scam-warning.candeago.dev Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://scam-warning.candeago.dev/
Submission: On December 23 via automatic, source certstream-suspicious (December 23rd 2022, 1:26:33 pm UTC) — Scanned from NL

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is scam-warning.candeago.dev.
TLS certificate: Issued by R3 on December 23rd 2022. Valid for: 3 months.

This is the only time scam-warning.candeago.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2

9 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

scam-warning.candeago.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	candeago.dev scam-warning.candeago.dev	171 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 999	6 KB
10	2

	Domain	Requested by
9	scam-warning.candeago.dev	scam-warning.candeago.dev static.cloudflareinsights.com
1	static.cloudflareinsights.com	scam-warning.candeago.dev
10	2

This site contains no links.

Subject Issuer	Validity	Valid
scam-warning.candeago.dev R3	`2022-12-23` - `2023-03-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://scam-warning.candeago.dev/
Frame ID: BE2A70343694ABC738A1CAA10B2BBFEB
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Terra Scam Warning

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

10
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

178 kB
Transfer

281 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
scam-warning.candeago.dev/ 1 KB
1 KB 150ms
93ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scam-warning.candeago.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

367bfef350e6ef00f5b0a188fa03bd0729580b4e1aa8bd56a4ebc6eafea09a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77e16dde1cf71c88-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 23 Dec 2022 13:26:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Ib6h%2BuUWj1LQNuNeee%2Fux78rDCYufkq77fa5MIaGjdLAk4W86t%2BBITVz0gwmT6q%2Bo1czd7ltDwcPFfEtBf1FRfpFkcIeRf7lnKp0lYzJJfvQDW9%2BMbl83NimXpKrLcLx5BtMxGVqIZdOXwEAt2%2F5fqNa1UgwkUH"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 main.b769d3bf.css
scam-warning.candeago.dev/static/css/ 2 KB
1 KB 109ms
108ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scam-warning.candeago.dev/static/css/main.b769d3bf.css

Requested by

Host: scam-warning.candeago.dev
URL: https://scam-warning.candeago.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70560386de4657e1f3e2e123a74ae95357cffe3622e2aa27f1c5d0011152abac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://scam-warning.candeago.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 13:26:28 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"8c94dc1b845aed8a35b76393efe78cc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtCO1M6hrFUmjIKSeEC3lCZPkLpgIvjylTnt0Sis2B4BF%2BToHKaYw7DeO5sn53K%2BtQOKRM8jIeBmtahS1d3X7MleBvLcJNgRcRttSIzbAGWBo%2FMlXJvR8q4KCnYyv7joHyf7ARwq0bTbwl17tI7AE92R0pST%2BbT0"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 77e16ddebdf01c88-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 rocket-loader.min.js Show response
scam-warning.candeago.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 29ms
29ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scam-warning.candeago.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: scam-warning.candeago.dev
URL: https://scam-warning.candeago.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://scam-warning.candeago.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 13:26:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Dec 2022 16:36:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63a1e484-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDmIM6x5PdvDMUQUnSNrc6YL99NOMgPpnC4wFweop8HmbCWPr7HfI%2FBRbRRNeWAvcEcmYSnQEzL3L%2Bl8OJUM6FFYgRmMCjLEuqoF1HwzqtjNumRRdbPY0oREzOqi5KHyomP%2BxuZttcJsgMl%2FTmxVl85t6eWxEyXO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 77e16ddebdf31c88-AMS
expires: Sun, 25 Dec 2022 13:26:28 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 123ms
69ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: scam-warning.candeago.dev
URL: https://scam-warning.candeago.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://scam-warning.candeago.dev/
Origin: https://scam-warning.candeago.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 13:26:29 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 77e16ddf2aefb7dc-AMS

GET
H3 200 main.5e5a306e.js Show response
scam-warning.candeago.dev/static/js/ 129 KB
43 KB 106ms
105ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scam-warning.candeago.dev/static/js/main.5e5a306e.js

Requested by

Host: scam-warning.candeago.dev
URL: https://scam-warning.candeago.dev/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e25f34ade69964ed6df3bb154409738ec3b25bcad6e0a7ee1461758012fce124

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://scam-warning.candeago.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 13:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3b16ffecc0a3f97c10496a43264b6d8c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KuNW0DoSyLEztTcvYrnNoEhkUSY9hUYS4WFDCgbVra0PZOLH8HCZYrXj0hh21rOlImYhYKE%2FzukQmWJGokTv3p3uBhUmkC%2FUvYwt9rC9LsNpEu1qITOeRhIZyZJtGpF3%2Bx%2FzDmuxjvQorhuw9z0kt4FiFa2Iy48c"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 77e16ddf6cd30e50-AMS
priority: u=1,i=?0

GET
H3 200 warning.b2047343c13f29123e224a91c24b6cbe.svg
scam-warning.candeago.dev/static/media/ 207 B
712 B 150ms
149ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scam-warning.candeago.dev/static/media/warning.b2047343c13f29123e224a91c24b6cbe.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2dc70e9d3732131883bfaef16ccbc7bda22c6aaf2b660407b1fafeb2bb6c89a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://scam-warning.candeago.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 13:26:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"114e25920e9118c1212e66ca04d35c1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5spELfgKtyhRLtieaWIBUpf7JPf3H1K22EDQAYYDhRnX3T8qcCYDqMYUJXmGcNsuEQnvqyHnSf4DtnyEbYO7P0nMMqcJqP0foUfGwJ%2BEvww9X5H9RwvPc1M2a6Q4L49v6Hxew6G04pQIapORSZDD7B%2Fkf9Klzj8D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 77e16de07e550e50-AMS
priority: u=3,i=?0

GET
H3 200 Gotham-Bold_Web.d23d96aefe768329255e.woff2
scam-warning.candeago.dev/static/media/ 38 KB
39 KB 123ms
122ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scam-warning.candeago.dev/static/media/Gotham-Bold_Web.d23d96aefe768329255e.woff2

Requested by

Host: scam-warning.candeago.dev
URL: https://scam-warning.candeago.dev/static/css/main.b769d3bf.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

319881caca6f5f0d1e8e24040579d93386008e39dee1045965124b86303143e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://scam-warning.candeago.dev/static/css/main.b769d3bf.css
Origin: https://scam-warning.candeago.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 13:26:29 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39264
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "d4db803e3eb413f960f7f100682a9cd9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfxyWfnv%2Bgu5QQ59I5MKvh5nfy2scIDb0hHJ19gPgNkRqakwknJAe3KzpOT0dbciQaNMTqdaR1S7LXGHR4iSUAKJ7B9EMN15Fl47AHGgetQDuPN8pRGtp8nWEj9RsfWQWhjkOOQPJzFN%2FLL%2B%2F5GleEguf3LM5yb1"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 77e16de07e5b0e50-AMS
priority: u=0,i=?0

GET
H3 200 Gotham-Book_Web.7fa96aa06775160ee646.woff2
scam-warning.candeago.dev/static/media/ 41 KB
41 KB 98ms
97ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scam-warning.candeago.dev/static/media/Gotham-Book_Web.7fa96aa06775160ee646.woff2

Requested by

Host: scam-warning.candeago.dev
URL: https://scam-warning.candeago.dev/static/css/main.b769d3bf.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f51250e2d3ef478f59bc89cb67681b5ed423f8f8dc22062fb49e101e5032a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://scam-warning.candeago.dev/static/css/main.b769d3bf.css
Origin: https://scam-warning.candeago.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 13:26:29 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41728
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "3206c281a991dd357e97d8e82c239d74"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMJa226NuIE5pTUAEXGik1Jdr%2FaDgUk076KnyJYcAGyqXb9R6QgvcYacpn0EoSIv2EcLztsX%2Bs%2Flsz65y5HTdvv3Dh2yuEuKSMpodc1VcbHz29TdXt6lHZOADlgXkyjovBTUQ6CFP7vA%2BvarDSF6H4Qz2tzR6XA%2F"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 77e16de07e5f0e50-AMS
priority: u=0,i=?0

GET
H3 200 Gotham-Medium_Web.1ddab6f832b5d19ddd8f.woff2
scam-warning.candeago.dev/static/media/ 41 KB
41 KB 125ms
124ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scam-warning.candeago.dev/static/media/Gotham-Medium_Web.1ddab6f832b5d19ddd8f.woff2

Requested by

Host: scam-warning.candeago.dev
URL: https://scam-warning.candeago.dev/static/css/main.b769d3bf.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba17f8257b1f710aa0e7136f4bd4b91a9a7db4f9cac2c409caf8708a64787303

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://scam-warning.candeago.dev/static/css/main.b769d3bf.css
Origin: https://scam-warning.candeago.dev
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 13:26:29 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41488
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "fb1927b409c2d7630bae71265f0ce036"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXpePs9nwQMVp2MX2JUkjQmzAWlmwEcpHdWCxSO1AlSCheFNAG5xJ2PFOtR1sbm884yFyCQDa%2F9MI%2Bt0V537NeJy52XFUm8JBKUWwq3rgD8mcXYjrZ1uG4zVxUE7Ew2ydkVFPeiY5F6kMU5KVVi%2FVonoeritEw0V"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 77e16de07e630e50-AMS
priority: u=0,i=?0

POST
H3 204 rum Show response
scam-warning.candeago.dev/cdn-cgi/ 0
148 B 28ms
28ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://scam-warning.candeago.dev/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://scam-warning.candeago.dev/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Fri, 23 Dec 2022 13:26:29 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://scam-warning.candeago.dev
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 77e16de08e740e50-AMS

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| __cfQR object| __cfBeacon boolean| __cfRLUnblockHandlers

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

scam-warning.candeago.dev
static.cloudflareinsights.com
2606:4700::6810:3865
2a06:98c1:3121::3
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
319881caca6f5f0d1e8e24040579d93386008e39dee1045965124b86303143e1
367bfef350e6ef00f5b0a188fa03bd0729580b4e1aa8bd56a4ebc6eafea09a2e
3f51250e2d3ef478f59bc89cb67681b5ed423f8f8dc22062fb49e101e5032a2e
70560386de4657e1f3e2e123a74ae95357cffe3622e2aa27f1c5d0011152abac
ba17f8257b1f710aa0e7136f4bd4b91a9a7db4f9cac2c409caf8708a64787303
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e25f34ade69964ed6df3bb154409738ec3b25bcad6e0a7ee1461758012fce124
e2dc70e9d3732131883bfaef16ccbc7bda22c6aaf2b660407b1fafeb2bb6c89a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

scam-warning.candeago.dev Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

178 kBTransfer

281 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

scam-warning.candeago.dev Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

178 kB
Transfer

281 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions