cxae.pagedemo.co Open in urlscan Pro
2606:4700::6812:ab6  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response cxae.pagedemo.co/	33 KB 9 KB	210ms 169ms	Document text/html	2606:4700::6812:ab6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cxae.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:ab6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4a7be77772d298a18a37887ce31a40fd140a2e2a2ced9c08a9f0797930fb06b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers access-control-allow-origin * cf-cache-status DYNAMIC cf-ray 7f594e0f3f5483af-MXP content-encoding gzip content-type text/html; charset=utf-8 date Sat, 12 Aug 2023 14:10:59 GMT etag W/"84b3-0R1oDhkYjj9h1gg0e7kLKFM/Ix8" server cloudflare vary Accept-Encoding via 1.1 google
GET H2	200	utils.caf3cb3cbfc9daf60148.js Show response g.fastcdn.co/js/	56 KB 20 KB	66ms 18ms	Script application/javascript	35.244.137.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/utils.caf3cb3cbfc9daf60148.js Requested by Host: cxae.pagedemo.co URL: https://cxae.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash 93e5ef168d7766caf27fcf113893c110f9dc224c8e9540775ea24a78c686752a Request headers accept-language it-IT,it;q=0.9 Referer https://cxae.pagedemo.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Wed, 02 Aug 2023 22:13:15 GMT content-encoding gzip age 835064 x-guploader-uploadid ADPycdvIKYRUzcdLue1U2tHGoZd8O-TyNKLGVA7Fy490qVTH4cDrv0rFnX7BLl9mLZi_Y1EawRm0I_Jr_GsI-roy1bBzGwr9902S x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19562 last-modified Wed, 02 Aug 2023 19:39:36 GMT server UploadServer etag "2153ce3110d661161076411b673b6f7d" vary Accept-Encoding x-goog-generation 1691005176525411 x-goog-hash crc32c=bQkfFA==, md5=IVPOMRDWYRYQdkEbZztvfQ== content-type application/javascript cache-control public, max-age=31536000 x-goog-stored-content-length 19562 accept-ranges bytes expires Thu, 01 Aug 2024 22:13:15 GMT
GET H2	200	Cradle.c9144221d5b5d6147353.js Show response g.fastcdn.co/js/	15 KB 4 KB	70ms 23ms	Script application/javascript	35.244.137.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/Cradle.c9144221d5b5d6147353.js Requested by Host: cxae.pagedemo.co URL: https://cxae.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash ecc3883f7b177edcd6a59dcdb4f957cba8a1df5180202fcd3f30bd33dd6f7d7b Request headers accept-language it-IT,it;q=0.9 Referer https://cxae.pagedemo.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 07 Aug 2023 14:28:34 GMT content-encoding gzip age 430945 x-guploader-uploadid ADPycdtxDC_284q0kUsetEWVZoJnOIr_HY_oe9Obt_pZDyofA-dUdyOT_K_q4h05LEBn0fvUmeaZ0v5zwlldWNEXxIQQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4001 last-modified Mon, 07 Aug 2023 13:45:40 GMT server UploadServer etag "83131494fd187537d0742a06ac0791a9" vary Accept-Encoding x-goog-generation 1691415940572375 x-goog-hash crc32c=Tt9fJA==, md5=gxMUlP0YdTfQdCoGrAeRqQ== content-type application/javascript cache-control public, max-age=31536000 x-goog-stored-content-length 4001 accept-ranges bytes expires Tue, 06 Aug 2024 14:28:34 GMT
GET H2	200	64469025-0-11111.png v.fastcdn.co/u/41e81252/	253 KB 253 KB	423ms 383ms	Image image/png	2606:4700::6812:8e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://v.fastcdn.co/u/41e81252/64469025-0-11111.png Requested by Host: cxae.pagedemo.co URL: https://cxae.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e69f8d0e838453201b6e459e07bfb1cca5f976083f0d46836fb6f43696787518 Request headers accept-language it-IT,it;q=0.9 Referer https://cxae.pagedemo.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 14:10:59 GMT cf-cache-status MISS x-guploader-uploadid ADPycdsQf0L9NzcI-Vh3yW3DK8A5Mk0bmmlNOkV-tzQirkDHT8yd1G5pmwoMyuhSOQQgu3c6ei9MsYMS7fSOihb-rLaFjw x-goog-meta-content-length 0 x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-meta-expires Tue, 01 Oct 2024 07:00:29 GMT content-length 258873 last-modified Fri, 11 Aug 2023 15:00:30 GMT server cloudflare etag "0d4da4745acfe0dcda0e1b8688ad2403" vary Accept-Encoding x-goog-generation 1691766030083252 content-type image/png x-goog-hash crc32c=zdNHRA==, md5=DU2kdFrP4NzaDhuGiK0kAw== cache-control public, max-age=315360000 x-goog-stored-content-length 258873 accept-ranges bytes cf-ray 7f594e112ab0ba97-MXP expires Tue, 09 Aug 2033 14:10:59 GMT
GET H2	200	64469023-0-photo-2023-05-05-22-.jpg v.fastcdn.co/u/41e81252/	1 KB 2 KB	210ms 170ms	Image image/jpeg	2606:4700::6812:8e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://v.fastcdn.co/u/41e81252/64469023-0-photo-2023-05-05-22-.jpg Requested by Host: cxae.pagedemo.co URL: https://cxae.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb527e80775048dfe8b22f08fd16696b723d744346e151442a6190174e06e658 Request headers accept-language it-IT,it;q=0.9 Referer https://cxae.pagedemo.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 14:10:59 GMT cf-cache-status MISS x-guploader-uploadid ADPycdt-bqaGKTN-iK6O6BUB14jJNxCtpGXa4yQaGd7RauYD2arWxg_GsBnVPc4eVMze9lrCwgqMSB0axCpMK64nKmURZA x-goog-meta-content-length 0 x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-meta-expires Tue, 01 Oct 2024 07:00:29 GMT content-length 1493 last-modified Fri, 11 Aug 2023 15:00:29 GMT server cloudflare etag "556a787f1019b3d481364de90b93ae56" vary Accept-Encoding x-goog-generation 1691766029195738 content-type image/jpeg x-goog-hash crc32c=+Vkheg==, md5=VWp4fxAZs9SBNk3pC5OuVg== cache-control public, max-age=315360000 x-goog-stored-content-length 1493 accept-ranges bytes cf-ray 7f594e112ab8ba97-MXP expires Tue, 09 Aug 2033 14:10:59 GMT
GET H2	200	64469022-0-photo-2023-03-22-23-.jpg v.fastcdn.co/u/41e81252/	669 B 905 B	259ms 219ms	Image image/jpeg	2606:4700::6812:8e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://v.fastcdn.co/u/41e81252/64469022-0-photo-2023-03-22-23-.jpg Requested by Host: cxae.pagedemo.co URL: https://cxae.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 57b8ccbdf5dd4eb0be2dc829239b969028882fcc441fa1434faf1aa9d48cc137 Request headers accept-language it-IT,it;q=0.9 Referer https://cxae.pagedemo.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 14:10:59 GMT cf-cache-status MISS x-guploader-uploadid ADPycdvLq0TJY6mu0MGbJVGIvd2E9q5_ir_BM2U9_Sqk3axMWMwQmad4MfUceeLJOu19RwNXUzPkpL650FZA0nDpUwu0CGtcgyBO x-goog-meta-content-length 0 x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-meta-expires Tue, 01 Oct 2024 07:00:29 GMT content-length 669 last-modified Fri, 11 Aug 2023 15:00:29 GMT server cloudflare etag "ee84b9d96240fd0418a1dfa82b4c99c7" vary Accept-Encoding x-goog-generation 1691766029202195 content-type image/jpeg x-goog-hash crc32c=E+4gIw==, md5=7oS52WJA/QQYod+oK0yZxw== cache-control public, max-age=315360000 x-goog-stored-content-length 669 accept-ranges bytes cf-ray 7f594e112ab2ba97-MXP expires Tue, 09 Aug 2033 14:10:59 GMT
GET H2	200	64469021-0-photo-2023-02-23-22-.jpg v.fastcdn.co/u/41e81252/	453 B 684 B	226ms 186ms	Image image/jpeg	2606:4700::6812:8e3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://v.fastcdn.co/u/41e81252/64469021-0-photo-2023-02-23-22-.jpg Requested by Host: cxae.pagedemo.co URL: https://cxae.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8e3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 761d72de5ca135c88d178ecf90ee5c10288d9b58c1b9531fa2c10f74c8a28838 Request headers accept-language it-IT,it;q=0.9 Referer https://cxae.pagedemo.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 14:10:59 GMT cf-cache-status MISS x-guploader-uploadid ADPycdsJlntCG-LW1w8Zf-AdsGTSdQvv20tyHmmi9ktz82j6RszSygih3jCGjPsw7tu_wA5oOOKVoROLTU9OuTlCgCt7fg x-goog-meta-content-length 0 x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-meta-expires Tue, 01 Oct 2024 07:00:29 GMT content-length 453 last-modified Fri, 11 Aug 2023 15:00:29 GMT server cloudflare etag "570d81ecbc4a9720993a5c68818a61f3" vary Accept-Encoding x-goog-generation 1691766029132362 content-type image/jpeg x-goog-hash crc32c=PulrQQ==, md5=Vw2B7LxKlyCZOlxogYph8w== cache-control public, max-age=315360000 x-goog-stored-content-length 453 accept-ranges bytes cf-ray 7f594e112ab6ba97-MXP expires Tue, 09 Aug 2033 14:10:59 GMT
GET H2	200	LazyImage.59626ef3f961b8927cb6.js Show response g.fastcdn.co/js/	2 KB 1 KB	18ms 18ms	Script application/javascript	35.244.137.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/LazyImage.59626ef3f961b8927cb6.js Requested by Host: cxae.pagedemo.co URL: https://cxae.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash 047794317b70504540fd8504bd67eec9a33e7e7b9558fb2f73a0a0de663a51c3 Request headers accept-language it-IT,it;q=0.9 Referer https://cxae.pagedemo.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Wed, 02 Aug 2023 20:21:15 GMT content-encoding gzip age 841784 x-guploader-uploadid ADPycdu7gR1V1nGLpcn29AHd7nqiSIqBH38bsUDT5Di2fc_xD9j1Fu1NVA2-sgxjM2eztibAcfq1mQTJFLTbkKVJwh2L x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1022 last-modified Wed, 02 Aug 2023 19:39:34 GMT server UploadServer etag "b0ae2275f5d011ac64917080661e4956" vary Accept-Encoding x-goog-generation 1691005174398665 x-goog-hash crc32c=ZP0ifA==, md5=sK4idfXQEaxkkXCAZh5JVg== content-type application/javascript cache-control public, max-age=31536000 x-goog-stored-content-length 1022 accept-ranges bytes expires Thu, 01 Aug 2024 20:21:15 GMT
GET H2	200	Form.cbe34601af62a2d8abaa.js Show response g.fastcdn.co/js/	90 KB 23 KB	18ms 18ms	Script application/javascript	35.244.137.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/Form.cbe34601af62a2d8abaa.js Requested by Host: cxae.pagedemo.co URL: https://cxae.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash 7bef30ad2af623b1a03ce58ee3d21eff18411ec82c10f1375a1bb3a7df3ce38d Request headers accept-language it-IT,it;q=0.9 Referer https://cxae.pagedemo.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Thu, 03 Aug 2023 15:11:24 GMT content-encoding gzip age 773975 x-guploader-uploadid ADPycdvwcT6S8-hpk06obOZc8TaA0qO1vOVKaaFsIijZA_1E9paG6MbIHQ7-05xC4N2uwqQLBS4ZIoP5F-CySB2qyid5yeDS9dDf x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22769 last-modified Thu, 03 Aug 2023 13:27:01 GMT server UploadServer etag "4c474a21cc452dceea41f23e8dcf381f" vary Accept-Encoding x-goog-generation 1691069220932562 x-goog-hash crc32c=9dQn6A==, md5=TEdKIcxFLc7qQfI+jc84Hw== content-type application/javascript cache-control public, max-age=31536000 x-goog-stored-content-length 22769 accept-ranges bytes expires Fri, 02 Aug 2024 15:11:24 GMT
GET H2	200	it.js Show response cdn.instapagemetrics.com/t/js/3/	54 KB 54 KB	58ms 17ms	Script text/javascript	34.36.17.181 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://cdn.instapagemetrics.com/t/js/3/it.js Requested by Host: cxae.pagedemo.co URL: https://cxae.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.36.17.181 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 181.17.36.34.bc.googleusercontent.com Software UploadServer / Resource Hash 853d7ef6b54d838c009d01e4857b499d7ec4f71f6fced1e2e3c463fd393ccb29 Request headers accept-language it-IT,it;q=0.9 Referer https://cxae.pagedemo.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Sat, 12 Aug 2023 13:56:07 GMT age 892 x-guploader-uploadid ADPycdtkp2y88fEzeGW90lslhVqJExckJJ7HdZxlBl5cw5DCuSfbZjKj2z7gvUe_H-LedXbJ-2wO-ZwobRakaFyC72_kyufWJ-fE x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 55266 last-modified Tue, 13 Jun 2023 11:21:34 GMT server UploadServer etag "eee931187060719ab17a352de2424e0c" x-goog-generation 1686655294888925 x-goog-hash crc32c=JVvUKA==, md5=7ukxGHBgcZqxejUt4kJODA== content-type text/javascript cache-control public,max-age=3600 x-goog-stored-content-length 55266 accept-ranges bytes
GET H2	200	sptw.cdb048b44f993aba3e69.js Show response g.fastcdn.co/js/	60 KB 20 KB	23ms 22ms	Script application/javascript	35.244.137.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/sptw.cdb048b44f993aba3e69.js Requested by Host: cxae.pagedemo.co URL: https://cxae.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash c1a80fb2192398e6c5ca97d4a7efc7bb92bb734dc8ee6fefc25399dc1d555a81 Request headers accept-language it-IT,it;q=0.9 Referer https://cxae.pagedemo.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Thu, 03 Aug 2023 14:23:31 GMT content-encoding gzip age 776848 x-guploader-uploadid ADPycdu6ZfAMCOdv1DvLB9SPLHVNnnLtA5QgqpHl8DK3CnZW-lRjITpS1bIJYIBOGRwUED1VkEs-rN9y2YAdzmI85P-vDqq6sMIC x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20036 last-modified Thu, 03 Aug 2023 13:27:02 GMT server UploadServer etag "f45dd54250d70fea6f62da3471aa05e9" vary Accept-Encoding x-goog-generation 1691069222885551 x-goog-hash crc32c=GfzCLA==, md5=9F3VQlDXD+pvYto0caoF6Q== content-type application/javascript cache-control public, max-age=31536000 x-goog-stored-content-length 20036 accept-ranges bytes expires Fri, 02 Aug 2024 14:23:31 GMT
GET H2	200	cm.js Show response g.fastcdn.co/js/	51 KB 18 KB	19ms 18ms	Script application/javascript	35.244.137.202 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://g.fastcdn.co/js/cm.js Requested by Host: cxae.pagedemo.co URL: https://cxae.pagedemo.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.137.202 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 202.137.244.35.bc.googleusercontent.com Software UploadServer / Resource Hash dd8625bfa35604f050e4dcc7ff10c2c31d7cdf1ce7bdf4cde0d0415dcc74e2fb Request headers accept-language it-IT,it;q=0.9 Referer https://cxae.pagedemo.co/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Wed, 02 Aug 2023 21:32:15 GMT content-encoding gzip age 837524 x-guploader-uploadid ADPycdslputpUc3n3ryznTX-euDybKhsn0ySReWtIkdzLhe7DZ_EpKf_PWAa8rsQgw9mrQOHuZEH2hkQ4G_7rM8kKWtAtP4HsFjv x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17906 last-modified Thu, 30 Jun 2022 02:12:17 GMT server UploadServer etag "8e466d98fa1f746c74b1b409d20a0cf3" vary Accept-Encoding x-goog-generation 1656555137097208 x-goog-hash crc32c=ZpZBfw==, md5=jkZtmPofdGx0sbQJ0goM8w== content-type application/javascript cache-control public, max-age=31536000 x-goog-stored-content-length 17906 accept-ranges bytes expires Thu, 01 Aug 2024 21:32:15 GMT
OPTIONS H2	200	two ec.instapagemetrics.com/t/	0 0	449ms 146ms	Preflight	34.71.95.65 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ec.instapagemetrics.com/t/two Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.71.95.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 65.95.71.34.bc.googleusercontent.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://cxae.pagedemo.co Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, SP-Anonymous access-control-allow-origin https://cxae.pagedemo.co access-control-max-age 5 content-length 0 date Sat, 12 Aug 2023 14:11:00 GMT referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=15724800; includeSubDomains x-content-type-options nosniff x-frame-options sameorigin
POST H2	200	two Show response ec.instapagemetrics.com/t/	2 B 338 B	443ms 148ms	XHR text/plain	34.71.95.65 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ec.instapagemetrics.com/t/two Requested by Host: cdn.instapagemetrics.com URL: https://cdn.instapagemetrics.com/t/js/3/it.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.71.95.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 65.95.71.34.bc.googleusercontent.com Software / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Referer https://cxae.pagedemo.co/ accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers date Sat, 12 Aug 2023 14:11:00 GMT strict-transport-security max-age=15724800; includeSubDomains referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff x-frame-options sameorigin content-type text/plain; charset=UTF-8 access-control-allow-origin https://cxae.pagedemo.co p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" access-control-allow-credentials true content-length 2

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __variantsData number| __page_id number| __customer_id number| __default_experience_id number| __version string| __variant number| __variant_id string| __variant_custom_name boolean| __preview number| __page_type string| __variant_hash string| __page_domain boolean| __page_generator object| __experiment_id object| _Translate object| trackingData object| GlobalSnowplowNamespace function| instapageSp function| _instapageSnowplow function| _instapageConsentManagement object| webpackChunk object| __eventBus function| IMask object| __config number| __workspaceWidth object| __session boolean| __cradleReady object| __featuresReady function| instapageForm object| __validators object| __forms object| _snowplowTrackerWrapper

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cxae.pagedemo.co/	1970-01-20 13:57:31	Name: instap-spses.4648 Value: *
			cxae.pagedemo.co/	1970-01-20 23:33:29	Name: instap-spid.4648 Value: d8a988b4-ee2b-4588-9694-0552dbee99b8.1691849460.1.1691849460.1691849460.ee4f6f3c-9b65-4fd5-aeb4-c8cdd723f1ae

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.instapagemetrics.com
cxae.pagedemo.co
ec.instapagemetrics.com
g.fastcdn.co
v.fastcdn.co
2606:4700::6812:8e3
2606:4700::6812:ab6
34.36.17.181
34.71.95.65
35.244.137.202
047794317b70504540fd8504bd67eec9a33e7e7b9558fb2f73a0a0de663a51c3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
57b8ccbdf5dd4eb0be2dc829239b969028882fcc441fa1434faf1aa9d48cc137
761d72de5ca135c88d178ecf90ee5c10288d9b58c1b9531fa2c10f74c8a28838
7bef30ad2af623b1a03ce58ee3d21eff18411ec82c10f1375a1bb3a7df3ce38d
853d7ef6b54d838c009d01e4857b499d7ec4f71f6fced1e2e3c463fd393ccb29
93e5ef168d7766caf27fcf113893c110f9dc224c8e9540775ea24a78c686752a
bb527e80775048dfe8b22f08fd16696b723d744346e151442a6190174e06e658
c1a80fb2192398e6c5ca97d4a7efc7bb92bb734dc8ee6fefc25399dc1d555a81
c4a7be77772d298a18a37887ce31a40fd140a2e2a2ced9c08a9f0797930fb06b
dd8625bfa35604f050e4dcc7ff10c2c31d7cdf1ce7bdf4cde0d0415dcc74e2fb
e69f8d0e838453201b6e459e07bfb1cca5f976083f0d46836fb6f43696787518
ecc3883f7b177edcd6a59dcdb4f957cba8a1df5180202fcd3f30bd33dd6f7d7b