urlscan.io logo urlscan.io
SecurityTrails logo

tcexdfkbr.com Open in urlscan Pro
172.67.199.146  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://simontoppingpianotuner.winzip.fr/
Effective URL: https://tcexdfkbr.com/en/imitate/?brand=Apple&model=iPhone&cep=0tHt23nY_OJh4U7zsnzKCkxagZiXMpPKgjDlAAtO-psVZfeQxvugnY5...
Submission Tags: @phish_report
Submission: On December 22 via api from FI — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 10 HTTP transactions. The main IP is 172.67.199.146, located in United States and belongs to CLOUDFLARENET, US. The main domain is tcexdfkbr.com.
TLS certificate: Issued by WE1 on December 6th 2024. Valid for: 3 months.
This is the only time tcexdfkbr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 185.53.177.72 61969 (TEAMINTER...)
1 2600:9000:277... 16509 (AMAZON-02)
1 2 54.209.147.45 14618 (AMAZON-AES)
1 1 2600:9000:214... 16509 (AMAZON-02)
4 172.67.199.146 13335 (CLOUDFLAR...)
10 4
4    185.53.177.72 (Germany)

ASN61969 (TEAMINTERNET-AS Team Internet AG, DE)
simontoppingpianotuner.winzip.fr
1    2600:9000:277c:d200:1d:4618:5c80:21 (United States)

ASN16509 (AMAZON-02, US)
d38psrni17bvxu.cloudfront.net
2    54.209.147.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-147-45.compute-1.amazonaws.com
gauts-lwt.com
1    2600:9000:2146:8600:1b:5b15:9a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
my.toruftuiov.com
4    172.67.199.146 (United States)

ASN13335 (CLOUDFLARENET, US)
tcexdfkbr.com
Apex Domain
Subdomains		 Transfer
4 tcexdfkbr.com
tcexdfkbr.com
12 KB
4 winzip.fr
simontoppingpianotuner.winzip.fr
3 KB
2 gauts-lwt.com
gauts-lwt.com — Cisco Umbrella Rank: 612958
4 KB
1 toruftuiov.com
my.toruftuiov.com — Cisco Umbrella Rank: 162660
1 KB
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
1 KB
10 5
Domain Requested by
4 tcexdfkbr.com gauts-lwt.com
tcexdfkbr.com
4 simontoppingpianotuner.winzip.fr d38psrni17bvxu.cloudfront.net
simontoppingpianotuner.winzip.fr
2 gauts-lwt.com 1 redirects simontoppingpianotuner.winzip.fr
1 my.toruftuiov.com 1 redirects
1 d38psrni17bvxu.cloudfront.net simontoppingpianotuner.winzip.fr
10 5

This site contains links to these domains. Also see Links.

Domain
my.toruftuiov.com
Subject Issuer Validity Valid
simontoppingpianotuner.winzip.fr
R11		 2024-12-21 -
2025-03-21		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
gauts-lwt.com
Amazon RSA 2048 M03		 2024-11-04 -
2025-12-03		 a year crt.sh
tcexdfkbr.com
WE1		 2024-12-06 -
2025-03-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://tcexdfkbr.com/en/imitate/?brand=Apple&model=iPhone&cep=0tHt23nY_OJh4U7zsnzKCkxagZiXMpPKgjDlAAtO-psVZfeQxvugnY5tlgLcnJxQiD86HQuoXzXyeglmJlpS62Bkd5SwF3HiRWp9XGsdv1LRuO7eBuhiRXl-YnUiJrbGCFOXGF3o2fOJJlfufuQYCZ18idvjKqQOPu2yUUkmLkYG993tnmQ6e-XR452ChGg0kesqZovkTbYt_qHvTiNrHUlwzJvZgmTzeQ3cfiCYAhAIKz3ia30K6IMpHylz57C0_CAfYTD14sLGzh1PS0cPf1jlai1THXhl-rpeVUoOpcpjbz5YMojkgaaNf_blEBxshWtZVdRNas9m9DQVEyW6B5dVEfH7FFCjkMhuJFYiTh9dnR9VVF8b89EKKjqx1lX-8XT7UW2bGuZzIU9NiMu3Rn6sZHHFd6bjw4iaUEQMZI41ynOGvYd-DxwLFIS-gFb0qo1Dt_nRCpk_NfXZtEECtJjksoQm1GjcJyOvCH_AcCXy5sP7IfBcRJVvX0dYdOWbdbt9Jokp_YO22HeZNX8kPzrjVgSrEGYTvhv4L3ItpRy42UELEuP7N2BbItPdX_IQtm_X-86nZZ6dL19cqabe6XGMDUAxVbo5GaCBFqpyDo5Ncsu18111EuOZwQAHuqoWfjuZl87Fy63k3JPiI0PksQ&lptoken=1707347f825f9007929e
Frame ID: 30D05D47008D68D62C965D15B79753FA
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Attention!

Page URL History Show full URLs

  1. http://simontoppingpianotuner.winzip.fr/ HTTP 307
    https://simontoppingpianotuner.winzip.fr/ Page URL
  2. https://gauts-lwt.com/zclkvisitor/9f635b45-bffb-11ef-867c-12dc9d01541b/85aefdc2-9ed0-48aa-922d-60f... Page URL
  3. https://gauts-lwt.com/zclkredirect?visitid=9f635b45-bffb-11ef-867c-12dc9d01541b&type=js&browserWid... HTTP 302
    https://my.toruftuiov.com/zp-redirect?target=https%3A%2F%2Ftcexdfkbr.com%2Fen%2Fimitate%2F%3Fbrand%3DA... HTTP 302
    https://tcexdfkbr.com/en/imitate/?brand=Apple&model=iPhone&cep=0tHt23nY_OJh4U7zsnzKCkxagZiXMpPKgjD... Page URL

Page Statistics

10
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

19 kB
Transfer

25 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://simontoppingpianotuner.winzip.fr/ HTTP 307
    https://simontoppingpianotuner.winzip.fr/ Page URL
  2. https://gauts-lwt.com/zclkvisitor/9f635b45-bffb-11ef-867c-12dc9d01541b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=30702cd0-d912-11ed-91bc-0a918cbcbb97 Page URL
  3. https://gauts-lwt.com/zclkredirect?visitid=9f635b45-bffb-11ef-867c-12dc9d01541b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B08%3A00&timezoneName=Australia%2FPerth HTTP 302
    https://my.toruftuiov.com/zp-redirect?target=https%3A%2F%2Ftcexdfkbr.com%2Fen%2Fimitate%2F%3Fbrand%3DApple%26model%3DiPhone%26cep%3D0tHt23nY_OJh4U7zsnzKCkxagZiXMpPKgjDlAAtO-psVZfeQxvugnY5tlgLcnJxQiD86HQuoXzXyeglmJlpS62Bkd5SwF3HiRWp9XGsdv1LRuO7eBuhiRXl-YnUiJrbGCFOXGF3o2fOJJlfufuQYCZ18idvjKqQOPu2yUUkmLkYG993tnmQ6e-XR452ChGg0kesqZovkTbYt_qHvTiNrHUlwzJvZgmTzeQ3cfiCYAhAIKz3ia30K6IMpHylz57C0_CAfYTD14sLGzh1PS0cPf1jlai1THXhl-rpeVUoOpcpjbz5YMojkgaaNf_blEBxshWtZVdRNas9m9DQVEyW6B5dVEfH7FFCjkMhuJFYiTh9dnR9VVF8b89EKKjqx1lX-8XT7UW2bGuZzIU9NiMu3Rn6sZHHFd6bjw4iaUEQMZI41ynOGvYd-DxwLFIS-gFb0qo1Dt_nRCpk_NfXZtEECtJjksoQm1GjcJyOvCH_AcCXy5sP7IfBcRJVvX0dYdOWbdbt9Jokp_YO22HeZNX8kPzrjVgSrEGYTvhv4L3ItpRy42UELEuP7N2BbItPdX_IQtm_X-86nZZ6dL19cqabe6XGMDUAxVbo5GaCBFqpyDo5Ncsu18111EuOZwQAHuqoWfjuZl87Fy63k3JPiI0PksQ%26lptoken%3D1707347f825f9007929e&caid=7b92e083-6e9b-49b9-a0b2-45e93971fc57&zpid=9f635b45-bffb-11ef-867c-12dc9d01541b&cid=&rt=R&ts=1734827292810&hash=6m0D0AHX8AanlA-lQMGhOaN5All9qfvxfq4Uksxmyoc HTTP 302
    https://tcexdfkbr.com/en/imitate/?brand=Apple&model=iPhone&cep=0tHt23nY_OJh4U7zsnzKCkxagZiXMpPKgjDlAAtO-psVZfeQxvugnY5tlgLcnJxQiD86HQuoXzXyeglmJlpS62Bkd5SwF3HiRWp9XGsdv1LRuO7eBuhiRXl-YnUiJrbGCFOXGF3o2fOJJlfufuQYCZ18idvjKqQOPu2yUUkmLkYG993tnmQ6e-XR452ChGg0kesqZovkTbYt_qHvTiNrHUlwzJvZgmTzeQ3cfiCYAhAIKz3ia30K6IMpHylz57C0_CAfYTD14sLGzh1PS0cPf1jlai1THXhl-rpeVUoOpcpjbz5YMojkgaaNf_blEBxshWtZVdRNas9m9DQVEyW6B5dVEfH7FFCjkMhuJFYiTh9dnR9VVF8b89EKKjqx1lX-8XT7UW2bGuZzIU9NiMu3Rn6sZHHFd6bjw4iaUEQMZI41ynOGvYd-DxwLFIS-gFb0qo1Dt_nRCpk_NfXZtEECtJjksoQm1GjcJyOvCH_AcCXy5sP7IfBcRJVvX0dYdOWbdbt9Jokp_YO22HeZNX8kPzrjVgSrEGYTvhv4L3ItpRy42UELEuP7N2BbItPdX_IQtm_X-86nZZ6dL19cqabe6XGMDUAxVbo5GaCBFqpyDo5Ncsu18111EuOZwQAHuqoWfjuZl87Fy63k3JPiI0PksQ&lptoken=1707347f825f9007929e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://simontoppingpianotuner.winzip.fr/ HTTP 307
  • https://simontoppingpianotuner.winzip.fr/

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
simontoppingpianotuner.winzip.fr/
Redirect Chain
  • http://simontoppingpianotuner.winzip.fr/
  • https://simontoppingpianotuner.winzip.fr/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://simontoppingpianotuner.winzip.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.72 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software
Caddy nginx /
Resource Hash
2e6cd37103888a7b3825c85a2a68fe2641b6dfd7f1ab8f24e8d97c685ada086e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ch
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
accept-ch-lifetime
30
alt-svc
h3=":8443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 22 Dec 2024 00:28:10 GMT
server
Caddy nginx
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_eOUQd/7XYReLL6J0jggf4D67bchjOsAfujnU3DLCHbuedpK4DZ6epsjHACxWUc+L867/YPXIUlrOXSJb7ByG2w==
x-buckets
bucket088,bucket077
x-domain
winzip.fr
x-language
english
x-pcrew-blocked-reason
hosting network
x-pcrew-ip-organization
Host Universal
x-redirect
zeropark_zeroclick
x-subdomain
simontoppingpianotuner
x-template
tpl_MobileCleanBlack_twoclick

Redirect headers

Location
https://simontoppingpianotuner.winzip.fr/
Non-Authoritative-Reason
HttpsUpgrades
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: simontoppingpianotuner.winzip.fr
URL: https://simontoppingpianotuner.winzip.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:d200:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://simontoppingpianotuner.winzip.fr/

Response headers

etag
"65fc1e7b-448"
age
81131
via
1.1 2886e4c3f0ae51eca00bc6ca8a0f5226.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1096
x-amz-cf-id
GNSe7JD0pMkpzfsxKWMBW7JclPySenPHYid_ztWdgHpaofqR8p8vsg==
date
Sat, 21 Dec 2024 01:55:59 GMT
content-type
application/javascript
last-modified
Thu, 21 Mar 2024 11:48:11 GMT
server
nginx
x-amz-cf-pop
SYD3-P2
track.php
simontoppingpianotuner.winzip.fr/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simontoppingpianotuner.winzip.fr/track.php?domain=winzip.fr&toggle=browserjs&uid=MTczNDgyNzI5MC4yMDEyOjIzNWIxMmM1YjNiNWRkNmRjNTczYzBiNzJmZTY3ZDBlNzZjNWY1NzU5NmI0YmZkOTU5ZGUzODRhM2IxNmRkMzA6Njc2NzVkMWEzMTFlOA%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.72 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

viewport-width
1600
ect
4g
Referer
https://simontoppingpianotuner.winzip.fr/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
rtt
200
downlink
10

Response headers

content-encoding
gzip
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime
30
x-custom-track
browserjs
access-control-allow-origin
*
alt-svc
h3=":8443"; ma=2592000
date
Sun, 22 Dec 2024 00:28:11 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Caddy, nginx
ls.php
simontoppingpianotuner.winzip.fr/ 		16 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simontoppingpianotuner.winzip.fr/ls.php?t=67675d1a&token=24f338c517047108c35bb6ad02c58d36b796c8e6
Requested by
Host: simontoppingpianotuner.winzip.fr
URL: https://simontoppingpianotuner.winzip.fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.72 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

viewport-width
1600
ect
4g
Referer
https://simontoppingpianotuner.winzip.fr/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
rtt
200
downlink
10

Response headers

access-control-max-age
86400
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
access-control-allow-methods
POST, OPTIONS
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_CeQ7mfuJIUR/AnZPN44OLr+hp9kaugWWamSS0nu6hJ2dcx3f2hnIDxRheH5GfsWH4hfCspZ2ds/MP0tDQAsD+A==
accept-ch-lifetime
30
x-log-success
67675d1b21d621c94d043356
access-control-allow-origin
alt-svc
h3=":8443"; ma=2592000
date
Sun, 22 Dec 2024 00:28:11 GMT
charset
utf-8
content-type
text/javascript;charset=UTF-8
server
Caddy, nginx
track.php
simontoppingpianotuner.winzip.fr/ 		0
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simontoppingpianotuner.winzip.fr/track.php?click=a33d2d320b04d90d264ddafabdaca9b119a743e3&domain=winzip.fr&uid=MTczNDgyNzI5MC4yMDEyOjIzNWIxMmM1YjNiNWRkNmRjNTczYzBiNzJmZTY3ZDBlNzZjNWY1NzU5NmI0YmZkOTU5ZGUzODRhM2IxNmRkMzA6Njc2NzVkMWEzMTFlOA%3D%3D&ts=fE1vYmlsZUNsZWFuQmxhY2t8fDQ3OWMwfGJ1Y2tldDA4OCxidWNrZXQwNzd8fHx8fHw2NzY3NWQxYTMxMWJmfHx8MTczNDgyNzI5MC41OTkzfGY4NzAyZWIzZmU1M2Y2NDQxMjZkNTYxYjFlMmViMTg3YTIzN2UzNmN8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwyNGYzMzhjNTE3MDQ3MTA4YzM1YmI2YWQwMmM1OGQzNmI3OTZjOGU2fDB8fDB8MHx8fHw%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.53.177.72 , Germany, ASN61969 (TEAMINTERNET-AS Team Internet AG, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

viewport-width
1600
ect
4g
Referer
https://simontoppingpianotuner.winzip.fr/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
rtt
200
downlink
10

Response headers

x-view-match
true
content-encoding
gzip
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime
30
x-custom-track
none
access-control-allow-origin
*
alt-svc
h3=":8443"; ma=2592000
date
Sun, 22 Dec 2024 00:28:11 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Caddy, nginx
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
gauts-lwt.com/zclkvisitor/9f635b45-bffb-11ef-867c-12dc9d01541b/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gauts-lwt.com/zclkvisitor/9f635b45-bffb-11ef-867c-12dc9d01541b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=30702cd0-d912-11ed-91bc-0a918cbcbb97
Requested by
Host: simontoppingpianotuner.winzip.fr
URL: https://simontoppingpianotuner.winzip.fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.147.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-147-45.compute-1.amazonaws.com
Software
/
Resource Hash
2bdef7cd57c449df57289f2bbd53aad8a87787d44d127a67c7a1e238254b10ef
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://simontoppingpianotuner.winzip.fr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
3088
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Sun, 22 Dec 2024 00:28:12 GMT
Primary Request /
tcexdfkbr.com/en/imitate/
Redirect Chain
  • https://gauts-lwt.com/zclkredirect?visitid=9f635b45-bffb-11ef-867c-12dc9d01541b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
  • https://my.toruftuiov.com/zp-redirect?target=https%3A%2F%2Ftcexdfkbr.com%2Fen%2Fimitate%2F%3Fbrand%3DApple%26model%3DiPhone%26cep%3D0tHt23nY_OJh4U7zsnzKCkxagZiXMpPKgjDlAAtO-psVZfeQxvugnY5tlgLcnJxQi...
  • https://tcexdfkbr.com/en/imitate/?brand=Apple&model=iPhone&cep=0tHt23nY_OJh4U7zsnzKCkxagZiXMpPKgjDlAAtO-psVZfeQxvugnY5tlgLcnJxQiD86HQuoXzXyeglmJlpS62Bkd5SwF3HiRWp9XGsdv1LRuO7eBuhiRXl-YnUiJrbGCFOXGF...
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tcexdfkbr.com/en/imitate/?brand=Apple&model=iPhone&cep=0tHt23nY_OJh4U7zsnzKCkxagZiXMpPKgjDlAAtO-psVZfeQxvugnY5tlgLcnJxQiD86HQuoXzXyeglmJlpS62Bkd5SwF3HiRWp9XGsdv1LRuO7eBuhiRXl-YnUiJrbGCFOXGF3o2fOJJlfufuQYCZ18idvjKqQOPu2yUUkmLkYG993tnmQ6e-XR452ChGg0kesqZovkTbYt_qHvTiNrHUlwzJvZgmTzeQ3cfiCYAhAIKz3ia30K6IMpHylz57C0_CAfYTD14sLGzh1PS0cPf1jlai1THXhl-rpeVUoOpcpjbz5YMojkgaaNf_blEBxshWtZVdRNas9m9DQVEyW6B5dVEfH7FFCjkMhuJFYiTh9dnR9VVF8b89EKKjqx1lX-8XT7UW2bGuZzIU9NiMu3Rn6sZHHFd6bjw4iaUEQMZI41ynOGvYd-DxwLFIS-gFb0qo1Dt_nRCpk_NfXZtEECtJjksoQm1GjcJyOvCH_AcCXy5sP7IfBcRJVvX0dYdOWbdbt9Jokp_YO22HeZNX8kPzrjVgSrEGYTvhv4L3ItpRy42UELEuP7N2BbItPdX_IQtm_X-86nZZ6dL19cqabe6XGMDUAxVbo5GaCBFqpyDo5Ncsu18111EuOZwQAHuqoWfjuZl87Fy63k3JPiI0PksQ&lptoken=1707347f825f9007929e
Requested by
Host: gauts-lwt.com
URL: https://gauts-lwt.com/zclkvisitor/9f635b45-bffb-11ef-867c-12dc9d01541b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=30702cd0-d912-11ed-91bc-0a918cbcbb97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3b01b37927b78ce875fbdd9798d78c8657eaa02bfe297e7e87d74f54436ccab

Request headers

Referer
https://gauts-lwt.com/zclkvisitor/9f635b45-bffb-11ef-867c-12dc9d01541b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=30702cd0-d912-11ed-91bc-0a918cbcbb97
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f5bfd9acbd58649-PER
content-encoding
zstd
content-type
text/html
date
Sun, 22 Dec 2024 00:28:14 GMT
last-modified
Wed, 15 Nov 2023 16:16:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fW9UA6ZppZJ1qURqdgAvn7IjqQLEPZuw0OpYfPAW%2Fo2eTyspsD8Iu6y5FRAHjrgTVMvyW6WlCk482SGpDqgke3bJm16byCqO9r9HyOgXhiL3Nrr%2Bm4z7zxnnSWsQLEyt"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=47769&min_rtt=47586&rtt_var=7617&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4163&recv_bytes=5101&delivery_rate=384&cwnd=12000&unsent_bytes=0&cid=f6dfcbc023a40fff&ts=703&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
date
Sun, 22 Dec 2024 00:28:13 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://tcexdfkbr.com/en/imitate/?brand=Apple&model=iPhone&cep=0tHt23nY_OJh4U7zsnzKCkxagZiXMpPKgjDlAAtO-psVZfeQxvugnY5tlgLcnJxQiD86HQuoXzXyeglmJlpS62Bkd5SwF3HiRWp9XGsdv1LRuO7eBuhiRXl-YnUiJrbGCFOXGF3o2fOJJlfufuQYCZ18idvjKqQOPu2yUUkmLkYG993tnmQ6e-XR452ChGg0kesqZovkTbYt_qHvTiNrHUlwzJvZgmTzeQ3cfiCYAhAIKz3ia30K6IMpHylz57C0_CAfYTD14sLGzh1PS0cPf1jlai1THXhl-rpeVUoOpcpjbz5YMojkgaaNf_blEBxshWtZVdRNas9m9DQVEyW6B5dVEfH7FFCjkMhuJFYiTh9dnR9VVF8b89EKKjqx1lX-8XT7UW2bGuZzIU9NiMu3Rn6sZHHFd6bjw4iaUEQMZI41ynOGvYd-DxwLFIS-gFb0qo1Dt_nRCpk_NfXZtEECtJjksoQm1GjcJyOvCH_AcCXy5sP7IfBcRJVvX0dYdOWbdbt9Jokp_YO22HeZNX8kPzrjVgSrEGYTvhv4L3ItpRy42UELEuP7N2BbItPdX_IQtm_X-86nZZ6dL19cqabe6XGMDUAxVbo5GaCBFqpyDo5Ncsu18111EuOZwQAHuqoWfjuZl87Fy63k3JPiI0PksQ&lptoken=1707347f825f9007929e
pragma
no-cache
server
nginx
via
1.1 61770d955dae13eda6e8f1b3baae4d1e.cloudfront.net (CloudFront)
x-amz-cf-id
x0SMxTkN6IXKlzsLytKJ2uqd7YcQNVu8e5n4efz6vAM3QVGlOUprUQ==
x-amz-cf-pop
SFO53-C1
x-cache
Miss from cloudfront
icon.png
tcexdfkbr.com/en/imitate/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tcexdfkbr.com/en/imitate/icon.png
Requested by
Host: tcexdfkbr.com
URL: https://tcexdfkbr.com/en/imitate/?brand=Apple&model=iPhone&cep=0tHt23nY_OJh4U7zsnzKCkxagZiXMpPKgjDlAAtO-psVZfeQxvugnY5tlgLcnJxQiD86HQuoXzXyeglmJlpS62Bkd5SwF3HiRWp9XGsdv1LRuO7eBuhiRXl-YnUiJrbGCFOXGF3o2fOJJlfufuQYCZ18idvjKqQOPu2yUUkmLkYG993tnmQ6e-XR452ChGg0kesqZovkTbYt_qHvTiNrHUlwzJvZgmTzeQ3cfiCYAhAIKz3ia30K6IMpHylz57C0_CAfYTD14sLGzh1PS0cPf1jlai1THXhl-rpeVUoOpcpjbz5YMojkgaaNf_blEBxshWtZVdRNas9m9DQVEyW6B5dVEfH7FFCjkMhuJFYiTh9dnR9VVF8b89EKKjqx1lX-8XT7UW2bGuZzIU9NiMu3Rn6sZHHFd6bjw4iaUEQMZI41ynOGvYd-DxwLFIS-gFb0qo1Dt_nRCpk_NfXZtEECtJjksoQm1GjcJyOvCH_AcCXy5sP7IfBcRJVvX0dYdOWbdbt9Jokp_YO22HeZNX8kPzrjVgSrEGYTvhv4L3ItpRy42UELEuP7N2BbItPdX_IQtm_X-86nZZ6dL19cqabe6XGMDUAxVbo5GaCBFqpyDo5Ncsu18111EuOZwQAHuqoWfjuZl87Fy63k3JPiI0PksQ&lptoken=1707347f825f9007929e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae5f00ff823451639b66cb0ea59c4e62f89ca43ab299e978bfdae02a163abfba

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://tcexdfkbr.com/en/imitate/?brand=Apple&model=iPhone&cep=0tHt23nY_OJh4U7zsnzKCkxagZiXMpPKgjDlAAtO-psVZfeQxvugnY5tlgLcnJxQiD86HQuoXzXyeglmJlpS62Bkd5SwF3HiRWp9XGsdv1LRuO7eBuhiRXl-YnUiJrbGCFOXGF3o2fOJJlfufuQYCZ18idvjKqQOPu2yUUkmLkYG993tnmQ6e-XR452ChGg0kesqZovkTbYt_qHvTiNrHUlwzJvZgmTzeQ3cfiCYAhAIKz3ia30K6IMpHylz57C0_CAfYTD14sLGzh1PS0cPf1jlai1THXhl-rpeVUoOpcpjbz5YMojkgaaNf_blEBxshWtZVdRNas9m9DQVEyW6B5dVEfH7FFCjkMhuJFYiTh9dnR9VVF8b89EKKjqx1lX-8XT7UW2bGuZzIU9NiMu3Rn6sZHHFd6bjw4iaUEQMZI41ynOGvYd-DxwLFIS-gFb0qo1Dt_nRCpk_NfXZtEECtJjksoQm1GjcJyOvCH_AcCXy5sP7IfBcRJVvX0dYdOWbdbt9Jokp_YO22HeZNX8kPzrjVgSrEGYTvhv4L3ItpRy42UELEuP7N2BbItPdX_IQtm_X-86nZZ6dL19cqabe6XGMDUAxVbo5GaCBFqpyDo5Ncsu18111EuOZwQAHuqoWfjuZl87Fy63k3JPiI0PksQ&lptoken=1707347f825f9007929e

Response headers

cf-cache-status
HIT
etag
"64ede9e4-1769"
age
6545
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oZx0As%2B8YphmkHN0uDKXhCUiaWkCmPoQj%2FzzsLH9xoOZ0VXOjtq2G5Nxv3Gbs7HWtia6KY2Gk35RTtox%2BQfuek45hH%2Fe4%2FrWBU0KsgvQuJ5qPYi6n69Mo%2BDMs8DYWSu0"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47839&min_rtt=47586&rtt_var=3333&sent=18&recv=13&lost=0&retrans=0&sent_bytes=8648&recv_bytes=6147&delivery_rate=93175&cwnd=12000&unsent_bytes=0&cid=f6dfcbc023a40fff&ts=774&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 22 Dec 2024 00:28:14 GMT
content-type
image/png
last-modified
Tue, 29 Aug 2023 12:51:48 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f5bfd9f3f1e8649-PER
accept-ranges
bytes
content-length
5993
server
cloudflare
alert.mp3
tcexdfkbr.com/en/imitate/sounds/ 		146 B
779 B 		Media
General
Check archive.org
Download Go to
Full URL
https://tcexdfkbr.com/en/imitate/sounds/alert.mp3
Requested by
Host: tcexdfkbr.com
URL: https://tcexdfkbr.com/en/imitate/?brand=Apple&model=iPhone&cep=0tHt23nY_OJh4U7zsnzKCkxagZiXMpPKgjDlAAtO-psVZfeQxvugnY5tlgLcnJxQiD86HQuoXzXyeglmJlpS62Bkd5SwF3HiRWp9XGsdv1LRuO7eBuhiRXl-YnUiJrbGCFOXGF3o2fOJJlfufuQYCZ18idvjKqQOPu2yUUkmLkYG993tnmQ6e-XR452ChGg0kesqZovkTbYt_qHvTiNrHUlwzJvZgmTzeQ3cfiCYAhAIKz3ia30K6IMpHylz57C0_CAfYTD14sLGzh1PS0cPf1jlai1THXhl-rpeVUoOpcpjbz5YMojkgaaNf_blEBxshWtZVdRNas9m9DQVEyW6B5dVEfH7FFCjkMhuJFYiTh9dnR9VVF8b89EKKjqx1lX-8XT7UW2bGuZzIU9NiMu3Rn6sZHHFd6bjw4iaUEQMZI41ynOGvYd-DxwLFIS-gFb0qo1Dt_nRCpk_NfXZtEECtJjksoQm1GjcJyOvCH_AcCXy5sP7IfBcRJVvX0dYdOWbdbt9Jokp_YO22HeZNX8kPzrjVgSrEGYTvhv4L3ItpRy42UELEuP7N2BbItPdX_IQtm_X-86nZZ6dL19cqabe6XGMDUAxVbo5GaCBFqpyDo5Ncsu18111EuOZwQAHuqoWfjuZl87Fy63k3JPiI0PksQ&lptoken=1707347f825f9007929e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Request headers

Referer
https://tcexdfkbr.com/en/imitate/?brand=Apple&model=iPhone&cep=0tHt23nY_OJh4U7zsnzKCkxagZiXMpPKgjDlAAtO-psVZfeQxvugnY5tlgLcnJxQiD86HQuoXzXyeglmJlpS62Bkd5SwF3HiRWp9XGsdv1LRuO7eBuhiRXl-YnUiJrbGCFOXGF3o2fOJJlfufuQYCZ18idvjKqQOPu2yUUkmLkYG993tnmQ6e-XR452ChGg0kesqZovkTbYt_qHvTiNrHUlwzJvZgmTzeQ3cfiCYAhAIKz3ia30K6IMpHylz57C0_CAfYTD14sLGzh1PS0cPf1jlai1THXhl-rpeVUoOpcpjbz5YMojkgaaNf_blEBxshWtZVdRNas9m9DQVEyW6B5dVEfH7FFCjkMhuJFYiTh9dnR9VVF8b89EKKjqx1lX-8XT7UW2bGuZzIU9NiMu3Rn6sZHHFd6bjw4iaUEQMZI41ynOGvYd-DxwLFIS-gFb0qo1Dt_nRCpk_NfXZtEECtJjksoQm1GjcJyOvCH_AcCXy5sP7IfBcRJVvX0dYdOWbdbt9Jokp_YO22HeZNX8kPzrjVgSrEGYTvhv4L3ItpRy42UELEuP7N2BbItPdX_IQtm_X-86nZZ6dL19cqabe6XGMDUAxVbo5GaCBFqpyDo5Ncsu18111EuOZwQAHuqoWfjuZl87Fy63k3JPiI0PksQ&lptoken=1707347f825f9007929e
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Range
bytes=0-

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LVtj09ULCy3SR7EztaNsz2FKV19Kblm55ofuENHFsDqIDM93vOE1qQAx3TzwP1AqESOKxcjgSoYvMCOexq9C9nCcJRy7%2FVhUXbZiB4nks943Hr3ufi0fqP2ptiAb3456"}],"group":"cf-nel","max_age":604800}
cf-ray
8f5bfd9f7f558649-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=50808&min_rtt=47586&rtt_var=5871&sent=25&recv=17&lost=0&retrans=0&sent_bytes=15481&recv_bytes=7175&delivery_rate=119862&cwnd=12000&unsent_bytes=0&cid=f6dfcbc023a40fff&ts=1464&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 22 Dec 2024 00:28:15 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
favicon.ico
tcexdfkbr.com/ 		146 B
747 B 		Other
General
Check archive.org
Download Go to
Full URL
https://tcexdfkbr.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.199.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://tcexdfkbr.com/en/imitate/?brand=Apple&model=iPhone&cep=0tHt23nY_OJh4U7zsnzKCkxagZiXMpPKgjDlAAtO-psVZfeQxvugnY5tlgLcnJxQiD86HQuoXzXyeglmJlpS62Bkd5SwF3HiRWp9XGsdv1LRuO7eBuhiRXl-YnUiJrbGCFOXGF3o2fOJJlfufuQYCZ18idvjKqQOPu2yUUkmLkYG993tnmQ6e-XR452ChGg0kesqZovkTbYt_qHvTiNrHUlwzJvZgmTzeQ3cfiCYAhAIKz3ia30K6IMpHylz57C0_CAfYTD14sLGzh1PS0cPf1jlai1THXhl-rpeVUoOpcpjbz5YMojkgaaNf_blEBxshWtZVdRNas9m9DQVEyW6B5dVEfH7FFCjkMhuJFYiTh9dnR9VVF8b89EKKjqx1lX-8XT7UW2bGuZzIU9NiMu3Rn6sZHHFd6bjw4iaUEQMZI41ynOGvYd-DxwLFIS-gFb0qo1Dt_nRCpk_NfXZtEECtJjksoQm1GjcJyOvCH_AcCXy5sP7IfBcRJVvX0dYdOWbdbt9Jokp_YO22HeZNX8kPzrjVgSrEGYTvhv4L3ItpRy42UELEuP7N2BbItPdX_IQtm_X-86nZZ6dL19cqabe6XGMDUAxVbo5GaCBFqpyDo5Ncsu18111EuOZwQAHuqoWfjuZl87Fy63k3JPiI0PksQ&lptoken=1707347f825f9007929e

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
EXPIRED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JLfivqRJKCK7sxegUx6NM1WgH%2BYKUqXsKBL9tnuqiXgUwqw1I0dlX8y993zL9nckNvuUTJQs9o6%2B5b8rnb3Np6gEE0XfgSgAJQwuH9AxAsNqJlekx%2ByCKLPyuju2gNCf"}],"group":"cf-nel","max_age":604800}
cf-ray
8f5bfda3faac8649-PER
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=50443&min_rtt=47586&rtt_var=5133&sent=27&recv=18&lost=0&retrans=0&sent_bytes=16306&recv_bytes=8131&delivery_rate=15370&cwnd=12000&unsent_bytes=0&cid=f6dfcbc023a40fff&ts=2166&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 22 Dec 2024 00:28:15 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| contains function| getURLParameter string| alertText

1 Cookies

Domain/Path Name / Value
.my.toruftuiov.com/ Name: cep-v4
Value: 0tHt23nY_OJh4U7zsnzKCkxagZiXMpPKgjDlAAtO-psVZfeQxvugnY5tlgLcnJxQiD86HQuoXzXyeglmJlpS62Bkd5SwF3HiRWp9XGsdv1LRuO7eBuhiRXl-YnUiJrbGCFOXGF3o2fOJJlfufuQYCZ18idvjKqQOPu2yUUkmLkYG993tnmQ6e-XR452ChGg0kesqZovkTbYt_qHvTiNrHUlwzJvZgmTzeQ3cfiCYAhAIKz3ia30K6IMpHylz57C0_CAfYTD14sLGzh1PS0cPf1jlai1THXhl-rpeVUoOpcpjbz5YMojkgaaNf_blEBxshWtZVdRNas9m9DQVEyW6B5dVEfH7FFCjkMhuJFYiTh9dnR9VVF8b89EKKjqx1lX-8XT7UW2bGuZzIU9NiMu3Rn6sZHHFd6bjw4iaUEQMZI41ynOGvYd-DxwLFIS-gFb0qo1Dt_nRCpk_NfXZtEECtJjksoQm1GjcJyOvCH_AcCXy5sP7IfBcRJVvX0dYdOWbdbt9Jokp_YO22HeZNX8kPzrjVgSrEGYTvhv4L3ItpRy42UELEuP7N2BbItPdX_IQtm_X-86nZZ6dL19cqabe6XGMDUAxVbo5GaCBFqpyDo5Ncsu18111EuOZwQAHuqoWfjuZl87Fy63k3JPiI0PksQ

3 Console Messages

Source Level URL
Text
rendering warning URL: https://gauts-lwt.com/zclkvisitor/9f635b45-bffb-11ef-867c-12dc9d01541b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=30702cd0-d912-11ed-91bc-0a918cbcbb97
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0301D001C000000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://tcexdfkbr.com/en/imitate/sounds/alert.mp3
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tcexdfkbr.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()