authenticator-page.click Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://authenticator-page.click/
Effective URL:
https://authenticator-page.click/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On August 13 via api (August 13th 2024, 12:34:03 pm UTC) from IT — Scanned from NL

Summary HTTP 12 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 12 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is authenticator-page.click.
TLS certificate: Issued by WE1 on August 10th 2024. Valid for: 3 months.

This is the only time authenticator-page.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1 1	172.67.74.163 172.67.74.163	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::347	54113 (FASTLY) (FASTLY)
1	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
12	7

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

authenticator-page.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.74.163 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

picsum.photos	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::347 (United States)

ASN54113 (FASTLY, US)

fastly.picsum.photos	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ts2.mm.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	gstatic.com fonts.gstatic.com	69 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9685	1 KB
2	picsum.photos 1 redirects picsum.photos — Cisco Umbrella Rank: 92800 fastly.picsum.photos — Cisco Umbrella Rank: 140874	182 KB
2	authenticator-page.click authenticator-page.click	48 KB
1	bing.net ts2.mm.bing.net — Cisco Umbrella Rank: 174076	50 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
0	dimmax.shop Failed dimmax.shop Failed
12	7

	Domain	Requested by
5	fonts.gstatic.com	fonts.googleapis.com
2	counter.yadro.ru	1 redirects authenticator-page.click
2	authenticator-page.click
1	ts2.mm.bing.net	authenticator-page.click
1	fastly.picsum.photos	authenticator-page.click
1	picsum.photos	1 redirects
1	fonts.googleapis.com	authenticator-page.click
0	dimmax.shop Failed
12	8

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru

Subject Issuer	Validity	Valid
authenticator-page.click WE1	`2024-08-10` - `2024-11-08`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.mm.bing.net Microsoft Azure RSA TLS Issuing CA 04	`2024-07-30` - `2025-01-26`	6 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Frame: https://dimmax.shop/nY89bp?sub_id_1=dors-ru0524gc&sub_id_2=authenticator-page.click
Frame ID: 348960DDF11B010A48C00398D5704BA5
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

http://authenticator-page.click/ HTTP 307
https://authenticator-page.click/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Liveinternet (Analytics) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

12
Requests

75 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

7
IPs

4
Countries

350 kB
Transfer

373 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://authenticator-page.click/ HTTP 307
https://authenticator-page.click/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://picsum.photos/1200/1500?random=352955 HTTP 302
https://fastly.picsum.photos/id/773/1200/1500.jpg?hmac=Zzy1-s2a9btfhR7B5CQPYTJg8uGnsEyaTHxYBd_fihw

Request Chain 4

https://counter.yadro.ru/hit?t45.1;r;s1600*1200*24;uhttps%3A//authenticator-page.click/;hJust%20a%20moment...;0.9815802393381365 HTTP 302
https://counter.yadro.ru/hit?q;t45.1;r;s1600*1200*24;uhttps%3A//authenticator-page.click/;hJust%20a%20moment...;0.9815802393381365

12 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

302

Primary Request / Show response
authenticator-page.click/
Redirect Chain

http://authenticator-page.click/
https://authenticator-page.click/

21 KB
22 KB

601ms
509ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://authenticator-page.click/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: 052f1f5832fb8f05ac792c02bbd3057f4a1f098d0100cbb4721416a336e5d0ba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b28bc6588ab663c-AMS
content-type: text/html; charset=utf-8
date: Tue, 13 Aug 2024 12:33:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
refresh: 3; https://dimmax.shop/nY89bp?sub_id_1=dors-ru0524gc&sub_id_2=authenticator-page.click
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g5HwS4FvYshFm9Cs28%2B%2BlP9E1T7olNGJPnubz%2F6g75USKOr4MB89GFoII0DVJqhLQTMVfxwXv0mBL5UlkcedK%2BNlBNQdxuvIsiSPSK7y8hnwH70I1K8jAB1PxLIb%2BhJKhMLUUyiTPuZo6b4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.16

Redirect headers

Location: https://authenticator-page.click/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
2 KB 566ms
58ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: authenticator-page.click
URL: https://authenticator-page.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

afdd76f6919dc340e54a1045e6f4a8fc840a922c8efd1d07cc5bcdf448373a66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://authenticator-page.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Aug 2024 12:33:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Aug 2024 11:49:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Aug 2024 12:33:52 GMT

GET
H2

200

1500.jpg
fastly.picsum.photos/id/773/1200/
Redirect Chain

https://picsum.photos/1200/1500?random=352955
https://fastly.picsum.photos/id/773/1200/1500.jpg?hmac=Zzy1-s2a9btfhR7B5CQPYTJg8uGnsEyaTHxYBd_fihw

181 KB
182 KB

565ms
447ms

Image
image/jpeg

2a04:4e42:200::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastly.picsum.photos/id/773/1200/1500.jpg?hmac=Zzy1-s2a9btfhR7B5CQPYTJg8uGnsEyaTHxYBd_fihw
Requested by: Host: authenticator-page.click
URL: https://authenticator-page.click/
Protocol: H2
Server: 2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9f4aa0d94b302fccb28ae0f81dbf858072da61ec6dd53295271cd753dacbeb29

Request headers

Referer: https://authenticator-page.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

picsum-id: 773
date: Tue, 13 Aug 2024 12:33:52 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-disposition: inline; filename="773-1200x1500.jpg"
content-length: 185515
x-served-by: cache-ams21025-AMS
server: nginx
x-timer: S1723552432.283849,VS0,VE432
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=2592000, stale-while-revalidate=60, stale-if-error=43200, immutable
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

Redirect headers

date: Tue, 13 Aug 2024 12:33:51 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S9gmhWI4QERtjkAe2G1B%2F%2FdsbtHelNCDilTHrfFEbxDUrcLxD45AyTDSyVCZSHh%2BQn72QCxfytVqCDI05fX%2BirQy2TaQR%2FkmtP8qs8vK2FFPyZb%2FHNFN1dU2hy1wiaI%3D"}],"group":"cf-nel","max_age":604800}
location: https://fastly.picsum.photos/id/773/1200/1500.jpg?hmac=Zzy1-s2a9btfhR7B5CQPYTJg8uGnsEyaTHxYBd_fihw
cache-control: private, no-cache, no-store, must-revalidate
cf-ray: 8b28bc6af80d06ca-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 th
ts2.mm.bing.net/ 49 KB
50 KB 690ms
183ms Image
image/jpeg 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ts2.mm.bing.net/th?q=marvel%27s%20spider%20man%202%20pc
Requested by: Host: authenticator-page.click
URL: https://authenticator-page.click/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f14883f1fb36d88d8eba6f96447fb4d4fb8aaf7c8408e3f6070b9037b01a2d5c

Request headers

Referer: https://authenticator-page.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 12:33:51 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 02B6B1213AE74F01ABC483F7A161BF52 Ref B: AMS231020512027 Ref C: 2024-08-13T12:33:52Z
access-control-allow-methods: GET, POST, OPTIONS
x-cache: TCP_MISS
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
content-type: image/jpeg
cache-control: public, max-age=5184000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 50065

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t45.1;r;s1600*1200*24;uhttps%3A//authenticator-page.click/;hJust%20a%20moment...;0.9815802393381365
https://counter.yadro.ru/hit?q;t45.1;r;s1600*1200*24;uhttps%3A//authenticator-page.click/;hJust%20a%20moment...;0.9815802393381365

112 B
598 B

66ms
64ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t45.1;r;s1600*1200*24;uhttps%3A//authenticator-page.click/;hJust%20a%20moment...;0.9815802393381365

Requested by

Host: authenticator-page.click
URL: https://authenticator-page.click/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://authenticator-page.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Aug 2024 12:33:52 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 112
Expires: Sun, 13 Aug 2023 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Aug 2024 12:33:52 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t45.1;r;s1600*1200*24;uhttps%3A//authenticator-page.click/;hJust%20a%20moment...;0.9815802393381365
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Sun, 13 Aug 2023 21:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 222ms
29ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://authenticator-page.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 01:49:47 GMT
x-content-type-options: nosniff
age: 557045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Aug 2025 01:49:47 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 216ms
23ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://authenticator-page.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 10:40:24 GMT
x-content-type-options: nosniff
age: 525208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Aug 2025 10:40:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v32/ 10 KB
10 KB 150ms
54ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f226239b7cb86705238ec5a036a05bdb8fa187630f9c686db7c52ad53b64482

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://authenticator-page.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 13:18:15 GMT
x-content-type-options: nosniff
age: 515737
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9780
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Aug 2025 13:18:15 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 10 KB
10 KB 156ms
61ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d539033909dd344ae868f1c72bd0fc3d5ee082c9a76882448849481fd8ed857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://authenticator-page.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 00:34:41 GMT
x-content-type-options: nosniff
age: 561551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9852
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Aug 2025 00:34:41 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v32/ 12 KB
12 KB 155ms
62ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://authenticator-page.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 12:19:17 GMT
x-content-type-options: nosniff
age: 519275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12456
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Aug 2025 12:19:17 GMT

GET
H3 302 favicon.ico
authenticator-page.click/ 26 KB
26 KB 65ms
65ms Other
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://authenticator-page.click/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: e818f47ba86e18b41ce551ab4e32e1719432dfbfcaaff418abe0eef6877253e4

Request headers

Referer: https://authenticator-page.click/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 13 Aug 2024 12:33:52 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.16
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MUYonVr4Ol9ououIDUdmhAczft%2BDkACmpHWv6k2OxA9a5BDbxTN1pDfc0jqZAXrmt0HFJZc7fUI%2F9jUhbu24UguYpotJVEWVSPoV5gP8U9ZAQQF6yZ27S%2Bxmo9VIWReLnZDmg%2Fn3U0%2FTpZY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
refresh: 3; https://dimmax.shop/nY89bp?sub_id_1=dors-ru0524gc&sub_id_2=authenticator-page.click
cf-ray: 8b28bc70eb6c663c-AMS
alt-svc: h3=":443"; ma=86400

GET nY89bp
dimmax.shop/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dimmax.shop
URL: https://dimmax.shop/nY89bp?sub_id_1=dors-ru0524gc&sub_id_2=authenticator-page.click

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.yadro.ru/	1970-01-21 07:30:32	Name: FTID Value: 1ckrAm1zniur1ckrAm00378L
			.yadro.ru/	1970-01-21 07:30:32	Name: VID Value: 3DDDP22G8cer1ckrAm00379d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

authenticator-page.click
counter.yadro.ru
dimmax.shop
fastly.picsum.photos
fonts.googleapis.com
fonts.gstatic.com
picsum.photos
ts2.mm.bing.net
dimmax.shop
172.67.74.163
188.114.97.3
2620:1ec:33::10
2a00:1450:4001:800::200a
2a00:1450:4001:831::2003
2a04:4e42:200::347
88.212.202.52
052f1f5832fb8f05ac792c02bbd3057f4a1f098d0100cbb4721416a336e5d0ba
4d539033909dd344ae868f1c72bd0fc3d5ee082c9a76882448849481fd8ed857
685dd0a4dbede9c486deb28acfbd6a2337f8d796445757029b828c7221e4ced1
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9f226239b7cb86705238ec5a036a05bdb8fa187630f9c686db7c52ad53b64482
9f4aa0d94b302fccb28ae0f81dbf858072da61ec6dd53295271cd753dacbeb29
afdd76f6919dc340e54a1045e6f4a8fc840a922c8efd1d07cc5bcdf448373a66
bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e818f47ba86e18b41ce551ab4e32e1719432dfbfcaaff418abe0eef6877253e4
f14883f1fb36d88d8eba6f96447fb4d4fb8aaf7c8408e3f6070b9037b01a2d5c

authenticator-page.click Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

75 %HTTPS

57 %IPv6

7 Domains

8 Subdomains

7 IPs

4 Countries

350 kBTransfer

373 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Indicators

authenticator-page.click Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

75 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

7
IPs

4
Countries

350 kB
Transfer

373 kB
Size

2
Cookies

12 HTTP transactions
1 data transactions