my-update-info.com Open in urlscan Pro
2606:4700:3033::6815:2a0d Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://my-update-info.com/
Effective URL:
https://my-update-info.com/cgi-sys/defaultwebpage.cgi
Submission: On July 31 via api (July 31st 2024, 6:23:20 am UTC) from BE — Scanned from US

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3033::6815:2a0d, located in United States and belongs to CLOUDFLARENET, US. The main domain is my-update-info.com.
TLS certificate: Issued by WE1 on July 27th 2024. Valid for: 3 months.

This is the only time my-update-info.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 8	2606:4700:303... 2606:4700:3033::6815:2a0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:303... 2606:4700:3030::6815:5ded	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2

8 2606:4700:3033::6815:2a0d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

my-update-info.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3030::6815:5ded (United States)

ASN13335 (CLOUDFLARENET, US)

offsh.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	offsh.nl offsh.nl	14 KB
8	my-update-info.com 1 redirects my-update-info.com	15 KB
19	2

	Domain	Requested by
12	offsh.nl	my-update-info.com
8	my-update-info.com	1 redirects my-update-info.com
19	2

This site contains no links.

Subject Issuer	Validity	Valid
my-update-info.com WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
offsh.nl WE1	`2024-06-15` - `2024-09-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://my-update-info.com/cgi-sys/defaultwebpage.cgi
Frame ID: F368E460B69941F7F1FD3671E645CDBD
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

offsh.nl

Page URL History Show full URLs

https://my-update-info.com/ Page URL
https://my-update-info.com/cdn-cgi/phish-bypass?atok=ijCge8shS2C_9HYoWEghAJrp8LKxL.tA5QCMolyf1FI-172240... HTTP 301
https://my-update-info.com/ Page URL
https://my-update-info.com/cgi-sys/defaultwebpage.cgi Page URL

Page Statistics

19
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

29 kB
Transfer

68 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://my-update-info.com/ Page URL
https://my-update-info.com/cdn-cgi/phish-bypass?atok=ijCge8shS2C_9HYoWEghAJrp8LKxL.tA5QCMolyf1FI-1722406989-0.0.1.1-%2F HTTP 301
https://my-update-info.com/ Page URL
https://my-update-info.com/cgi-sys/defaultwebpage.cgi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://my-update-info.com/cdn-cgi/phish-bypass?atok=ijCge8shS2C_9HYoWEghAJrp8LKxL.tA5QCMolyf1FI-1722406989-0.0.1.1-%2F HTTP 301
https://my-update-info.com/

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 / Show response
my-update-info.com/ 4 KB
2 KB 122ms
15ms Document
text/html 2606:4700:3033::6815:2a0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my-update-info.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2a0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93867b18b61e33f34c85da02cb1e89d400979b455c229d80646f308d91a1661a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-ray: 8abb7f840f44c454-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 31 Jul 2024 06:23:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZcTBU6yuhhym4Uc5Zz59RxF%2B3EH5Q%2FYhqEdEoq2p85bDjQz6sRhBBoCjgs5BcPYSBecMDxkCaWGjzNU8tpCDEKgz%2FB43Rdy5xMml5d7n0OXvF55Tvd5DFgFibXNrCjZ6nLGJHw6ZYDXAp6cbZ3bX1uk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H3 200 cf.errors.css
my-update-info.com/cdn-cgi/styles/ 23 KB
5 KB 14ms
12ms Stylesheet
text/css 2606:4700:3033::6815:2a0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://my-update-info.com/cdn-cgi/styles/cf.errors.css

Requested by

Host: my-update-info.com
URL: https://my-update-info.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2a0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://my-update-info.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 06:23:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2024 16:34:40 GMT
server: cloudflare
etag: W/"669fdba0-5df3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 8abb7f844f56c454-EWR
expires: Wed, 31 Jul 2024 08:23:09 GMT

GET
H3 200 icon-exclamation.png
my-update-info.com/cdn-cgi/images/ 452 B
635 B 12ms
11ms Image
image/png 2606:4700:3033::6815:2a0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my-update-info.com/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: my-update-info.com
URL: https://my-update-info.com/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2a0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://my-update-info.com/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 06:23:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2024 16:34:40 GMT
server: cloudflare
etag: "669fdba0-1c4"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 8abb7f847f64c454-EWR
content-length: 452
expires: Wed, 31 Jul 2024 08:23:09 GMT

GET
H3 404 favicon.ico
my-update-info.com/ 10 KB
5 KB 386ms
385ms Other
text/html 2606:4700:3033::6815:2a0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my-update-info.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2a0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 628cefe8ba91525064abe9fd4d4cb8446ecd7451004fcf3da1bffe7bb5658f95

Request headers

Referer: https://my-update-info.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 06:23:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UMPv72%2Br5cq7AjfEAMNHmLDFRDoruh%2FcFzMW74kmhbKPAaXcYt6qqQwU1fBD7gQ6rNOfRnE9tOvfZOMuFYYg6g8TNVzJN8CM9%2F1z7UbRMNzkgXE4fgeJhfqvZsbrdlbAqSmaeRyFsrSp8WOGJ4zG%2BV0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 8abb7f849f75c454-EWR
alt-svc: h3=":443"; ma=86400

GET
H3

200

/ Show response
my-update-info.com/
Redirect Chain

https://my-update-info.com/cdn-cgi/phish-bypass?atok=ijCge8shS2C_9HYoWEghAJrp8LKxL.tA5QCMolyf1FI-1722406989-0.0.1.1-%2F
https://my-update-info.com/

163 B
574 B

306ms
306ms

Document
text/html

2606:4700:3033::6815:2a0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my-update-info.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2a0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9278d16ed2fdcd5dc651615b0b8adc6b55fb667a9d106a9891b861d4561d9a24

Request headers

Referer: https://my-update-info.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8abb7fa3e915c454-EWR
content-encoding: br
content-type: text/html
date: Wed, 31 Jul 2024 06:23:14 GMT
last-modified: Sat, 10 Oct 2020 19:37:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2rJEUfs3ibSnT8%2BJFkfgr9yIEgnfsffzad03%2FAB%2F2yFiJIyzMlei11GYPxWe24dA1iQqfwZYT%2Fwp56iDUD%2FucZUDUrw7Ogipvh9KGLMunVdmj5PExFWlV2cjA4dxZQi5tUBVkr6PtaYf7645DnPzY4Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-turbo-charged-by: LiteSpeed

Redirect headers

cache-control: private, no-cache
cf-ray: 8abb7fa3d90dc454-EWR
content-length: 167
content-type: text/html
date: Wed, 31 Jul 2024 06:23:14 GMT
location: https://my-update-info.com/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 Primary Request defaultwebpage.cgi Show response
my-update-info.com/cgi-sys/ 5 KB
2 KB 156ms
155ms Document
text/html 2606:4700:3033::6815:2a0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my-update-info.com/cgi-sys/defaultwebpage.cgi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2a0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d40818bf5947d406a29aea4a9f5bafcf896ac86f4001789fe093fcd1a9e56c5

Request headers

Referer: https://my-update-info.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8abb7fa60a67c454-EWR
content-encoding: br
content-type: text/html
date: Wed, 31 Jul 2024 06:23:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1XevlJeIpIiDZWeFd%2FN3wt%2BD5rAUq4NBa3QkBVXDFmCnIBjsLLz8Sl5eghV52dfqq8iolmAmVi4E6X1TvTUtb2B%2FYwNx%2BGQwQjpmp1b77BI7ZpnTDyG1lUe5Bs4LK8uE3GncMBUu8eEgFTmPTe1HJIY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-turbo-charged-by: LiteSpeed

GET
H3 404 style.css
my-update-info.com/css/ 0
0 373ms
372ms Stylesheet
text/html 2606:4700:3033::6815:2a0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my-update-info.com/css/style.css
Requested by: Host: my-update-info.com
URL: https://my-update-info.com/cgi-sys/defaultwebpage.cgi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:2a0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://my-update-info.com/cgi-sys/defaultwebpage.cgi
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 06:23:15 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PEAD04mMk21RGNe%2BGnEtQu8YxHWD3RzvnIzEjPoa04UBw1GEaESXQNN1uN4Gvl%2FVm6HPX8HVgJ4j6xofOHuXQw6kb6SAue3STX59HxB8H4QtfgUODkQJZdKoZGeSOcgvu4rO%2FNokhtHtLcTFLJkJ87g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 8abb7fa70afbc454-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 en.svg
offsh.nl/ 3 KB
1 KB 130ms
25ms Image
image/svg+xml 2606:4700:3030::6815:5ded
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offsh.nl/en.svg
Requested by: Host: my-update-info.com
URL: https://my-update-info.com/cgi-sys/defaultwebpage.cgi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5ded , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2b8a291919b736ff0312b0d5458180cc6ee1630b888da1886ba2900717665fd

Request headers

Referer: https://my-update-info.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 06:23:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1971125
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 23 Oct 2023 11:10:09 GMT
server: cloudflare
etag: W/"65365491-de3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uf2f68WmG1xjMQeHkKYwZ33SKwcLY286XcMcBfZ%2FssLngLDWOSwV4sh3VX1%2FEtIZWkGPrWLOTV6kJZO%2FJC4EM%2F7BXGyaEmPD8FNXf6hQo%2B73TYISGvuCc2D%2FeFG6sFQVzT3gKesKVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8abb7fa7ac327298-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fr.svg
offsh.nl/ 1 KB
1007 B 124ms
20ms Image
image/svg+xml 2606:4700:3030::6815:5ded
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offsh.nl/fr.svg
Requested by: Host: my-update-info.com
URL: https://my-update-info.com/cgi-sys/defaultwebpage.cgi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5ded , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c139cd3759928d2426bcd24de5eaf4afee8731424b201febf89b7dbcff8f7fd

Request headers

Referer: https://my-update-info.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 06:23:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1971125
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 23 Oct 2023 11:10:09 GMT
server: cloudflare
etag: W/"65365491-48a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x3gVJjR3PLmU8iXm0MYl847X59aNInEgH4dJccjLJHGe4Idhy%2FX7gFOZXkuuO%2FZ7Wf69F429di7VyF1wtM%2F7PECTH%2FccIxPVD7gNS6kjyQjrGqS8a1CIemvlRi2acUyYu5J2gra1rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8abb7fa7ac2d7298-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 de.svg
offsh.nl/ 1 KB
971 B 117ms
23ms Image
image/svg+xml 2606:4700:3030::6815:5ded
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offsh.nl/de.svg
Requested by: Host: my-update-info.com
URL: https://my-update-info.com/cgi-sys/defaultwebpage.cgi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5ded , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83a1c9574d2664a98347f7d6a6d167724762d92493cb466205c04dbd4415d62b

Request headers

Referer: https://my-update-info.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 06:23:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1971125
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 23 Oct 2023 11:10:09 GMT
server: cloudflare
etag: W/"65365491-490"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n4n9mW2aPNs2d%2BuZ06%2FGgi65ymaIp%2FIN5Ov6tAwmSlo05vQl74v7sMliFOFmnSsTRe1wVr8uDX%2B1PIc%2FLzjzqjxMyDEvWnqnmn3XwnCmtnKlKsmKuovPSIUbaah49T10G1s13S5p6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8abb7fa7ac337298-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 po.svg
offsh.nl/ 4 KB
1 KB 119ms
26ms Image
image/svg+xml 2606:4700:3030::6815:5ded
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offsh.nl/po.svg
Requested by: Host: my-update-info.com
URL: https://my-update-info.com/cgi-sys/defaultwebpage.cgi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5ded , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 252feb78806c0bd52a7dd025ac5be6846b7458965ff102503ee5bb348c90f38c

Request headers

Referer: https://my-update-info.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 06:23:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1371720
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 23 Oct 2023 11:10:09 GMT
server: cloudflare
etag: W/"65365491-f30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6f6OnCn399wpf7ot98fMb34YiRUM2ARjXPP0QbEeoKZAqj7h0mVJXSzLLwanhaWkRs0bB6AJ4n0T2V53F00ktOM1eNVXofXH8aSPhdRTUYZrq3qnfxCT200tbZTmyXCadD7R7pZLBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8abb7fa7ac347298-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 es.svg
offsh.nl/ 3 KB
1 KB 113ms
20ms Image
image/svg+xml 2606:4700:3030::6815:5ded
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offsh.nl/es.svg
Requested by: Host: my-update-info.com
URL: https://my-update-info.com/cgi-sys/defaultwebpage.cgi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5ded , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a35e4d5d3a54c7c48b1d5fc4bf3e0da0927aeeb80b9ac686531a7f51199ddd7f

Request headers

Referer: https://my-update-info.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 06:23:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1971125
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 23 Oct 2023 11:10:09 GMT
server: cloudflare
etag: W/"65365491-b4d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LUI%2BE6zPEe2TqG4qRCJCNRXoLKvnPUT9L5g1ntXNsj1uQFRXESxp5thZnzcu2q9Yv9UCnaIHQyOW5tnMpMh%2FqJ4WMXNKxkePnWCXJ5Xo8GsYT%2B4u451g%2Bg1MpjThfUWWmYJsicDkhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8abb7fa7ac307298-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ru.svg
offsh.nl/ 1 KB
979 B 117ms
24ms Image
image/svg+xml 2606:4700:3030::6815:5ded
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offsh.nl/ru.svg
Requested by: Host: my-update-info.com
URL: https://my-update-info.com/cgi-sys/defaultwebpage.cgi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5ded , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebc0298a531db98f3e43a9555ebb7370072c92cc92a27515533c0118f870db70

Request headers

Referer: https://my-update-info.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 06:23:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1971125
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 23 Oct 2023 11:10:09 GMT
server: cloudflare
etag: W/"65365491-496"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5YjqI2tfAhhkJKP56Awf4VWMTdDlBIgNPT2nyzIsXU9XMUxebKXknxBq1tjXh6Z2GgEByslQu0ZmOPL87dzy2LX85ukK9HPlcy%2BYTNCjp6f%2BzuvRyR6eCpYkINOf9PloducWGGqUtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8abb7fa7ac2f7298-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ro.svg
offsh.nl/ 1 KB
982 B 25ms
24ms Image
image/svg+xml 2606:4700:3030::6815:5ded
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offsh.nl/ro.svg
Requested by: Host: my-update-info.com
URL: https://my-update-info.com/cgi-sys/defaultwebpage.cgi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5ded , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5bd16ce2cbfb3ece2cca5582855e4b50ea2eb4f3e5feef2b679d0aa2935e584

Request headers

Referer: https://my-update-info.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 06:23:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1971125
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 23 Oct 2023 12:47:09 GMT
server: cloudflare
etag: W/"65366b4d-49c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aeqzIlocElYHvq4BCO0N5avfUpdUpl5NUDwa7zeN9gdZe01SMQwDLKjPlWvZPiTORjY60C4JXGcogJURh3dZQ8A5wT1XOmfkII9p8eEgrJJzrJ5h1aJbDIfbwOiIOQb0lP3qGk8Vrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8abb7fa7dc3d7298-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 tr.svg
offsh.nl/ 2 KB
1 KB 20ms
19ms Image
image/svg+xml 2606:4700:3030::6815:5ded
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offsh.nl/tr.svg
Requested by: Host: my-update-info.com
URL: https://my-update-info.com/cgi-sys/defaultwebpage.cgi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5ded , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96aebe6f49b9491bf6e9c58209256407cc51eb8bc311bc19a0c337f7750e37cf

Request headers

Referer: https://my-update-info.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 06:23:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 795485
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 23 Oct 2023 12:47:09 GMT
server: cloudflare
etag: W/"65366b4d-688"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DueulQBM29v1tNee%2BeUYBvgF8e7zqQtr0yaPF7sEl5b2%2F5yCOgniw96VQ%2FGhneEjArVEDwIVpjTL8yl%2BO%2FYFsYIF%2BB3%2BvMPLycozxwAF%2FsFMzJhX9f%2BWt%2B370EBEEsfI3wPCME4vqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8abb7fa7dc3e7298-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 it.svg
offsh.nl/ 1 KB
973 B 34ms
33ms Image
image/svg+xml 2606:4700:3030::6815:5ded
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offsh.nl/it.svg
Requested by: Host: my-update-info.com
URL: https://my-update-info.com/cgi-sys/defaultwebpage.cgi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5ded , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 673b0533656d3f491e8f6a7919acbfd90a4994547085c149e957b62d12515235

Request headers

Referer: https://my-update-info.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 06:23:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1971125
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 23 Oct 2023 12:47:09 GMT
server: cloudflare
etag: W/"65366b4d-48a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0hC4sexEQy0nlMkEDM4Up66u0JX9fW%2B8RaaKQXUhCY7%2BPnhXTyXSx6tgFbr64Y95A1zfPsmxr3lKxxzDf0I%2BeQLp65Rg7NmjOUrqpOxgrF8gpMCVLl9wBwzJYo9HwVxYxWivePr2hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8abb7fa7dc407298-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cn.svg
offsh.nl/ 3 KB
1 KB 28ms
27ms Image
image/svg+xml 2606:4700:3030::6815:5ded
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offsh.nl/cn.svg
Requested by: Host: my-update-info.com
URL: https://my-update-info.com/cgi-sys/defaultwebpage.cgi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5ded , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e7ad9023532828a29f3f4b374f7e84f7c76aa4ece50f7a1b8bfd2363803f48a

Request headers

Referer: https://my-update-info.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 06:23:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 537427
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 23 Oct 2023 11:10:09 GMT
server: cloudflare
etag: W/"65365491-a9e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ljabx42ejjvXRcCi4H7qwv9lzxZ%2BkkJv%2FrRgGdPtXfzQDMRWsYpvqoZLaFytU2eXxRHvz3vOkxrx1Sqmk35uMtIoJXUqro4rEi%2B20rXgTAf949PHXwFpxLaVsNIwCc78So%2B6pOPxVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8abb7fa7dc417298-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ja.svg
offsh.nl/ 1 KB
1 KB 28ms
27ms Image
image/svg+xml 2606:4700:3030::6815:5ded
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offsh.nl/ja.svg
Requested by: Host: my-update-info.com
URL: https://my-update-info.com/cgi-sys/defaultwebpage.cgi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5ded , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7b7a732142a90ab80f91b9fb982037987a2f015f00558d02fe9296e9529fa52

Request headers

Referer: https://my-update-info.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 06:23:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1971125
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 23 Oct 2023 12:47:09 GMT
server: cloudflare
etag: W/"65366b4d-558"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aN5GELSlBK%2B%2FMWZmg0pshBe1Wf%2BFdD57vUv5krZoIYmaCrdQL9LpqmOzDbxOc3abMKqW9CFwY6lGps9QunQeRW4j9Xnlvvx6%2BkL87P9HGNbFkgamaiVeaOaQt%2Ftxcp6guIB7DkZXDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8abb7fa7dc427298-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ko.svg
offsh.nl/ 3 KB
2 KB 34ms
32ms Image
image/svg+xml 2606:4700:3030::6815:5ded
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offsh.nl/ko.svg
Requested by: Host: my-update-info.com
URL: https://my-update-info.com/cgi-sys/defaultwebpage.cgi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:5ded , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b8b93bb844f3653262bb2763ddd1038dd209bf551c7cfbbdbfb1fb58a8b5169

Request headers

Referer: https://my-update-info.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 06:23:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1971125
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 23 Oct 2023 12:47:09 GMT
server: cloudflare
etag: W/"65366b4d-bf2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fgSj4itCkyXC0gIH2GPblLKC5SmbGzDcJa8IszGtSiAScI2A4Qb3hS4OADwRZ6nnrYQEQmnEcX0q%2B6uA%2BXGfLR9MqLdS%2BiTlA8YeWl9%2FnAacVFcMSz52YJurX%2BVAVTLJNNkAES17bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 8abb7fa7dc437298-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.my-update-info.com/	1970-01-20 22:28:13	Name: __cf_mw_byp Value: ijCge8shS2C_9HYoWEghAJrp8LKxL.tA5QCMolyf1FI-1722406989-0.0.1.1-/

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://my-update-info.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://my-update-info.com/css/style.css Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

my-update-info.com
offsh.nl
2606:4700:3030::6815:5ded
2606:4700:3033::6815:2a0d
252feb78806c0bd52a7dd025ac5be6846b7458965ff102503ee5bb348c90f38c
3c139cd3759928d2426bcd24de5eaf4afee8731424b201febf89b7dbcff8f7fd
4d40818bf5947d406a29aea4a9f5bafcf896ac86f4001789fe093fcd1a9e56c5
628cefe8ba91525064abe9fd4d4cb8446ecd7451004fcf3da1bffe7bb5658f95
673b0533656d3f491e8f6a7919acbfd90a4994547085c149e957b62d12515235
6e7ad9023532828a29f3f4b374f7e84f7c76aa4ece50f7a1b8bfd2363803f48a
83a1c9574d2664a98347f7d6a6d167724762d92493cb466205c04dbd4415d62b
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
8b8b93bb844f3653262bb2763ddd1038dd209bf551c7cfbbdbfb1fb58a8b5169
9278d16ed2fdcd5dc651615b0b8adc6b55fb667a9d106a9891b861d4561d9a24
93867b18b61e33f34c85da02cb1e89d400979b455c229d80646f308d91a1661a
96aebe6f49b9491bf6e9c58209256407cc51eb8bc311bc19a0c337f7750e37cf
a35e4d5d3a54c7c48b1d5fc4bf3e0da0927aeeb80b9ac686531a7f51199ddd7f
a5bd16ce2cbfb3ece2cca5582855e4b50ea2eb4f3e5feef2b679d0aa2935e584
c7b7a732142a90ab80f91b9fb982037987a2f015f00558d02fe9296e9529fa52
ebc0298a531db98f3e43a9555ebb7370072c92cc92a27515533c0118f870db70
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f2b8a291919b736ff0312b0d5458180cc6ee1630b888da1886ba2900717665fd

my-update-info.com Open in urlscan Pro 2606:4700:3033::6815:2a0d Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

19 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

29 kBTransfer

68 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

2 Console Messages

Security Headers

Indicators

my-update-info.com Open in urlscan Pro
2606:4700:3033::6815:2a0d Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

29 kB
Transfer

68 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!