venicefuries.xyz Open in urlscan Pro
2606:4700:3032::6815:3dc9 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://debhj.blob.core.windows.net/ndejk/13776.html
Effective URL:
https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803...
Submission: On July 22 via api (July 22nd 2024, 2:37:45 pm UTC) from US — Scanned from US

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 6 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3032::6815:3dc9, located in United States and belongs to CLOUDFLARENET, US. The main domain is venicefuries.xyz.
TLS certificate: Issued by WE1 on July 12th 2024. Valid for: 3 months.

This is the only time venicefuries.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
2	52.239.221.226 52.239.221.226	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	216.107.139.83 216.107.139.83	396356 (LATITUDE-SH) (LATITUDE-SH)
1 1	2606:4700:303... 2606:4700:3037::6815:52a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 20	2606:4700:303... 2606:4700:3032::6815:3dc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:5d7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	5

2 52.239.221.226 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

debhj.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.107.139.83 (New York, United States) 1 redirects

ASN396356 (LATITUDE-SH, US)

www.brightsideclub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:52a8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.directthruredir3ct.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:3032::6815:3dc9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

venicefuries.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:5d7a (United States)

ASN13335 (CLOUDFLARENET, US)

trk-consulatu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	venicefuries.xyz 1 redirects venicefuries.xyz	769 KB
2	windows.net debhj.blob.core.windows.net	1 KB
1	trk-consulatu.com trk-consulatu.com — Cisco Umbrella Rank: 116157	3 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1950
1	directthruredir3ct.com 1 redirects www.directthruredir3ct.com	870 B
1	brightsideclub.com 1 redirects www.brightsideclub.com	390 B
25	6

	Domain	Requested by
20	venicefuries.xyz	1 redirects venicefuries.xyz
2	debhj.blob.core.windows.net
1	trk-consulatu.com	venicefuries.xyz
1	use.fontawesome.com	venicefuries.xyz
1	www.directthruredir3ct.com	1 redirects
1	www.brightsideclub.com	1 redirects
25	6

This site contains no links.

Subject Issuer	Validity	Valid
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2023-09-27` - `2024-09-27`	a year	crt.sh
venicefuries.xyz WE1	`2024-07-12` - `2024-10-10`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
trk-consulatu.com WE1	`2024-06-20` - `2024-09-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
Frame ID: F2BADDFB2FF8AA493002C8A734E22349
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Survey Rewards

Page URL History Show full URLs

https://debhj.blob.core.windows.net/ndejk/13776.html Page URL
https://www.brightsideclub.com/JS7myIhukp4Pg6mSoAqORaT7kGT-7JmYvpLqMhLM3JRKXDOriDWH56hlHC-nPZUoDhFrBpwnJSd9... HTTP 302
https://www.directthruredir3ct.com/2JJ31C8/ZNPJN9B/?sub1=823558&sub2=766910559 HTTP 302
https://venicefuries.xyz/5gA7A1WyvB/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5... HTTP 302
http://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&sour... HTTP 307
https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&sour... Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

25
Requests

92 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

5
IPs

1
Countries

773 kB
Transfer

1220 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://debhj.blob.core.windows.net/ndejk/13776.html Page URL
https://www.brightsideclub.com/JS7myIhukp4Pg6mSoAqORaT7kGT-7JmYvpLqMhLM3JRKXDOriDWH56hlHC-nPZUoDhFrBpwnJSd9eCCuj7GPxg~~ HTTP 302
https://www.directthruredir3ct.com/2JJ31C8/ZNPJN9B/?sub1=823558&sub2=766910559 HTTP 302
https://venicefuries.xyz/5gA7A1WyvB/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com HTTP 302
http://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com HTTP 307
https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 13776.html Show response
debhj.blob.core.windows.net/ndejk/ 250 B
653 B 628ms
176ms Document
text/html 52.239.221.226
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://debhj.blob.core.windows.net/ndejk/13776.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.221.226 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: bff891dbf6e1e1980fa444dfeff40e84848b3f22008a81179dd675897573447e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 250
Content-MD5: SaMrIXA7FAIRIap+jvE/4w==
Content-Type: text/html
Date: Mon, 22 Jul 2024 14:37:40 GMT
ETag: 0x8DCAA57C603AFD5
Last-Modified: Mon, 22 Jul 2024 14:08:34 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: ad3bf3de-601e-003d-0544-dcbe84000000
x-ms-version: 2009-09-19

GET
H3

200

Primary Request / Show response
venicefuries.xyz/
Redirect Chain

https://www.brightsideclub.com/JS7myIhukp4Pg6mSoAqORaT7kGT-7JmYvpLqMhLM3JRKXDOriDWH56hlHC-nPZUoDhFrBpwnJSd9eCCuj7GPxg~~
https://www.directthruredir3ct.com/2JJ31C8/ZNPJN9B/?sub1=823558&sub2=766910559
https://venicefuries.xyz/5gA7A1WyvB/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
http://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com

29 KB
5 KB

243ms
242ms

Document
text/html

2606:4700:3032::6815:3dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:3dc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd432014015749cf6cf585152b407578a1b8f492bd534d45cdda2202eb8cf070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://debhj.blob.core.windows.net/ndejk/13776.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 8a742b9deaee8c69-EWR
content-encoding: br
content-type: text/html
date: Mon, 22 Jul 2024 14:37:44 GMT
expires: Mon, 22 Jul 2024 14:37:43 GMT
last-modified: Wed, 28 Feb 2024 00:10:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: interest-cohort=()
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2FL2UqCH2f6nPes41xxk7X8nAvbxSbWwazWEFEhUz9Ili6YZgr1aSqKQT%2FTkoeN%2F6iNuHAVxmPGLBRsz0mlr5bu7JoASgFoazwC%2BtJVGD85%2FcT9sEBLfj%2F7bJOlrKwqW2sfsPTdCs2ZAASnBI%2FNL"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
Non-Authoritative-Reason: HSTS

GET
H/1.1 400
One of the request inputs is out of range. favicon.ico
debhj.blob.core.windows.net/ 226 B
485 B 93ms
93ms Other
application/xml 52.239.221.226
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://debhj.blob.core.windows.net/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.239.221.226 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Referer: https://debhj.blob.core.windows.net/ndejk/13776.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-request-id: ad3bf537-601e-003d-4844-dcbe84000000
Date: Mon, 22 Jul 2024 14:37:40 GMT
Server: Blob Service Version 1.0 Microsoft-HTTPAPI/2.0
Content-Length: 226
Content-Type: application/xml

GET
H3 200 style.css
venicefuries.xyz/css/ 15 KB
4 KB 172ms
171ms Stylesheet
text/css 2606:4700:3032::6815:3dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://venicefuries.xyz/css/style.css

Requested by

Host: venicefuries.xyz
URL: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:3dc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25f0ba58034d30ccc00d3729101232d003487e5232f9822876b0267a66fdfa8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 14:37:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 28 Feb 2024 00:10:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65de79e2-3d2a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=neSTBdvy6S9wWzBqoTXEjH8hWU0Xjr4fc2jm1QzymE9Yd%2B3aiz5KDh%2FW5vlWjDnW9qmUfy9c416MQc48Kihj556cipIrt%2BbuFq0BSrxwhcxVu79dMV9%2BwwiKe9yPR8kH1jz888goWbMxUPNSW9GR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8a742b9facf38c69-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 22 Jul 2024 14:37:43 GMT

GET
H3 200 animate.min.css
venicefuries.xyz/css/ 70 KB
6 KB 256ms
255ms Stylesheet
text/css 2606:4700:3032::6815:3dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://venicefuries.xyz/css/animate.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:3dc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 14:37:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 28 Feb 2024 00:10:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65de79e2-11846"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V0u%2B0j%2F7Cx6IlLeKt2XsNwLOPdE6MvmHMg%2Bqi1NL1Ci7xBbPcNaBWOT1bkOdBnQkyim1PnwqHVxoj%2FQtrO0JflEnnUBKZiKIC65nV9QQRG%2BWdVj77fMywhVBNQlXSG6bBU5pQ%2Ftg7CEwUs44Qywk"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8a742b9facf78c69-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 22 Jul 2024 14:37:43 GMT

GET
H2 200 all.js
use.fontawesome.com/releases/v5.15.4/js/ 97 KB
0 711ms
134ms Script
application/javascript 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.4/js/all.js
Requested by: Host: venicefuries.xyz
URL: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://venicefuries.xyz/
Origin: https://venicefuries.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 14:37:45 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 303697
etag: W/"5e29440867fdb02a48dffded02338c31"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sL6ydz3Ztwzo8UYRHwKMdfUKq6tZH%2BLPo2lkitXfQiuBTx4n0LSykSjpNcl8tCI3%2B3Tkp%2B1drqhXdovRgPBJXurfCBbELUPHb3jYCCnHCWXn69i4swns1DI%2BdUUf3xjBZX%2FPnAYPLecLzCaeSXJuiQHn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 8a742ba4ee3541de-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 datehead.js Show response
venicefuries.xyz/js/ 2 KB
1 KB 258ms
257ms Script
application/javascript 2606:4700:3032::6815:3dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://venicefuries.xyz/js/datehead.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:3dc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a45cef5e46aa1a339428e2ad060b97029c6e4470bff8b15d6a04c1d614d7b791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 14:37:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 28 Feb 2024 00:10:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65de79e2-99c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2BcR0%2FPB1Xqe%2FimrhKUedIu%2F0f5lg98NXd9PzZdWvZ99WIjCWMk8fdF24WBe%2FV3nMf4FqiDwxY7Zol5%2FRCtUmYMeALkNeDQLiGIiIdCMYOlpiiYBVUOLTMkqhUZDy83iRKK6w8pglSaiCFwZLev8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8a742b9facfb8c69-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 22 Jul 2024 14:37:43 GMT

GET
H3 200 logo.png
venicefuries.xyz/images/ 8 KB
9 KB 171ms
170ms Image
image/png 2606:4700:3032::6815:3dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicefuries.xyz/images/logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:3dc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1e617a903f71d9dd18155c7d58b363adccb2c7a44791ffee539a374d25710b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 14:37:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 8543
last-modified: Wed, 28 Feb 2024 00:10:11 GMT
server: cloudflare
etag: "65de79e3-215f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YLhoG0Q%2Bm%2FybgFqdcjZ2%2FGpvhW0UvHKx06KAXcTH3qyOi0DIzIjMp9T7yeZzA4K4xcAyCXKiMujtHdd0T9r0Idtgm8E%2FNKpcialAji34KSe0SkwLPJC%2F4ccIMl9rTGdtvGncm1uVHo0B6u%2FLT74g"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a742b9facfc8c69-EWR
expires: Mon, 22 Jul 2024 14:37:43 GMT

GET
H3 200 flaglogo.png
venicefuries.xyz/images/ 2 KB
2 KB 258ms
257ms Image
image/png 2606:4700:3032::6815:3dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicefuries.xyz/images/flaglogo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:3dc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb97f1ceb86cf65febe6fc09278d503747f140e18297b6da6ee4bdcd41479f43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 14:37:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1781
last-modified: Wed, 28 Feb 2024 00:10:12 GMT
server: cloudflare
etag: "65de79e4-6f5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BjaIBg6XDZYDI3DNJZj%2FxCbDTq%2BZ1pXoLPDNhlypNhHnGIe9%2BvdHHRIbPQrVryLLknVP543GZ1Ei31um%2BJ4omrSESbnOlDbfCPhaH%2BxQ1%2BKHhTV48TF%2FTGBqP7ZLm7NLCiS8U5Jxmbf1C0aBEpSE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a742b9facfe8c69-EWR
expires: Mon, 22 Jul 2024 14:37:43 GMT

GET
H3 200 product.png
venicefuries.xyz/images/ 203 KB
204 KB 171ms
170ms Image
image/png 2606:4700:3032::6815:3dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicefuries.xyz/images/product.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:3dc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dee8a0808bb4da85e2b5fa3009a4589c87ee7474108585f7dda8202f67b5825

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 14:37:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 207991
last-modified: Wed, 28 Feb 2024 00:10:11 GMT
server: cloudflare
etag: "65de79e3-32c77"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GyHzdF5TghivtH6nkyD2UBjPEnPYwNoyHgvgh76%2FABSmvImyQ6zUhbe9V0Hktb3qnvuJT0TLnv0XzbXeP7hjYW34BhS4vsn8Zn7nk2KB943Cl59zJc18QJl5coJSYe8TAdFyhSQ%2BbM4ZSIE3fDN1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a742ba14ef68c69-EWR
expires: Mon, 22 Jul 2024 14:37:43 GMT

GET
H3 200 loadingBL.gif
venicefuries.xyz/images/ 118 KB
118 KB 256ms
256ms Image
image/gif 2606:4700:3032::6815:3dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicefuries.xyz/images/loadingBL.gif

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:3dc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58669c15b15430de02d4aa06b4e725ad0763e1edcd99f946d998dfa9b350c699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 14:37:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 120380
last-modified: Wed, 28 Feb 2024 00:10:11 GMT
server: cloudflare
etag: "65de79e3-1d63c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ubplwEKh57G9XNCF9%2Bw1qYAxJR8gp3Pit%2B5SD7c6ci0utPnJQ8buvYHZjbl%2Biou8qLBb65LJ6oGnjvy3Dx6iv4tH8vCpqNan41p1%2BQ%2FVSdt3lZot%2BmoieN8sDHF1bqYXIPbUdBr8TCZfTTeShAfD"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a742ba14ef98c69-EWR
expires: Mon, 22 Jul 2024 14:37:43 GMT

GET
H3 200 prize1.png
venicefuries.xyz/images/ 205 KB
206 KB 342ms
340ms Image
image/png 2606:4700:3032::6815:3dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicefuries.xyz/images/prize1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:3dc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9df25f929c635ea6775d4fadbe5697c039ed5132658d35d524830d2c1590c31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 14:37:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 210017
last-modified: Wed, 28 Feb 2024 00:10:11 GMT
server: cloudflare
etag: "65de79e3-33461"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iK5OEulxRH%2B561HcA1kk%2FGl0e%2BW3P7cIem3QClhLGB28HkjBTDeiBQI%2FzVf8OsVSCxVv35poPBI17gXSeEgFaZlqqNtgRS3taRKQNB0m78i052nNxjBUwVzO6cb8fug6mW7RLniD5KTz4HPpyaS%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a742ba14eff8c69-EWR
expires: Mon, 22 Jul 2024 14:37:43 GMT

GET
H3 200 1.jpg
venicefuries.xyz/images/ 43 KB
43 KB 342ms
338ms Image
image/jpeg 2606:4700:3032::6815:3dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicefuries.xyz/images/1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:3dc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa34fa4a45cf0e1071529b887e64627c4d6019ae03f1c1adb18f292585eafad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 14:37:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 43861
last-modified: Wed, 28 Feb 2024 00:10:12 GMT
server: cloudflare
etag: "65de79e4-ab55"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lOuDB6zuBxRN%2BA4wMJIb4MtTdvg7PpXI2xMuA5alX%2FFncvl7JroJxwaoftVLnx%2FT1J36NKDxHhqaGzuwmjYdRson3ocpxXHAm3t8JH8%2FVvAgDFVKMZYnsiCHKOD6%2BXGbTqQMYLNrGgKKeWzVbK49"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a742ba15f0d8c69-EWR
expires: Mon, 22 Jul 2024 14:37:43 GMT

GET
H3 200 2.jpg
venicefuries.xyz/images/ 31 KB
32 KB 258ms
254ms Image
image/jpeg 2606:4700:3032::6815:3dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicefuries.xyz/images/2.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:3dc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

385528b5f550aa72947c3906f4d50ae4f478c5eef8cb6526229c88ce43261443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 14:37:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 31837
last-modified: Wed, 28 Feb 2024 00:10:12 GMT
server: cloudflare
etag: "65de79e4-7c5d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FRacwpnHT%2FK6naF7bqKcCqdp49azZrGDCQbUY7HCszUT5UuKKGu31cwYWpz0t%2FMdY0QAH616QnBxR4tlnO9k%2FzAXeKbHSnKVTQPYZ2CnLIZ02TEmCNtWXusvLtCoeHowwUYIdRCJqwC7zN7Pxyvk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a742ba15f0e8c69-EWR
expires: Mon, 22 Jul 2024 14:37:43 GMT

GET
H3 200 comm_pic_1.jpg
venicefuries.xyz/images/ 110 KB
110 KB 259ms
256ms Image
image/jpeg 2606:4700:3032::6815:3dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicefuries.xyz/images/comm_pic_1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:3dc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6aea3c07288caf07a7decf4f1d8d1cbf202394255169570f5205af4a553d899

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 14:37:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 112438
last-modified: Wed, 28 Feb 2024 00:10:12 GMT
server: cloudflare
etag: "65de79e4-1b736"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Auk%2BHP7yYcSfAqKltCx%2BUm4qmsNBaIEQAwZGhMuBN0s7oO21OA7Q4rfgHTAhOeoIgJ%2BErIvSMx9GDcYFJpTKQ3juYvrSqf4mjCqsYPH9z4q%2BkDhEGFimihuLFv5DDtlYUNu0Uy5UBI3Wkekbz0N"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a742ba15f108c69-EWR
expires: Mon, 22 Jul 2024 14:37:43 GMT

GET
H3 200 3.jpg
venicefuries.xyz/images/ 49 KB
0 639ms
635ms Image
image/jpeg 2606:4700:3032::6815:3dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicefuries.xyz/images/3.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:3dc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 14:37:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 65241
last-modified: Wed, 28 Feb 2024 00:10:12 GMT
server: cloudflare
etag: "65de79e4-fed9"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TBVOS9UeGhflKA%2FIRPpl7Z3wk7sK4swIbliopIibTuRs%2FIVVlYThXVw2J%2FvZ0IUs%2B0i2UiE8TJ6r0S1y3czN4wJFr94Gheowk7sPxnA795Wm4uAgR9gwjjcdigD7Sjj4GAaKgIF0F22eXD%2Bjw1BN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a742ba15f118c69-EWR
expires: Mon, 22 Jul 2024 14:37:43 GMT

GET
H3 200 4.jpg
venicefuries.xyz/images/ 2 KB
0 640ms
637ms Image
image/jpeg 2606:4700:3032::6815:3dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicefuries.xyz/images/4.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:3dc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 14:37:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 37344
last-modified: Wed, 28 Feb 2024 00:10:11 GMT
server: cloudflare
etag: "65de79e3-91e0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JK7viiCCq38BbFtP2KFnSRt6PqpEtKzRMGSgQpT1MHebAOlLG4TM2yrPpkCJMM7j63mjrbUAWrUj1eHPQ7U483LIyFGidAe5F%2B%2FhHMI23PfM1JkL%2F0sdafbK6qI5rzi9LC0u9CBxZbPm6XVnqyGa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a742ba15f138c69-EWR
expires: Mon, 22 Jul 2024 14:37:43 GMT

GET comm_pic_2.jpg
venicefuries.xyz/images/ 0
0

GET 5.jpg
venicefuries.xyz/images/ 0
0

GET
H3 200 f_guarantee.png
venicefuries.xyz/images/ 6 KB
7 KB 647ms
645ms Image
image/png 2606:4700:3032::6815:3dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicefuries.xyz/images/f_guarantee.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:3dc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 14:37:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6352
last-modified: Wed, 28 Feb 2024 00:10:11 GMT
server: cloudflare
etag: "65de79e3-18d0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mXGUnJPO6Wqf7nwooFeJcNzdVDsBSuIpGXJf4k9fjt6BUB7ZJMQB%2BS%2B7ducGKWefSExDwvQ9tdHmYPp2IiHlahgoy4g36AuYEIdQcTxrNOTAlj7RDmqiUFEpG4IIWkIKWhvHlH0kD7y8MQQNB6Q5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a742ba15f178c69-EWR
expires: Mon, 22 Jul 2024 14:37:43 GMT

GET
H3 200 f_secure_1.png
venicefuries.xyz/images/ 10 KB
10 KB 647ms
645ms Image
image/png 2606:4700:3032::6815:3dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicefuries.xyz/images/f_secure_1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:3dc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 14:37:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 9862
last-modified: Wed, 28 Feb 2024 00:10:12 GMT
server: cloudflare
etag: "65de79e4-2686"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3wzZt0Frh%2FbVyf5C4dEIv88esi4qgrZWlCKNf5uoEsTp%2FieR1uH3ZjfC%2Bqy3jEE8h2I78fb%2FmsiJ5828nS%2FM1RLvOvFWQoo7CMLLhytshFQU3vuv0typUqNrESfiYKQvMmhZvPNG3eLBo2NfnV1Z"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a742ba15f198c69-EWR
expires: Mon, 22 Jul 2024 14:37:43 GMT

GET
H3 200 logo2.png
venicefuries.xyz/images/ 9 KB
10 KB 687ms
685ms Image
image/png 2606:4700:3032::6815:3dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicefuries.xyz/images/logo2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:3dc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46d008df1bea7669fe4503b6b2c4426728e44aacf5027308e823fffb2ac74c8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 14:37:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 9308
last-modified: Wed, 28 Feb 2024 00:10:12 GMT
server: cloudflare
etag: "65de79e4-245c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=buewj1zIo4SMvDjZApFNg4tXKpblN1Gb%2Buh4BjPaixsRRWkFcghDnxcwGg7efEIlGF0GGJsqu%2FE8NuKtbU7kjNoYeH417zmmOZO26fRrTUl%2BeUFBwxKpD%2BDYUcElAeJg71VUutphch9xmpPvgKhf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a742ba15f1b8c69-EWR
expires: Mon, 22 Jul 2024 14:37:43 GMT

GET
H3 200 script.js Show response
venicefuries.xyz/js/ 10 KB
2 KB 258ms
254ms Script
application/javascript 2606:4700:3032::6815:3dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://venicefuries.xyz/js/script.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:3dc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf4867fc01d3230bded46b43dc72e89a022f20e07eef4544d9a99f7e13146375

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 14:37:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 28 Feb 2024 00:10:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65de79e2-27b5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OmFmLFXg89nLTaCVz3JTmzhp3Z6%2BXKo2nU26m4Ylx9BEhmJR664Iglo7uoKKM%2BxN3S9WLeZpo52Y2GKZ8158hObd7YjkOBm7HE4dbUHIriKOkLmIphMDp7qRMQBZPe27uukWSe5tWLX3xkuPKw2x"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
permissions-policy: interest-cohort=()
cf-ray: 8a742ba15f098c69-EWR
alt-svc: h3=":443"; ma=86400
expires: Mon, 22 Jul 2024 14:37:43 GMT

GET
H3 200 64d5p99gj0 Show response
trk-consulatu.com/scripts/push/script/ 8 KB
3 KB 663ms
100ms Script
application/javascript 2606:4700:3033::6815:5d7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk-consulatu.com/scripts/push/script/64d5p99gj0?url=venicefuries.xyz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:5d7a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82679e8c686255f2fdb7daadaf2052a7a88e9246bf82caa5c285c72514d47c63

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://venicefuries.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 14:37:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1725
alt-svc: h3=":443"; ma=86400
content-length: 2520
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 22 Jul 2024 14:09:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/javascript;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kThYR7ZjXCHeoyTGwmcKj987xjnM9N6%2BSPWrXDZBBBwbgsbEPMzG%2BYzdiAgePlw7MusfU9JSTzXeSuzR3ZZBeW6EGwwmj%2FZN6MPyV9PRhYXxY9qGz7Uwt%2BFMe%2B%2F7h0JeB0q%2F%2FwqzoyZu9nCZM3KIjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, must-revalidate
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
accept-ranges: bytes
cf-ray: 8a742ba4dde4423e-EWR
expires: 0

GET
H3 200 bg.png
venicefuries.xyz/images/ 194 KB
0 707ms
706ms Image
image/png 2606:4700:3032::6815:3dc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://venicefuries.xyz/images/bg.png

Requested by

Host: venicefuries.xyz
URL: https://venicefuries.xyz/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:3dc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://venicefuries.xyz/css/style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 14:37:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1612392
last-modified: Wed, 28 Feb 2024 00:10:13 GMT
server: cloudflare
etag: "65de79e5-189a68"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Vi0ZFK%2FZt9Fm3T%2B282PYLoXONOY6roVHbUNKiZmRFdK2lyCtX7d4XYFBsPKP1bS%2FDZCe%2FkHuRyS1puR9MDCNij9%2FOcWQO%2FpmYEnfOxS9UD8OfKa8wNdeGZI35mKR7TLoEEwC1%2FqgHkUPYbnuJTH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache
permissions-policy: interest-cohort=()
accept-ranges: bytes
cf-ray: 8a742ba15f1d8c69-EWR
expires: Mon, 22 Jul 2024 14:37:43 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: venicefuries.xyz
URL: https://venicefuries.xyz/images/comm_pic_2.jpg

Domain: venicefuries.xyz
URL: https://venicefuries.xyz/images/5.jpg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.brightsideclub.com/	1969-12-31 23:59:59	Name: uid13776 Value: 766910559-20240722103742-89eb3f4574cb2f402124976e8afb20e0-
www.directthruredir3ct.com/	1970-01-20 22:15:45	Name: uniqueClick_ZNPJN9B Value: 89bd8712-5e49-4ff2-8609-509b18182ced:1721659062
www.directthruredir3ct.com/	1970-01-21 00:23:55	Name: transaction_id Value: f7f28ca3fcf645c08fcaa28ff2a36fed
venicefuries.xyz/	1969-12-31 23:59:59	Name: SESSIONIDS Value: 5gA7A1WyvB

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://debhj.blob.core.windows.net/favicon.ico Message: Failed to load resource: the server responded with a status of 400 (One of the request inputs is out of range.)
other	error	URL: https://venicefuries.xyz/?encoded_value=STPMF8&sub1=823558&sub2=766910559&sub3=&sub4=&sub5=15641&source_id=&ip=2600%3A803%3Aa88%3A3197%3A%3A197&domain=www.directthruredir3ct.com Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

debhj.blob.core.windows.net
trk-consulatu.com
use.fontawesome.com
venicefuries.xyz
www.brightsideclub.com
www.directthruredir3ct.com
venicefuries.xyz
216.107.139.83
2606:4700:3032::6815:3dc9
2606:4700:3033::6815:5d7a
2606:4700:3036::6815:1b98
2606:4700:3037::6815:52a8
52.239.221.226
25f0ba58034d30ccc00d3729101232d003487e5232f9822876b0267a66fdfa8d
385528b5f550aa72947c3906f4d50ae4f478c5eef8cb6526229c88ce43261443
46d008df1bea7669fe4503b6b2c4426728e44aacf5027308e823fffb2ac74c8a
58669c15b15430de02d4aa06b4e725ad0763e1edcd99f946d998dfa9b350c699
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
7dee8a0808bb4da85e2b5fa3009a4589c87ee7474108585f7dda8202f67b5825
82679e8c686255f2fdb7daadaf2052a7a88e9246bf82caa5c285c72514d47c63
a45cef5e46aa1a339428e2ad060b97029c6e4470bff8b15d6a04c1d614d7b791
b1e617a903f71d9dd18155c7d58b363adccb2c7a44791ffee539a374d25710b6
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
bff891dbf6e1e1980fa444dfeff40e84848b3f22008a81179dd675897573447e
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
cf4867fc01d3230bded46b43dc72e89a022f20e07eef4544d9a99f7e13146375
dd432014015749cf6cf585152b407578a1b8f492bd534d45cdda2202eb8cf070
e9df25f929c635ea6775d4fadbe5697c039ed5132658d35d524830d2c1590c31
eb97f1ceb86cf65febe6fc09278d503747f140e18297b6da6ee4bdcd41479f43
f6aea3c07288caf07a7decf4f1d8d1cbf202394255169570f5205af4a553d899
fa34fa4a45cf0e1071529b887e64627c4d6019ae03f1c1adb18f292585eafad7

venicefuries.xyz Open in urlscan Pro 2606:4700:3032::6815:3dc9 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

92 %HTTPS

67 %IPv6

6 Domains

6 Subdomains

5 IPs

1 Countries

773 kBTransfer

1220 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

29 JavaScript Global Variables

4 Cookies

2 Console Messages

Indicators

venicefuries.xyz Open in urlscan Pro
2606:4700:3032::6815:3dc9 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

92 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

5
IPs

1
Countries

773 kB
Transfer

1220 kB
Size

4
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!