packofhappiness.com Open in urlscan Pro
185.128.34.96 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://permido.page.link/Ak1i
Effective URL:
https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub...
Submission: On June 25 via manual (June 25th 2022, 10:55:57 am UTC) from FR — Scanned from FR

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 16 HTTP transactions. The main IP is 185.128.34.96, located in Netherlands and belongs to EUROFIBER-UNET EUROFIBER, NL. The main domain is packofhappiness.com.
TLS certificate: Issued by R3 on April 11th 2022. Valid for: 3 months.

This is the only time packofhappiness.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Tracking (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	20.229.172.147 20.229.172.147	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	178.237.33.50 178.237.33.50	8455 (ATOM86-AS...) (ATOM86-AS ATOM86)
1 1	20.91.223.9 20.91.223.9	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	34.117.79.165 34.117.79.165	15169 (GOOGLE) (GOOGLE)
1 10	185.128.34.96 185.128.34.96	29396 (EUROFIBER...) (EUROFIBER-UNET EUROFIBER)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	5

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

permido.page.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.229.172.147 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

20.229.172.147	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.237.33.50 (Netherlands)

ASN8455 (ATOM86-AS ATOM86, NL)

www.geoplugin.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.91.223.9 (Gävle, Sweden) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.shortcoffe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.79.165 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 165.79.117.34.bc.googleusercontent.com

www.lpredirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.128.34.96 (Netherlands) 1 redirects

ASN29396 (EUROFIBER-UNET EUROFIBER, NL)

packofhappiness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

trk-consulatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

event.trk-consulatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	packofhappiness.com 1 redirects packofhappiness.com	800 KB
5	trk-consulatu.com trk-consulatu.com — Cisco Umbrella Rank: 27678 event.trk-consulatu.com — Cisco Umbrella Rank: 67298	3 KB
1	lpredirect.com 1 redirects www.lpredirect.com — Cisco Umbrella Rank: 423765	495 B
1	shortcoffe.com 1 redirects www.shortcoffe.com	580 B
1	geoplugin.net www.geoplugin.net — Cisco Umbrella Rank: 40749	2 KB
1	page.link 1 redirects permido.page.link	1 KB
16	6

	Domain	Requested by
10	packofhappiness.com	1 redirects 20.229.172.147 packofhappiness.com
4	event.trk-consulatu.com	trk-consulatu.com
1	trk-consulatu.com	packofhappiness.com
1	www.lpredirect.com	1 redirects
1	www.shortcoffe.com	1 redirects
1	www.geoplugin.net	20.229.172.147
1	permido.page.link	1 redirects
16	7

This site contains no links.

Subject Issuer	Validity	Valid
packofhappiness.com R3	`2022-04-11` - `2022-07-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-01` - `2022-08-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783
Frame ID: E61C249DF67E8FD4ED69A0138CCD24A2
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

(1) Notification

Page URL History Show full URLs

https://permido.page.link/Ak1i HTTP 302
http://20.229.172.147/ezmeralda/14206.html Page URL
https://www.shortcoffe.com/3D2JC5Q/W5JQZ63/ HTTP 302
https://www.lpredirect.com/24QSBG/BL18NW5/?source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0 HTTP 302
https://packofhappiness.com/B3V00MQUMK/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2c... HTTP 302
https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&s... Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Page Statistics

16
Requests

88 %
HTTPS

38 %
IPv6

6
Domains

7
Subdomains

5
IPs

4
Countries

805 kB
Transfer

808 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://permido.page.link/Ak1i HTTP 302
http://20.229.172.147/ezmeralda/14206.html Page URL
https://www.shortcoffe.com/3D2JC5Q/W5JQZ63/ HTTP 302
https://www.lpredirect.com/24QSBG/BL18NW5/?source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0 HTTP 302
https://packofhappiness.com/B3V00MQUMK/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783 HTTP 302
https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://permido.page.link/Ak1i HTTP 302
http://20.229.172.147/ezmeralda/14206.html

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

14206.html Show response
20.229.172.147/ezmeralda/
Redirect Chain

https://permido.page.link/Ak1i
http://20.229.172.147/ezmeralda/14206.html

517 B
660 B

43ms
21ms

Document
text/html

20.229.172.147
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://20.229.172.147/ezmeralda/14206.html
Protocol: HTTP/1.1
Server: 20.229.172.147 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 8c4eeed52608007cedb4225491a67673c8749e6cdb167b851bcc0b9ca2d4d483

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 323
Content-Type: text/html
Date: Sat, 25 Jun 2022 10:55:51 GMT
ETag: "205-5e208694fb380-gzip"
Keep-Alive: timeout=5, max=100
Last-Modified: Wed, 22 Jun 2022 12:23:58 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: script-src 'report-sample' 'nonce-CTujRCsrSQtv0Yi-3mEtNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-CTujRCsrSQtv0Yi-3mEtNw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
content-type: application/binary
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: same-site
date: Sat, 25 Jun 2022 10:55:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: http://20.229.172.147/ezmeralda/14206.html
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H/1.1 200
OK javascript.gp Show response
www.geoplugin.net/ 2 KB
2 KB 66ms
23ms Script
application/javascript 178.237.33.50
ATOM86-AS ATOM86

General

Check archive.org

Show headers Download Go to

Full URL: http://www.geoplugin.net/javascript.gp
Requested by: Host: 20.229.172.147
URL: http://20.229.172.147/ezmeralda/14206.html
Protocol: HTTP/1.1
Server: 178.237.33.50 , Netherlands, ASN8455 (ATOM86-AS ATOM86, NL),
Reverse DNS
Software: Apache /
Resource Hash: eed7096ed463abbfa1f21e5fc1745ca1afe377f1b5b4ffbe669de47e14f2bf67

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://20.229.172.147/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 25 Jun 2022 12:11:41 GMT
cache-control: public, max-age=300
server: Apache
content-length: 1538
content-type: application/javascript; charset=utf-8

GET
H2

200

Primary Request / Show response
packofhappiness.com/
Redirect Chain

https://www.shortcoffe.com/3D2JC5Q/W5JQZ63/
https://www.lpredirect.com/24QSBG/BL18NW5/?source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0
https://packofhappiness.com/B3V00MQUMK/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783
https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783

13 KB
13 KB

40ms
39ms

Document
text/html

185.128.34.96
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783
Requested by: Host: 20.229.172.147
URL: http://20.229.172.147/ezmeralda/14206.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.128.34.96 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software: lighttpd/1.4.59 /
Resource Hash: a4aba0ba4d6d8cddf40e19cfbd91cd3334f82f82e216e8247b4d82b1d61d20ed

Request headers

Referer: http://20.229.172.147/ezmeralda/14206.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
content-length: 13526
content-type: text/html
date: Sat, 25 Jun 2022 10:55:52 GMT
etag: "1360702714"
last-modified: Sat, 25 Jun 2022 08:29:39 GMT
server: lighttpd/1.4.59

Redirect headers

content-length: 371
content-type: text/html
date: Sat, 25 Jun 2022 10:55:52 GMT
location: https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783
server: lighttpd/1.4.59

GET
H2 200 style.css
packofhappiness.com/css/ 10 KB
10 KB 21ms
20ms Stylesheet
text/css 185.128.34.96
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://packofhappiness.com/css/style.css
Requested by: Host: packofhappiness.com
URL: https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.128.34.96 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software: lighttpd/1.4.59 /
Resource Hash: d7d5bb9b629ed5ae56bc7554e970e42f083729f8ecf961a772828a067baa2bd0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 10:55:52 GMT
last-modified: Sat, 25 Jun 2022 08:29:39 GMT
server: lighttpd/1.4.59
accept-ranges: bytes
etag: "2364959425"
content-length: 10131
content-type: text/css; charset=utf-8

GET
H2 200 animate.min.css
packofhappiness.com/css/ 57 KB
57 KB 21ms
21ms Stylesheet
text/css 185.128.34.96
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://packofhappiness.com/css/animate.min.css
Requested by: Host: packofhappiness.com
URL: https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.128.34.96 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software: lighttpd/1.4.59 /
Resource Hash: 4c055e6d0d9ba2b8f1be4719110e92c1b9499ed0759f0d1c48fccd16a7b31dcf

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 10:55:53 GMT
last-modified: Sat, 25 Jun 2022 08:29:39 GMT
server: lighttpd/1.4.59
accept-ranges: bytes
etag: "3527896282"
content-length: 58139
content-type: text/css; charset=utf-8

GET
H2 200 logo.png
packofhappiness.com/images/ 157 KB
157 KB 21ms
20ms Image
image/png 185.128.34.96
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://packofhappiness.com/images/logo.png
Requested by: Host: packofhappiness.com
URL: https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.128.34.96 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software: lighttpd/1.4.59 /
Resource Hash: 9de8a10738e75812e1ed3ab870d91c384ab559267e67593f88d1d9be83f42793

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 10:55:53 GMT
last-modified: Sat, 25 Jun 2022 08:29:40 GMT
server: lighttpd/1.4.59
accept-ranges: bytes
etag: "2980222390"
content-length: 160841
content-type: image/png

GET
H2 200 package.png
packofhappiness.com/images/ 17 KB
17 KB 38ms
37ms Image
image/png 185.128.34.96
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://packofhappiness.com/images/package.png
Requested by: Host: packofhappiness.com
URL: https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.128.34.96 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software: lighttpd/1.4.59 /
Resource Hash: 3b19eeb21d7fbd9b8b260e57c2d9198f83732339a9e3cbd5d2264f77e722df26

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 10:55:53 GMT
last-modified: Sat, 25 Jun 2022 08:29:40 GMT
server: lighttpd/1.4.59
accept-ranges: bytes
etag: "1692831817"
content-length: 17622
content-type: image/png

GET
H2 200 loading.gif
packofhappiness.com/images/ 496 KB
497 KB 38ms
37ms Image
image/gif 185.128.34.96
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://packofhappiness.com/images/loading.gif
Requested by: Host: packofhappiness.com
URL: https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.128.34.96 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software: lighttpd/1.4.59 /
Resource Hash: fc85702baca03c9e5cea9b68ee081a4fcb99d8ab9c028772dc69e908208128f7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 10:55:53 GMT
last-modified: Sat, 25 Jun 2022 08:29:40 GMT
server: lighttpd/1.4.59
accept-ranges: bytes
etag: "1014995742"
content-length: 508135
content-type: image/gif

GET
H2 200 check.png
packofhappiness.com/images/ 18 KB
18 KB 39ms
38ms Image
image/png 185.128.34.96
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://packofhappiness.com/images/check.png
Requested by: Host: packofhappiness.com
URL: https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.128.34.96 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software: lighttpd/1.4.59 /
Resource Hash: ddc9f495fa5ffd2acaa85dcfc467f54155a759fc7b86b920e6cce7551ceee14d

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 10:55:53 GMT
last-modified: Sat, 25 Jun 2022 08:29:40 GMT
server: lighttpd/1.4.59
accept-ranges: bytes
etag: "4086190569"
content-length: 18285
content-type: image/png

GET
H2 200 product.png
packofhappiness.com/images/ 17 KB
18 KB 39ms
39ms Image
image/png 185.128.34.96
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://packofhappiness.com/images/product.png
Requested by: Host: packofhappiness.com
URL: https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.128.34.96 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software: lighttpd/1.4.59 /
Resource Hash: a4620f05d5ff31862aae5884d532cc113293243adb929ba49b228c083bdbf19b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 10:55:53 GMT
last-modified: Sat, 25 Jun 2022 08:29:40 GMT
server: lighttpd/1.4.59
accept-ranges: bytes
etag: "3479097833"
content-length: 17911
content-type: image/png

GET
H2 200 script.js Show response
packofhappiness.com/js/ 13 KB
13 KB 38ms
37ms Script
application/javascript 185.128.34.96
EUROFIBER-UNET EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://packofhappiness.com/js/script.js
Requested by: Host: packofhappiness.com
URL: https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.128.34.96 , Netherlands, ASN29396 (EUROFIBER-UNET EUROFIBER, NL),
Reverse DNS
Software: lighttpd/1.4.59 /
Resource Hash: 6b83282d850d687d049f53f4fd97aec0aa73981c65e77ea38487ae5500c05767

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 10:55:53 GMT
last-modified: Sat, 25 Jun 2022 08:29:41 GMT
server: lighttpd/1.4.59
accept-ranges: bytes
etag: "2682428856"
content-length: 13325
content-type: application/javascript

GET
H2 200 64d5p99gj0 Show response
trk-consulatu.com/scripts/push/script/ 7 KB
3 KB 187ms
121ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=packofhappiness.com

Requested by

Host: packofhappiness.com
URL: https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b39d2cee7d9bfa50cea53ae872b7ab7c18f077d9650ccf026c54eec853e3fcff

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://packofhappiness.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 10:55:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrMc5dhpjZ5AgTnn9aoOfSYkR8jvFSIvFHl9%2BMhcoUTSD%2B%2F6nEkK8tutbw6VWUfTXfayYH5YYN2qutpChPpetaL%2FO%2F8qql0KwY813%2FwRwIMGGgPeOm9WfsozQDp8rTbOgS7FsRWZhyThmXRO3Fculw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-ray: 720d2c64fceeedef-CDG
expires: 0

POST
H3 200 q5ejjv22e0
event.trk-consulatu.com/register/event_log/ 0
0 139ms
122ms Fetch 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/q5ejjv22e0

Requested by

Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=packofhappiness.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://packofhappiness.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/json

Response headers

date: Sat, 25 Jun 2022 10:55:53 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fm9iOdM0vVWOlwxrVCCkmWwfwLAw9rGNQQ1u6iQNXslnFWE15LBEpmsn0COg15Ohd0Q5c%2BAnUAQ8MA0j6onGQIYHNrByIOMgdNDGq8d6vND47AHMtMSFI7gG3Yqik3bsiD64Kt%2F1HRp%2B%2FgkBP8v4cWNm4hRZHw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://packofhappiness.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 720d2c67fb80404f-CDG
x-pushplatformapp-params

OPTIONS
H2 200 q5ejjv22e0
event.trk-consulatu.com/register/event_log/ 0
0 168ms
119ms Preflight 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-consulatu.com/register/event_log/q5ejjv22e0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://packofhappiness.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://packofhappiness.com
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 720d2c671ab832c2-CDG
content-length: 0
date: Sat, 25 Jun 2022 10:55:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4X%2B1PdOHUcq56yyaZQfgMilGW326Q6T55I7%2BvnQgEbNvigrODkC8RiK1m9brLatYLHa9fZb2jochqVsSPHYfVdOk6xgaPdl2OHmcGwD1x2x3zRIJbtrbukRLHeWTAHqKbNG4KsH40JZ0%2FxMZKsFhc9tO%2F8ETw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H3 200 q5ejjv22e0
event.trk-consulatu.com/register/event_log/ 0
0 143ms
119ms Fetch 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://event.trk-consulatu.com/register/event_log/q5ejjv22e0

Requested by

Host: trk-consulatu.com
URL: https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=packofhappiness.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://packofhappiness.com/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/json

Response headers

date: Sat, 25 Jun 2022 10:55:53 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
expires: 0
server: cloudflare
x-frame-options: DENY
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKDFY6OTZ5ROGZAz3ia3ykrxTw0NAyOq%2FR9nu7xdhPU65NIErNoXaENBRaGyAfifz9CKWtVtkVpBWGhpgtrj4NzS%2Bii8PM7zvdQiks1zTF3BKgnZNzVYfDF%2Bk4jIRkAg0gnrSp%2BUaTrmkoK48QyKQ9G7PbBgOg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://packofhappiness.com
access-control-expose-headers: Authorization, Link, X-Total-Count
cache-control: no-cache, no-store, max-age=0, must-revalidate
feature-policy: geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
access-control-allow-credentials: true
cf-ray: 720d2c67fb86404f-CDG
x-pushplatformapp-params

OPTIONS
H2 200 q5ejjv22e0
event.trk-consulatu.com/register/event_log/ 0
0 161ms
112ms Preflight 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://event.trk-consulatu.com/register/event_log/q5ejjv22e0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://packofhappiness.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://packofhappiness.com
access-control-expose-headers: Authorization, Link, X-Total-Count
access-control-max-age: 1800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 720d2c671aba32c2-CDG
content-length: 0
date: Sat, 25 Jun 2022 10:55:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L0iXNmVFv3CO0lihGy%2Fpx1x2Koi3fxc%2F6s0rzuGB%2BqwBqdBFr0MnfcakJI6OYGvTByiRJLFSgDMgmuOi%2BiFTsOOYkks4JeROoNJXl8GA8ioqKZhPBpMvre5U7mNAnDbkDxzsj1Z%2F8%2FcZTIWONjL6zCGIPOWATw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Tracking (Transportation)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.lpredirect.com/	1970-01-21 04:02:34	Name: uniqueClick_BL18NW5 Value: 5629218a-bb4c-42e0-a63a-e5374a6159e8:1656154552
www.lpredirect.com/	1970-01-20 06:12:10	Name: transaction_id Value: 63902e3c6d004978a2fe41c530525783
packofhappiness.com/	1969-12-31 23:59:59	Name: SESSIONIDS Value: B3V00MQUMK

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://packofhappiness.com/?encoded_value=24QSBG&source_id=1477&sub1=04724bdaa0794b65b142b2cdf57677c0&sub2=&sub3=&sub4=&sub5=&tid=63902e3c6d004978a2fe41c530525783 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

event.trk-consulatu.com
packofhappiness.com
permido.page.link
trk-consulatu.com
www.geoplugin.net
www.lpredirect.com
www.shortcoffe.com
178.237.33.50
185.128.34.96
20.229.172.147
20.91.223.9
2a00:1450:4001:828::200e
2a06:98c1:3120::3
2a06:98c1:3121::3
34.117.79.165
3b19eeb21d7fbd9b8b260e57c2d9198f83732339a9e3cbd5d2264f77e722df26
4c055e6d0d9ba2b8f1be4719110e92c1b9499ed0759f0d1c48fccd16a7b31dcf
6b83282d850d687d049f53f4fd97aec0aa73981c65e77ea38487ae5500c05767
8c4eeed52608007cedb4225491a67673c8749e6cdb167b851bcc0b9ca2d4d483
9de8a10738e75812e1ed3ab870d91c384ab559267e67593f88d1d9be83f42793
a4620f05d5ff31862aae5884d532cc113293243adb929ba49b228c083bdbf19b
a4aba0ba4d6d8cddf40e19cfbd91cd3334f82f82e216e8247b4d82b1d61d20ed
b39d2cee7d9bfa50cea53ae872b7ab7c18f077d9650ccf026c54eec853e3fcff
d7d5bb9b629ed5ae56bc7554e970e42f083729f8ecf961a772828a067baa2bd0
ddc9f495fa5ffd2acaa85dcfc467f54155a759fc7b86b920e6cce7551ceee14d
eed7096ed463abbfa1f21e5fc1745ca1afe377f1b5b4ffbe669de47e14f2bf67
fc85702baca03c9e5cea9b68ee081a4fcb99d8ab9c028772dc69e908208128f7

packofhappiness.com Open in urlscan Pro 185.128.34.96 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

88 %HTTPS

38 %IPv6

6 Domains

7 Subdomains

5 IPs

4 Countries

805 kBTransfer

808 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

22 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

packofhappiness.com Open in urlscan Pro
185.128.34.96 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

88 %
HTTPS

38 %
IPv6

6
Domains

7
Subdomains

5
IPs

4
Countries

805 kB
Transfer

808 kB
Size

3
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!