marksspencer.net Open in urlscan Pro
2606:4700:3033::ac43:c2fe Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://marksspencer.net/
Effective URL:
https://marksspencer.net/
Submission: On July 06 via api (July 6th 2023, 6:47:17 pm UTC) from NL — Scanned from NL

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 2606:4700:3033::ac43:c2fe, located in United States and belongs to CLOUDFLARENET, US. The main domain is marksspencer.net.
TLS certificate: Issued by E1 on July 6th 2023. Valid for: 3 months.

This is the only time marksspencer.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::6815:3c58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:303... 2606:4700:3033::ac43:c2fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2

1 2606:4700:3033::6815:3c58 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

marksspencer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3033::ac43:c2fe (United States)

ASN13335 (CLOUDFLARENET, US)

marksspencer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	marksspencer.net 1 redirects marksspencer.net	399 KB
16	1

	Domain	Requested by
17	marksspencer.net	1 redirects marksspencer.net
16	1

This site contains no links.

Subject Issuer	Validity	Valid
marksspencer.net E1	`2023-07-06` - `2023-10-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://marksspencer.net/
Frame ID: 40DC583B98BD02805A166F33493AC2D9
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

marksspencer

Page URL History Show full URLs

http://marksspencer.net/ HTTP 301
https://marksspencer.net/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-
vue[.-]([\d.]*\d)[^/]*\.js

Page Statistics

16
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

422 kB
Transfer

895 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://marksspencer.net/ HTTP 301
https://marksspencer.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
marksspencer.net/
Redirect Chain

http://marksspencer.net/
https://marksspencer.net/

2 KB
1 KB

639ms
590ms

Document
text/html

2606:4700:3033::ac43:c2fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://marksspencer.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:c2fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89f17e2ff6fa2cbb9c00c9dfb350eec806bb5a69f442afa38d028a92382293b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e2a03bef86418e4-FRA
content-encoding: br
content-type: text/html
date: Thu, 06 Jul 2023 18:47:10 GMT
last-modified: Sun, 11 Jun 2023 09:36:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8v6X9CW9s8AbzsK%2BgNcr8TnTqlLPVrnEDPaC1JRmjc8w9bbwJsZ6FustUKHH7X6eM8YkvUBn94Y8H6fMbnXjuwGzI4I6zXySFOjZDjIh2dQgz%2BMCwqRsYfQxOlsBGqSxoh0gkrDF6wPZWp3vyK4n"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

CF-RAY: 7e2a03be78f51da4-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 06 Jul 2023 18:47:09 GMT
Expires: Thu, 06 Jul 2023 19:47:09 GMT
Location: https://marksspencer.net/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4B5G%2F7uagIX%2F8vWtlAMqZFhKGWPQPYA7NJ01dM25Ovmv6v52HTXslC3Oq%2Bc4%2BBOBpOhZ8Q5EfSdam%2FlGPQQsuOa78NpnNW9IHstujmX64h34TSmseq%2FrcQATQzKWYk8eV3B9saON74JPQyxM1v3"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 index-f9a6ce8c.js Show response
marksspencer.net/assets/ 160 KB
52 KB 1312ms
1310ms Script
application/javascript 2606:4700:3033::ac43:c2fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://marksspencer.net/assets/index-f9a6ce8c.js

Requested by

Host: marksspencer.net
URL: https://marksspencer.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:c2fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5fced099b8311126854a7c64997f0079d2f04b6e9a2a4bbeacf0bfcf0bbb681

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://marksspencer.net/
Origin: https://marksspencer.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:47:11 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 11 Jun 2023 09:36:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64859586-281ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QP7S4vFCCoOCiNi2S3J1IbhBSOMYNg%2FlnggRQNKmpZ2PFlQN1SSErz8zxJfTJdNPisd8c6ZOf6%2FHXZggJO24LNtmwNflZ%2BSHw%2Bi%2B0Q5d7uN7t%2FTF%2B0UDGgRR54OikDeCox%2FT82G1Bl0mcFKppblH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e2a03c2be0a18e4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 vue-2b9fd4ba.js Show response
marksspencer.net/assets/ 137 KB
55 KB 1330ms
1329ms Script
application/javascript 2606:4700:3033::ac43:c2fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://marksspencer.net/assets/vue-2b9fd4ba.js

Requested by

Host: marksspencer.net
URL: https://marksspencer.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:c2fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c237f54af0cd84f30a17f74f3368ceed0ce66cb1c5cf896116fee4f4b95326b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://marksspencer.net/
Origin: https://marksspencer.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:47:11 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 11 Jun 2023 09:36:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64859586-2250c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rG4NxL8AHPMZwqBgcm530vUwGqtZySTcDAsJySdqiKBq5IIxx5fBhEa%2F0%2F47XPsnwtOv2UnEC8W0pO7Z0XM9plejnDvCxdtSE65LHM3wYn0wdmWcxpPwV%2F1cEgloXHZv1Lbqe0CSBul1lz9xIL36"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e2a03c2be0f18e4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 vant-11c310e0.js Show response
marksspencer.net/assets/ 204 KB
72 KB 1382ms
1381ms Script
application/javascript 2606:4700:3033::ac43:c2fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://marksspencer.net/assets/vant-11c310e0.js

Requested by

Host: marksspencer.net
URL: https://marksspencer.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:c2fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f2e20dfe93dc3239794624261d893c2b658f4760fa701b64b5202805e28b859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://marksspencer.net/
Origin: https://marksspencer.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:47:11 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 11 Jun 2023 09:36:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64859586-33025"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywuL9Tvy13I9GFPI6ei6iHqWvRcY7ct6TJRrwrq6KlExnZAkO5D%2B2tHiJbYR2ujhdaW9y5Cf5SlrRciiH3GR%2F48vRa2c0mXfRO3SIfWQME9zHpK8WQAmNdAhBGWyM6TE8%2FUdJAXpperNqlGp8n6J"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e2a03c2be1118e4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 index-d40d017a.css
marksspencer.net/assets/ 198 KB
55 KB 1284ms
1284ms Stylesheet
text/css 2606:4700:3033::ac43:c2fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://marksspencer.net/assets/index-d40d017a.css

Requested by

Host: marksspencer.net
URL: https://marksspencer.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:c2fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40d017a01b6a448899c1cafef957854eafd5df91c206e17838232748676f764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://marksspencer.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:47:11 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 11 Jun 2023 09:36:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64859586-31778"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfdtpZ0xRguF1obs7FdmQntGX8%2F5fUlO37eGagvtr0b2EJSDqrQ%2BE0FnBVCfmeMrmqM3qiUGa2Y8h1oSXSKDO0pyJ74w7AZYXyNUgdjJAFDlDbpIyyMniFP651c34cPYt1Hpr7cdE2zsdbKhPU78"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e2a03c2be0d18e4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 HomePage-7387ec0d.js Show response
marksspencer.net/assets/ 8 KB
4 KB 603ms
601ms Script
application/javascript 2606:4700:3033::ac43:c2fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://marksspencer.net/assets/HomePage-7387ec0d.js

Requested by

Host: marksspencer.net
URL: https://marksspencer.net/assets/index-f9a6ce8c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c2fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2608b2da575e64fdac44ba804bab0831591355289cd8946c7ad0041a28717512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Origin: https://marksspencer.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:47:12 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 11 Jun 2023 09:36:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64859586-1ff6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E02q1NayN4dS547NV2lDI3K%2BvjquIl5NXmkiwiNHQw2q3QQJl%2Fx%2B6H9TF2VLZejzYbZhWOQZx%2BC8%2FuPJHYytpZoatIRB2sZH1JCMx%2FYEAeANqZrZ%2BtLZK%2BnDTFR6jwozR80dM3hMUtBw34ULWP%2BI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e2a03cbe8909237-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 InvitePopup-d04cf7f7.js Show response
marksspencer.net/assets/ 2 KB
1 KB 615ms
612ms Script
application/javascript 2606:4700:3033::ac43:c2fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://marksspencer.net/assets/InvitePopup-d04cf7f7.js

Requested by

Host: marksspencer.net
URL: https://marksspencer.net/assets/index-f9a6ce8c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c2fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13380c9a82f995f69298594b0a531fbaca31469ae07bc49f61b5bdb3fec62e42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Origin: https://marksspencer.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:47:12 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 11 Jun 2023 09:36:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64859586-608"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LGbgUf9yU9RgE%2FacT6D%2FG2HrUj0Nhfiqlo4OFs6nXv7sUdI0WofKomKf7US%2BosV077Nkij3iP4%2BoJUVUqEOcZY4zPePHSY0ZcUVSGYPfpSqVFPLDDBCQkGlLLM56%2FlOMtzQZ2%2F9Ngg6KC0%2BiTzT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e2a03cbe8929237-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 member-d6605cbd.js Show response
marksspencer.net/assets/ 1004 B
986 B 642ms
639ms Script
application/javascript 2606:4700:3033::ac43:c2fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://marksspencer.net/assets/member-d6605cbd.js

Requested by

Host: marksspencer.net
URL: https://marksspencer.net/assets/index-f9a6ce8c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c2fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3183f8e249257e2627403edb617acf35d7c7c2b14750a259a86dde148a1283e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Origin: https://marksspencer.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:47:12 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 11 Jun 2023 09:36:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64859586-3ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpRFIfmQWhAl4VFnS0fLFeIYVnrNcJB7RiVTj64rNhRbs2QxTKsN%2BDaTFTcaE1kFMpYc49Qn18kLtPGG0MYWQkFe1BqO%2BTTYrtPHQVVqpA83VhSKiSpv5tlNLaVFZjkn%2FEd%2BjuZtjAZoctABikFf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e2a03cbe8939237-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 NoticeIcon-8140451d.js Show response
marksspencer.net/assets/ 469 B
795 B 617ms
614ms Script
application/javascript 2606:4700:3033::ac43:c2fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://marksspencer.net/assets/NoticeIcon-8140451d.js

Requested by

Host: marksspencer.net
URL: https://marksspencer.net/assets/index-f9a6ce8c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c2fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

511c8ca720601b6fe68410cc79203813d29d9b57667cb2355b923485e69cac9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Origin: https://marksspencer.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:47:12 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 11 Jun 2023 09:36:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64859586-1d5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FyTDPTdOJTVDV2uxTQrr7mQrD3HfFIVljKhw6OK%2FbEIytRN9CZX4BHIogEhJqL33nLY03PtUPhW5W5DTFgMpAPGAFfuSQ7C%2F8%2B%2F0j9XVLCuq%2BALyqf3eeAuu0P16kFRuaaNIXQ4ASz1JwI0TtDK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e2a03cbe8959237-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 messages-c3756aad.js Show response
marksspencer.net/assets/ 729 B
935 B 592ms
590ms Script
application/javascript 2606:4700:3033::ac43:c2fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://marksspencer.net/assets/messages-c3756aad.js

Requested by

Host: marksspencer.net
URL: https://marksspencer.net/assets/index-f9a6ce8c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c2fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6065f4b5720294364c796df6cc6a4ac98060c37cac092d256e5288532a7ebaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Origin: https://marksspencer.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:47:12 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 11 Jun 2023 09:36:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64859586-2d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Owg5ugc8SohCWAYPj9xQ3rQjNnhc1lxAeg%2FQ2yW4NhYpQZtukNx7Dd9lRi%2FIzj%2BcM7U%2F%2Fdk5ZBMn8i3z713DMNSK5dQvd%2BUi4s5TbofVlqd3NFxrMGKxOxgCBeURjAoXJyEzjqSjYZ7K3OQ1ahDn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7e2a03cbe8969237-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 HomePage-dc5cbc65.css
marksspencer.net/assets/ 1006 B
854 B 618ms
616ms Stylesheet
text/css 2606:4700:3033::ac43:c2fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://marksspencer.net/assets/HomePage-dc5cbc65.css

Requested by

Host: marksspencer.net
URL: https://marksspencer.net/assets/index-f9a6ce8c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c2fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc5cbc654800fdae00a26f4a2d4900e86e36379e9c3ec61a0d53397980190c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://marksspencer.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:47:12 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 11 Jun 2023 09:36:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64859586-3ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnjHU9vEFacm%2FARVNFR8k5KMYMHMUYRR3KQyKepWbvq0EsVqD2uw5eQqU8qvGoSs3RJD2Ho3sLltP5y5mQZn844hp8sc1ORl%2BYgohj684bCL3TiNkjrtM6ezx0ZU%2B28kApBZRc8rklSXN4%2BAjBjb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7e2a03cbe8999237-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bg-login.png
marksspencer.net/imgs/ 116 KB
117 KB 1051ms
1050ms Image
image/png 2606:4700:3033::ac43:c2fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://marksspencer.net/imgs/bg-login.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c2fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ce24b0840d73f1338c3fc715727f40a650f58d68bc63d171fb53fb7c5099deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://marksspencer.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:47:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
last-modified: Sun, 11 Jun 2023 09:35:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64859577-1d14f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7aejTi5drgOmT%2B%2FghcgXqahI2M7u2SPhU9b%2B9oXorEGwZD4G2FTq%2FYzvRxefH0OSuVwGo%2FdvJPe9yuyKeGF3QKWZG4TyR9Rqpr3ZIqndCcQxEDiTpbDJRNv9niqHLnA0MnpRCgGFE9DEntdIpC%2FN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e2a03d03de59237-FRA
alt-svc: h3=":443"; ma=86400
content-length: 119119

GET
DATA 200
OK truncated
/ 24 KB
24 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8407cec034214e9e821815ddc9bebcbd7896a1451c2859fa5ca1f46bc57e08d8

Request headers

Referer
Origin: https://marksspencer.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
H3 200 service.png
marksspencer.net/imgs/ 33 KB
33 KB 939ms
939ms Image
image/png 2606:4700:3033::ac43:c2fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://marksspencer.net/imgs/service.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:c2fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29f158fc49b5f42dd433205a514359a0ec874a1838716f11af4e754beac3c943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://marksspencer.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:47:13 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
last-modified: Sun, 11 Jun 2023 09:35:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64859577-832c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ev%2Fgk3hqwDQ6iUJdG0Z3Z%2FXqn5u5OAtDrNh8fouzHR0yXIwVeJA8mbWtYcWdatoEV8k10sK%2BsIp6UfwYPoHB8UmwCr7WKJ6gku0r6Dt0A3eaffASJMi%2BpnQ8U%2FcDemjYkmIT3mwS6f9dnJ9QkMUW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7e2a03d03de89237-FRA
alt-svc: h3=":443"; ma=86400
content-length: 33580

GET
H3 200 config Show response
marksspencer.net/api/v1/site/ 2 KB
863 B 698ms
697ms XHR
application/json 2606:4700:3033::ac43:c2fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marksspencer.net/api/v1/site/config
Requested by: Host: marksspencer.net
URL: https://marksspencer.net/assets/vue-2b9fd4ba.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c2fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb49fd5277a76fed9e1e19b8f6be4429f8619fe36bcc16ba4bb1d3d3ec16fe0e

Request headers

Accept: application/json, text/plain, */*
merchant-id: 4
Referer: https://marksspencer.net/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:47:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BQoyzjGMW9yUsyZF7%2FNy55k964H%2Fvv7YpBtLM6kSSCM1eg%2B3ogNtorZffDEYk17BsoM235zrkBl6z0uxbHl7V2xUk0SkeDi9MI33o96xfQvahzo01S2VZAwseRKPHVRNIjJ6jPUobG9rPfwqTSq"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-expose-headers
cache-control: no-cache
cf-ray: 7e2a03d04df09237-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 index Show response
marksspencer.net/api/task/v1/goods-list/ 4 KB
2 KB 755ms
755ms XHR
application/json 2606:4700:3033::ac43:c2fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marksspencer.net/api/task/v1/goods-list/index
Requested by: Host: marksspencer.net
URL: https://marksspencer.net/assets/vue-2b9fd4ba.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c2fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6b53a4d6dcb5143d372adec2dc8e71ceb855078647b7ed0a83b0bab4cb931b5

Request headers

Accept: application/json, text/plain, */*
merchant-id: 4
Referer: https://marksspencer.net/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:47:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GUmUorCEX4gna3CmBBqlFPs8707beDbPBe53hWRNsVaUiscYFRO2ExGtR%2Fbhmhs%2BPQTFZRArzTjwitSFIABVzPV9vS2pRHeZvF15Ll6buRFJv7jsSFUVe0hkQ5jHv5G%2FLMwkzdQY4GEpUxznNI6"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-expose-headers
cache-control: no-cache
cf-ray: 7e2a03d04df29237-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 config Show response
marksspencer.net/api/v1/site/ 2 KB
869 B 729ms
729ms XHR
application/json 2606:4700:3033::ac43:c2fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marksspencer.net/api/v1/site/config
Requested by: Host: marksspencer.net
URL: https://marksspencer.net/assets/vue-2b9fd4ba.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c2fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb49fd5277a76fed9e1e19b8f6be4429f8619fe36bcc16ba4bb1d3d3ec16fe0e

Request headers

Accept: application/json, text/plain, */*
merchant-id: 4
Referer: https://marksspencer.net/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 18:47:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4K5%2FgRYdbZeJvdU2q1xB%2BMSQ6DwJkp0xPuqJuPnUigTjCHjZ0j5FqkofPMNoIFxf%2Fsl6bTySlB0H0KkMHPZBT9kdTwDP%2BXxYPCpeVT0jO1XwBfwKeO1NodvJ0Jq2wR%2BQHE9uIzmMMv4GkNMJ58h"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-expose-headers
cache-control: no-cache
cf-ray: 7e2a03d04df49237-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Malicious page.url
Submitted on July 25th 2023, 10:34:31 pm UTC — From United Kingdom

Threats: Brand Impersonation Scam
Comment: Site is being used to target individuals who have complained about a job offer that involves writing reviews on behalf of companies through Instagram, wherein they were allegedly deceived into giving money.

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

marksspencer.net
2606:4700:3033::6815:3c58
2606:4700:3033::ac43:c2fe
13380c9a82f995f69298594b0a531fbaca31469ae07bc49f61b5bdb3fec62e42
1ce24b0840d73f1338c3fc715727f40a650f58d68bc63d171fb53fb7c5099deb
2608b2da575e64fdac44ba804bab0831591355289cd8946c7ad0041a28717512
29f158fc49b5f42dd433205a514359a0ec874a1838716f11af4e754beac3c943
2f2e20dfe93dc3239794624261d893c2b658f4760fa701b64b5202805e28b859
3183f8e249257e2627403edb617acf35d7c7c2b14750a259a86dde148a1283e9
511c8ca720601b6fe68410cc79203813d29d9b57667cb2355b923485e69cac9a
8407cec034214e9e821815ddc9bebcbd7896a1451c2859fa5ca1f46bc57e08d8
89f17e2ff6fa2cbb9c00c9dfb350eec806bb5a69f442afa38d028a92382293b3
b5fced099b8311126854a7c64997f0079d2f04b6e9a2a4bbeacf0bfcf0bbb681
b6065f4b5720294364c796df6cc6a4ac98060c37cac092d256e5288532a7ebaf
b6b53a4d6dcb5143d372adec2dc8e71ceb855078647b7ed0a83b0bab4cb931b5
c237f54af0cd84f30a17f74f3368ceed0ce66cb1c5cf896116fee4f4b95326b8
d40d017a01b6a448899c1cafef957854eafd5df91c206e17838232748676f764
dc5cbc654800fdae00a26f4a2d4900e86e36379e9c3ec61a0d53397980190c6b
eb49fd5277a76fed9e1e19b8f6be4429f8619fe36bcc16ba4bb1d3d3ec16fe0e

marksspencer.net Open in urlscan Pro 2606:4700:3033::ac43:c2fe Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 1 votes Show Verdicts

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

422 kBTransfer

895 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Malicious page.url Submitted on July 25th 2023, 10:34:31 pm UTC — From United Kingdom

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

8 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

marksspencer.net Open in urlscan Pro
2606:4700:3033::ac43:c2fe Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

422 kB
Transfer

895 kB
Size

0
Cookies

16 HTTP transactions
1 data transactions

Malicious page.url
Submitted on July 25th 2023, 10:34:31 pm UTC — From United Kingdom

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!