1ab8437b398b5e052767735177ec842ef338
ade920fd5b00cd298aae7978673a9a64d0bb3fa593d23e91994ec6b6723ebace
b834bb95d907649fcd05494d4debcc126a48b5a912e8e2078a67c15231e0c0f2
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482
c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa
d17ec0d35eddc21e31533e4f5277736b14f53bb589f35decf76b184ed37b8d0c
dc750f921cf29a7897435f868856c4c63e22f7fd66ac456a72ced5f6eca584e7
deeee170c3759a6ed35c0c05c5b935d0e7638f1c0c5677166918ecff6edb1909
ed18db3600e1fb6056a4244321df84eb8fc8a38bdb0c8100342aee0111400eeb
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
f5fcb05402c1939ca6c838831446267679cfd8f045d59d767984d68f5e04a421
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b