divasingnsonghappy.shawnetta88.workers.dev Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://apiservices.krxd.net/click_tracker/track?kxconfid=whjxbtb0h&_knopii=1&kxcampaignid=P.C.C-Class.W206.L.MI&kxplacementi...
Effective URL:
https://divasingnsonghappy.shawnetta88.workers.dev/64b5709b0ce6f13cc26931cd/om/zapata.cesar@epa.gov
Submission: On August 08 via manual (August 8th 2023, 7:32:25 pm UTC) from US — Scanned from DE

Summary HTTP 41 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 11 domains to perform 41 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is divasingnsonghappy.shawnetta88.workers.dev.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 17th 2023. Valid for: a year.

This is the only time divasingnsonghappy.shawnetta88.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	2606:4700::68... 2606:4700::6812:672	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:772	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::ac43:a772	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
4	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3033::6815:26f4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
41	12

1 151.101.66.133 (United States) 1 redirects

ASN54113 (FASTLY, US)

apiservices.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

magicmushroomsshop.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
divasingnsonghappy.shawnetta88.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:672 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t4kst3.codesandbox.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
codesandbox.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:772 (United States)

ASN13335 (CLOUDFLARENET, US)

codesandbox.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:a772 (United States)

ASN13335 (CLOUDFLARENET, US)

ktdakyqzrivsbffuoeezcu.kute.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

nanoarpistartmoenuz.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:26f4 (United States)

ASN13335 (CLOUDFLARENET, US)

fokafodkresevesvpostzxj.tetsuo748.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

aadcdn.msauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	codesandbox.io 1 redirects t4kst3.codesandbox.io codesandbox.io — Cisco Umbrella Rank: 87863	56 KB
8	web.app nanoarpistartmoenuz.web.app	103 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 257	32 KB
4	unpkg.com unpkg.com — Cisco Umbrella Rank: 1022	79 KB
3	workers.dev fokafodkresevesvpostzxj.tetsuo748.workers.dev divasingnsonghappy.shawnetta88.workers.dev	13 KB
2	msauth.net aadcdn.msauth.net — Cisco Umbrella Rank: 1010	49 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 406	30 KB
1	kute.pw ktdakyqzrivsbffuoeezcu.kute.pw	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1161	7 KB
1	magicmushroomsshop.io magicmushroomsshop.io	564 B
1	krxd.net 1 redirects apiservices.krxd.net — Cisco Umbrella Rank: 36505	293 B
41	11

	Domain	Requested by
8	nanoarpistartmoenuz.web.app	ktdakyqzrivsbffuoeezcu.kute.pw nanoarpistartmoenuz.web.app t4kst3.codesandbox.io
5	t4kst3.codesandbox.io	1 redirects t4kst3.codesandbox.io static.cloudflareinsights.com
4	cdnjs.cloudflare.com	ktdakyqzrivsbffuoeezcu.kute.pw
4	unpkg.com	ktdakyqzrivsbffuoeezcu.kute.pw
4	codesandbox.io	t4kst3.codesandbox.io codesandbox.io
2	aadcdn.msauth.net	t4kst3.codesandbox.io divasingnsonghappy.shawnetta88.workers.dev
2	fokafodkresevesvpostzxj.tetsuo748.workers.dev	unpkg.com
1	divasingnsonghappy.shawnetta88.workers.dev	nanoarpistartmoenuz.web.app aadcdn.msauth.net
1	ajax.googleapis.com	ktdakyqzrivsbffuoeezcu.kute.pw
1	ktdakyqzrivsbffuoeezcu.kute.pw	magicmushroomsshop.io
1	static.cloudflareinsights.com	t4kst3.codesandbox.io
1	magicmushroomsshop.io
1	apiservices.krxd.net	1 redirects
41	13

This site contains no links.

Subject Issuer	Validity	Valid
magicmushroomsshop.io GTS CA 1P5	`2023-07-09` - `2023-10-07`	3 months	crt.sh
codesandbox.io Cloudflare Inc ECC CA-3	`2023-03-19` - `2024-03-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
kute.pw GTS CA 1P5	`2023-06-26` - `2023-09-24`	3 months	crt.sh
web.app GTS CA 1D4	`2023-07-10` - `2023-10-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
tetsuo748.workers.dev GTS CA 1P5	`2023-07-04` - `2023-10-02`	3 months	crt.sh
aadcdn.msauth.net DigiCert SHA2 Secure Server CA	`2023-07-29` - `2024-07-29`	a year	crt.sh

This page contains 2 frames:

Frame: https://divasingnsonghappy.shawnetta88.workers.dev/64b5709b0ce6f13cc26931cd/om/zapata.cesar@epa.gov?sso_reload=true
Frame ID: 89119D2997E9A887F686023DB1A4A717
Requests: 38 HTTP requests in this frame

Frame: https://t4kst3.codesandbox.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js
Frame ID: EE4EBA0D3D341B0B1E6BC168AC26A5A3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t4kst3.codesandbox.io/?bbre=AULpKeOdkWFPHwIyvEmo Page URL
https://divasingnsonghappy.shawnetta88.workers.dev/64b5709b0ce6f13cc26931cd/om/zapata.cesar@epa.gov Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

78 %
HTTPS

92 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

373 kB
Transfer

1368 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t4kst3.codesandbox.io/?bbre=AULpKeOdkWFPHwIyvEmo Page URL
https://divasingnsonghappy.shawnetta88.workers.dev/64b5709b0ce6f13cc26931cd/om/zapata.cesar@epa.gov Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://apiservices.krxd.net/click_tracker/track?kxconfid=whjxbtb0h&_knopii=1&kxcampaignid=P.C.C-Class.W206.L.MI&kxplacementid=module2findmycar&kxbrand=MB&clk=https%3A%2F%2Fmagicmushroomsshop.io%2Fdocumentcompleted%2Fpleaaseaccesstoday%2Findex.php%3Fuserid%3DemFwYXRhLmNlc2FyQGVwYS5nb3Y= HTTP 302
https://magicmushroomsshop.io/documentcompleted/pleaaseaccesstoday/index.php?userid=emFwYXRhLmNlc2FyQGVwYS5nb3Y=&_knopii=1

Request Chain 8

https://t4kst3.codesandbox.io/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://t4kst3.codesandbox.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

index.php Show response
magicmushroomsshop.io/documentcompleted/pleaaseaccesstoday/
Redirect Chain

https://apiservices.krxd.net/click_tracker/track?kxconfid=whjxbtb0h&_knopii=1&kxcampaignid=P.C.C-Class.W206.L.MI&kxplacementid=module2findmycar&kxbrand=MB&clk=https%3A%2F%2Fmagicmushroomsshop.io%2F...
https://magicmushroomsshop.io/documentcompleted/pleaaseaccesstoday/index.php?userid=emFwYXRhLmNlc2FyQGVwYS5nb3Y=&_knopii=1

0
564 B

196ms
154ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://magicmushroomsshop.io/documentcompleted/pleaaseaccesstoday/index.php?userid=emFwYXRhLmNlc2FyQGVwYS5nb3Y=&_knopii=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f3a2f472bcb37c6-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 08 Aug 2023 19:32:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
refresh: 0;url=https://t4kst3.codesandbox.io/?bbre=AULpKeOdkWFPHwIyvEmo#/ld-zapata.cesar@epa.gov
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xesEjcIDtJQ5PdSEN9nPI39EVjL5s44TFhzis2iOQVxSWYXOdZc6ovAiQ94510s3BbM8A9GSDf89wdEyGbXhGmzRda8%2F%2FknsOM%2BSEhtsggKNd7k4BKU2ooa5CQnL1IYD2jjzj4KruSoHQNM%2Fokwl8uScqtM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed

Redirect headers

accept-ranges: bytes
age: 0
content-length: 0
date: Tue, 08 Aug 2023 19:32:19 GMT
location: https://magicmushroomsshop.io/documentcompleted/pleaaseaccesstoday/index.php?userid=emFwYXRhLmNlc2FyQGVwYS5nb3Y=&_knopii=1
via: 1.1 varnish (Varnish/5.2), 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: click-tracker-a008-ash-prod.krxd.net, cache-fra-eddf8230045-FRA
x-timer: S1691523139.274639,VS0,VE378

GET
H2 200 / Show response
t4kst3.codesandbox.io/ 6 KB
3 KB 96ms
50ms Document
text/html 2606:4700::6812:672
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t4kst3.codesandbox.io/?bbre=AULpKeOdkWFPHwIyvEmo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e058b745b5579dc2bb262a50db8b17fa77a5bfa805ff099bdf2ba8d6837d669

Request headers

Referer: https://magicmushroomsshop.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7f3a2f488f8e1942-FRA
content-encoding: br
content-type: text/html
date: Tue, 08 Aug 2023 19:32:19 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 google
x-request-id: F3l_VW6ID9q76dsFSnnj

GET
H2 200 sse-hooks.f742b80f43c5a2e0e619b0d97b5886cd.js Show response
codesandbox.io/public/sse-hooks/ 172 KB
44 KB 41ms
23ms Script
application/javascript 2606:4700::6812:672
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/public/sse-hooks/sse-hooks.f742b80f43c5a2e0e619b0d97b5886cd.js
Requested by: Host: t4kst3.codesandbox.io
URL: https://t4kst3.codesandbox.io/?bbre=AULpKeOdkWFPHwIyvEmo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b792d9cff94a4f92d164ec7233833c903b4fdbaef13e37a0dc4258b8312ca83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 19:32:20 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 10058567
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 13 Aug 2022 13:00:47 GMT
server: cloudflare
etag: W/"62f7a07f-2aeb3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f3a2f48f8351942-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 banner.0b5d84a2b.js Show response
codesandbox.io/static/js/ 4 KB
2 KB 40ms
23ms Script
application/javascript 2606:4700::6812:672
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/static/js/banner.0b5d84a2b.js
Requested by: Host: t4kst3.codesandbox.io
URL: https://t4kst3.codesandbox.io/?bbre=AULpKeOdkWFPHwIyvEmo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 683fbdef88b2ebf85e44c498687952697f4093fb1ff40f884eb6a2f3c74d0bb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 19:32:20 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 13406573
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 06 Mar 2023 08:37:20 GMT
server: cloudflare
etag: W/"6405a640-f37"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f3a2f48f8371942-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 watermark-button.f4f9aed52.js Show response
codesandbox.io/static/js/ 3 KB
2 KB 67ms
26ms Script
application/javascript 2606:4700::6812:772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/static/js/watermark-button.f4f9aed52.js
Requested by: Host: t4kst3.codesandbox.io
URL: https://t4kst3.codesandbox.io/?bbre=AULpKeOdkWFPHwIyvEmo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f74bf2cf5a8225beb66712ff4e859c5d4ba9c24123e6de2f427b4b9fde408928

Request headers

Referer: https://t4kst3.codesandbox.io/
Origin: https://t4kst3.codesandbox.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 19:32:20 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
age: 102788
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 03 Aug 2023 12:21:50 GMT
server: cloudflare
etag: W/"64cb9bde-ae5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 7f3a2f491a57bbf2-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 75ms
49ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: t4kst3.codesandbox.io
URL: https://t4kst3.codesandbox.io/?bbre=AULpKeOdkWFPHwIyvEmo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://t4kst3.codesandbox.io/
Origin: https://t4kst3.codesandbox.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 19:32:20 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7f3a2f495dfd1968-FRA

GET
H2 200 phishing Show response
codesandbox.io/api/v1/sandboxes/t4kst3/ 32 B
403 B 50ms
49ms Fetch
application/json 2606:4700::6812:772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/api/v1/sandboxes/t4kst3/phishing
Requested by: Host: codesandbox.io
URL: https://codesandbox.io/static/js/banner.0b5d84a2b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a452c3178c3ac10631ab0f36a5dbb0bc07a877262c9ac2ed0791f9aafb36acc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 19:32:20 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://t4kst3.codesandbox.io
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
cf-ray: 7f3a2f493a84bbf2-FRA
alt-svc: h3=":443"; ma=86400
content-length: 32
x-request-id: F3l_VXSb4_2ura0EoYuE

GET
H2 200 64ca8c4269f5c7b4ec25316b-64b5709b0ce6f13cc26931cd.js Show response
ktdakyqzrivsbffuoeezcu.kute.pw/ 4 KB
2 KB 277ms
235ms Script
application/javascript 2606:4700:3034::ac43:a772
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ktdakyqzrivsbffuoeezcu.kute.pw/64ca8c4269f5c7b4ec25316b-64b5709b0ce6f13cc26931cd.js
Requested by: Host: magicmushroomsshop.io
URL: https://magicmushroomsshop.io/documentcompleted/pleaaseaccesstoday/index.php?userid=emFwYXRhLmNlc2FyQGVwYS5nb3Y=&_knopii=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80951734f8a5032395162ff13b753b1d576f4c88132467461433d0f5bb00ba06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 19:32:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
server: cloudflare
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: ktdakyqzrivsbffuoeezcu.kute.pw
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FyOsgLBjvSXuTv%2FbXywNY00zHQQJnpM%2FrUl1x3cPIdhDMsUDiF7AwQsQAuER%2B01hjPNgW%2Bk59xE0Pt4BmiihPQvS631d1Vu4SKwKGFCouGfCibhbJaXWX5f7t%2F8XlwJjIhJ9akgPn32ToA6byyF12ywAPWN1Bkk1NIq2L5M%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache,no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7f3a2f499f1c35fc-FRA
access-control-allow-headers: auth,authkey , authvalue, Authorization, User-Agent, Keep-Alive, Content-Type, X-Requested-With
expires: Mon, 25 Jul 1997 05:00:00 GMT

GET
H3

200

invisible.js Show response
t4kst3.codesandbox.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/ Frame EE4E
Redirect Chain

https://t4kst3.codesandbox.io/cdn-cgi/challenge-platform/scripts/invisible.js
https://t4kst3.codesandbox.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js

7 KB
3 KB

14ms
14ms

Script
application/javascript

2606:4700::6812:672
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t4kst3.codesandbox.io/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js

Requested by

Host: t4kst3.codesandbox.io
URL: https://t4kst3.codesandbox.io/?bbre=AULpKeOdkWFPHwIyvEmo

Protocol

Server

2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cdcf96d2c5a14a6475ae7fed2c98fb6c56827c1aaa12a7e57b37d174c87a388

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 19:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7f3a2f49cf6c1c15-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 08 Aug 2023 19:32:20 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js
cache-control: max-age=300, public
cf-ray: 7f3a2f49a93b1942-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 7f3a2f488f8e1942 Show response
t4kst3.codesandbox.io/cdn-cgi/challenge-platform/h/g/cv/result/ Frame EE4E 0
272 B 27ms
27ms XHR
text/plain 2606:4700::6812:672
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t4kst3.codesandbox.io/cdn-cgi/challenge-platform/h/g/cv/result/7f3a2f488f8e1942
Requested by: Host: t4kst3.codesandbox.io
URL: https://t4kst3.codesandbox.io/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 08 Aug 2023 19:32:20 GMT
content-encoding: br
server: cloudflare
cf-ray: 7f3a2f4a785f1c15-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H2 200 c0b7ea92550251d368d77b2d2366332cnbr1690995776.css
nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/ 1 KB
702 B 26ms
9ms Stylesheet
text/css 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/c0b7ea92550251d368d77b2d2366332cnbr1690995776.css

Requested by

Host: ktdakyqzrivsbffuoeezcu.kute.pw
URL: https://ktdakyqzrivsbffuoeezcu.kute.pw/64ca8c4269f5c7b4ec25316b-64b5709b0ce6f13cc26931cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

118f4d0a8c85bfbe5e7dfa3162e04e73c6fcda9cf1736b28f9472aa7e03ba2af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230061-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Tue, 08 Aug 2023 19:32:20 GMT
last-modified: Thu, 03 Aug 2023 16:59:35 GMT
x-timer: S1691523140.366819,VS0,VE2
etag: "2c2f42530360d92df6a9043afb8385defb5a11ba6299d3a885ecfdb3ce6e12e7-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 334
x-cache-hits: 1

GET
H2 200 9d2cd5e972c5daa70f7d034402a4f526nbr1690995776.css
nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/ 245 KB
19 KB 9ms
9ms Stylesheet
text/css 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/9d2cd5e972c5daa70f7d034402a4f526nbr1690995776.css

Requested by

Host: ktdakyqzrivsbffuoeezcu.kute.pw
URL: https://ktdakyqzrivsbffuoeezcu.kute.pw/64ca8c4269f5c7b4ec25316b-64b5709b0ce6f13cc26931cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

26b286a9830d75f1dc1d69f52a444a121b1411fee72b54360e9d237429926d93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230061-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Tue, 08 Aug 2023 19:32:20 GMT
last-modified: Thu, 03 Aug 2023 16:59:35 GMT
x-timer: S1691523140.394462,VS0,VE2
etag: "f6a734522aceb7833301b171529f14c9942dcc126cfb7d691a71cb72a2d3dd38-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19522
x-cache-hits: 1

GET
H2 200 axios.min.js Show response
unpkg.com/axios@0.16.1/dist/ 34 KB
11 KB 43ms
25ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/axios@0.16.1/dist/axios.min.js

Requested by

Host: ktdakyqzrivsbffuoeezcu.kute.pw
URL: https://ktdakyqzrivsbffuoeezcu.kute.pw/64ca8c4269f5c7b4ec25316b-64b5709b0ce6f13cc26931cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b2114a050aed49f4a24237d4d1f437b75ca10c6fc8623eae23c0558c53a7e21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 19:32:20 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1311439
last-modified: Sat, 08 Apr 2017 18:51:20 GMT
fly-request-id: 01H647FN5DAZ12S87X997CA3MF-fra
server: cloudflare
etag: W/"879a-StlLhYX39Pj2Qvz0O98NQPjvG9U"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7f3a2f4bccb09034-FRA

GET
H3 200 c0b7ea92550251d368d77b2d2366332cnbr1690995776.js Show response
nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/ 74 KB
19 KB 8ms
7ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/c0b7ea92550251d368d77b2d2366332cnbr1690995776.js

Requested by

Host: ktdakyqzrivsbffuoeezcu.kute.pw
URL: https://ktdakyqzrivsbffuoeezcu.kute.pw/64ca8c4269f5c7b4ec25316b-64b5709b0ce6f13cc26931cd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

74116901ac0ec12dd7af88a1e9ac55a5531f2dac5da8053cfa70042d738587e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230109-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Tue, 08 Aug 2023 19:32:20 GMT
last-modified: Thu, 03 Aug 2023 16:59:35 GMT
x-timer: S1691523140.486169,VS0,VE0
etag: "18436deb674b50728be198a9912eab2947b4e3b5a74daafe8daf6805d969d6cf-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 18676
x-cache-hits: 2

GET
H2 200 vue.min.js Show response
unpkg.com/vue@2.6.11/dist/ 91 KB
34 KB 22ms
22ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/vue@2.6.11/dist/vue.min.js

Requested by

Host: ktdakyqzrivsbffuoeezcu.kute.pw
URL: https://ktdakyqzrivsbffuoeezcu.kute.pw/64ca8c4269f5c7b4ec25316b-64b5709b0ce6f13cc26931cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 19:32:20 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 26110234
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GF15GDNWXMXAM2HS90D5F06R-fra
server: cloudflare
etag: W/"16de6-q9I58ClmstMksFEsIDvbr4Kk7Xo"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7f3a2f4c2d349034-FRA

GET
H2 200 vue-router.min.js Show response
unpkg.com/vue-router@2.7.0/dist/ 23 KB
9 KB 20ms
19ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/vue-router@2.7.0/dist/vue-router.min.js

Requested by

Host: ktdakyqzrivsbffuoeezcu.kute.pw
URL: https://ktdakyqzrivsbffuoeezcu.kute.pw/64ca8c4269f5c7b4ec25316b-64b5709b0ce6f13cc26931cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a01a4f435ae1e511d874f1abc960898902b1d6d4731c3cf0f3383b1ec3ffd1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 19:32:20 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 4009275
last-modified: Thu, 29 Jun 2017 03:57:37 GMT
fly-request-id: 01G67ZB9YFXHRG1BHVC2GR24ZD-fra
server: cloudflare
etag: W/"5c5a-b2+xvLVNqK43WHk3Czwf1BAXaoI"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7f3a2f4c9dc69034-FRA

GET
H2 200 vuex.min.js Show response
cdnjs.cloudflare.com/ajax/libs/vuex/2.3.1/ 10 KB
4 KB 32ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/vuex/2.3.1/vuex.min.js

Requested by

Host: ktdakyqzrivsbffuoeezcu.kute.pw
URL: https://ktdakyqzrivsbffuoeezcu.kute.pw/64ca8c4269f5c7b4ec25316b-64b5709b0ce6f13cc26931cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f1597d8c4ad4932102d5f5fbb0c35b827d7ccfc58a30ff6cdfe9dd0c3e5efa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 19:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1128271
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3106
last-modified: Thu, 22 Jun 2023 11:22:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942eff-c22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlCbvyVg4r85NcNvj7wbtBKZAXodLbXzso0Jypy8jHtx2jPu5q8oAZ4df%2Fw5pdyM2tKeisa%2BxMmFEzUswBXhFrgaq09TIlqeq4QYuV3lG5tJzOC%2Fq5OTJJFqw0QsKYtvcjaO0SpiGE5XGpPIZdLP6pDY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f3a2f4cef511e59-FRA
expires: Sun, 28 Jul 2024 19:32:20 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: ktdakyqzrivsbffuoeezcu.kute.pw
URL: https://ktdakyqzrivsbffuoeezcu.kute.pw/64ca8c4269f5c7b4ec25316b-64b5709b0ce6f13cc26931cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 19:26:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Aug 2024 19:26:09 GMT

GET
H2 200 vee-validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/vee-validate/2.0.0-rc.3/ 42 KB
11 KB 14ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/vee-validate/2.0.0-rc.3/vee-validate.min.js

Requested by

Host: ktdakyqzrivsbffuoeezcu.kute.pw
URL: https://ktdakyqzrivsbffuoeezcu.kute.pw/64ca8c4269f5c7b4ec25316b-64b5709b0ce6f13cc26931cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7649e92aa760b806193241148e8b88f3bc12c4e6cffbc35622a99477db798242

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 19:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 109849
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10700
last-modified: Thu, 22 Jun 2023 11:21:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942ec8-29cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMDfxEgGiWAU4ecgSxFHqn54qWO4q4kLXqrI2OTZlMhyTFu71m4yGrz0kLtCTWFYArdSDhglYsPQYIwHjHKOHd7EzQK3pEA3Ug9RZ2wHbbo6f%2FGlOB1ar0H36BPLW2fmjkiu58Efq35TYKQFZu3F%2FbT%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f3a2f4d68181e59-FRA
expires: Sun, 28 Jul 2024 19:32:20 GMT

GET
H3 200 vue-i18n.min.js Show response
cdnjs.cloudflare.com/ajax/libs/vue-i18n/7.0.3/ 14 KB
4 KB 20ms
20ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/vue-i18n/7.0.3/vue-i18n.min.js

Requested by

Host: ktdakyqzrivsbffuoeezcu.kute.pw
URL: https://ktdakyqzrivsbffuoeezcu.kute.pw/64ca8c4269f5c7b4ec25316b-64b5709b0ce6f13cc26931cd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20527289ca6a43abafb1fa42079d6c68425c583d5f93960eae5b5737bf28493b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 19:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 74258
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3903
last-modified: Thu, 22 Jun 2023 11:22:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942ef1-f3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxfsNGNIZrLVKknsqVYCBkjaHUJUi8Qovfyu6196bY3kjmz8DAT4F5AaZ0kZnzPB%2BsYQlD5%2FOO40nPDcflQUtZVeJDJtpnafchwtzoCW96BY5h9uGr0mdaz7rjo%2FZAEfP7jPb56McGiIF9RBhZO4vfQe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f3a2f4d8c1a6927-FRA
expires: Sun, 28 Jul 2024 19:32:20 GMT

GET
H2 200 lodash.min.js Show response
unpkg.com/lodash@4.17.4/ 71 KB
25 KB 19ms
18ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/lodash@4.17.4/lodash.min.js

Requested by

Host: ktdakyqzrivsbffuoeezcu.kute.pw
URL: https://ktdakyqzrivsbffuoeezcu.kute.pw/64ca8c4269f5c7b4ec25316b-64b5709b0ce6f13cc26931cd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23258114961c94563c3e7df66f059d487995e01f4ce666f2e5b84f1c499e63cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 19:32:20 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 4501074
last-modified: Sat, 31 Dec 2016 22:32:41 GMT
fly-request-id: 01H355KPE9VNA9CA556T2R6AHZ-fra
server: cloudflare
etag: W/"11c44-YN5uQ8SiwzJidasS1P/ZCyWCruk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7f3a2f4dff639034-FRA

GET
H3 200 mobile-detect.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.3.6/ 37 KB
14 KB 13ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mobile-detect/1.3.6/mobile-detect.min.js

Requested by

Host: ktdakyqzrivsbffuoeezcu.kute.pw
URL: https://ktdakyqzrivsbffuoeezcu.kute.pw/64ca8c4269f5c7b4ec25316b-64b5709b0ce6f13cc26931cd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc8b081ba3d5a5270fb663b4856ce474277a52421f98a3b8aa385100c342a3d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 19:32:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1036584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13276
last-modified: Thu, 22 Jun 2023 11:09:22 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942be2-33dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZwXaZfKTpTUecxdXo5WdhVNQx%2BE3PcDvz3KS4vpljxYF49CtDUtRtJXRmJRK20t8kkj3LNpUFMQLQJi3b7043wGXI%2B%2FJHGiL%2F81eJIIRPdWHz8SB7guK4VSL3L3%2FqcZWjwMIZ6U51U0aTcQ%2FogzIvs8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f3a2f4e7d6b6927-FRA
expires: Sun, 28 Jul 2024 19:32:20 GMT

GET
H3 200 a8d65c7c9f575ca8eb422d59e5c2a5a2.js Show response
nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/ 255 KB
59 KB 8ms
7ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/a8d65c7c9f575ca8eb422d59e5c2a5a2.js

Requested by

Host: ktdakyqzrivsbffuoeezcu.kute.pw
URL: https://ktdakyqzrivsbffuoeezcu.kute.pw/64ca8c4269f5c7b4ec25316b-64b5709b0ce6f13cc26931cd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c28c03d4b6d79fdfa5c8721fc3cbfae0ba3041b8199567bf873294eefc167b54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230109-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Tue, 08 Aug 2023 19:32:20 GMT
last-modified: Thu, 03 Aug 2023 16:59:35 GMT
x-timer: S1691523141.909798,VS0,VE0
etag: "600a70670ffd43fa3d9ced906437f6527650de2939f41bcc4cd72878e7b760d4-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 60090
x-cache-hits: 2

GET
H3 200 238d344c676a54d66afd34590ccc34d21690995766.js Show response
nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/js/ 9 KB
3 KB 7ms
7ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/js/238d344c676a54d66afd34590ccc34d21690995766.js

Requested by

Host: nanoarpistartmoenuz.web.app
URL: https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/a8d65c7c9f575ca8eb422d59e5c2a5a2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

87b08a80a57f5bf15c1c5f28da7f63c75e35ff3e238fb99b0ab7796c08c0bcc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230109-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Tue, 08 Aug 2023 19:32:20 GMT
last-modified: Thu, 03 Aug 2023 16:59:35 GMT
x-timer: S1691523141.949512,VS0,VE0
etag: "09c6697430fe1706980380e789f120558a6b0422f71af8bb0d427fc05778c729-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3050
x-cache-hits: 2

GET
H3 200 microsoft_logo.svg
nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/imgs/ 4 KB
2 KB 8ms
8ms Image
image/svg+xml 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/imgs/microsoft_logo.svg

Requested by

Host: t4kst3.codesandbox.io
URL: https://t4kst3.codesandbox.io/?bbre=AULpKeOdkWFPHwIyvEmo

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230109-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Tue, 08 Aug 2023 19:32:20 GMT
last-modified: Thu, 03 Aug 2023 16:59:35 GMT
x-timer: S1691523141.982204,VS0,VE0
etag: "a88f22478e52f27f6f24668e3ff397bf66ba51e21b2cc2375100de1d281417be-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1274
x-cache-hits: 2

OPTIONS
H2 200 64b5709b0ce6f13cc26931cd
fokafodkresevesvpostzxj.tetsuo748.workers.dev/re/ Frame 0
0 77ms
18ms Preflight 2606:4700:3033::6815:26f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fokafodkresevesvpostzxj.tetsuo748.workers.dev/re/64b5709b0ce6f13cc26931cd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:26f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authkey,authvalue
Access-Control-Request-Method: POST
Origin: https://t4kst3.codesandbox.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authkey,authvalue
access-control-allow-methods: GET,HEAD,POST,OPTIONS
access-control-allow-origin: https://t4kst3.codesandbox.io
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-ray: 7f3a2f4f8c301e60-FRA
content-length: 0
date: Tue, 08 Aug 2023 19:32:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1N9JFeWOVamKNwj7EVUrvSXfC5PbanF4vAgtL%2B0mcjRWqZy%2Bg2BPimHY%2F1rlsFwt%2Ba%2FH84SpobBtUL326eGW0XpSgQPUQiZTq1O%2FpCJ3dwKjN%2BVzLnY2Mjp9q5XkaiTrQ9onosNJUeXRV7VW6LRXaP30Au7oXX2f9cGp0wNnfUlR3ac8NILcBfsLUE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 ellipsis_white.svg
nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/imgs/ 915 B
567 B 8ms
8ms Image
image/svg+xml 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/imgs/ellipsis_white.svg

Requested by

Host: t4kst3.codesandbox.io
URL: https://t4kst3.codesandbox.io/?bbre=AULpKeOdkWFPHwIyvEmo

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230109-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Tue, 08 Aug 2023 19:32:20 GMT
last-modified: Thu, 03 Aug 2023 16:59:35 GMT
x-timer: S1691523141.982818,VS0,VE0
etag: "b1336d85e1a0c89eea2a4969953d0326f0faedd47871ea522033f7f6e513ea57-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 228
x-cache-hits: 2

GET
H3 200 ellipsis_grey.svg
nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/imgs/ 915 B
570 B 7ms
7ms Image
image/svg+xml 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/imgs/ellipsis_grey.svg

Requested by

Host: t4kst3.codesandbox.io
URL: https://t4kst3.codesandbox.io/?bbre=AULpKeOdkWFPHwIyvEmo

Protocol

Security

QUIC, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230109-FRA
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Tue, 08 Aug 2023 19:32:20 GMT
last-modified: Thu, 03 Aug 2023 16:59:35 GMT
x-timer: S1691523141.981565,VS0,VE0
etag: "8bd35fb6e43a52fbd3fac4f46b28b8cc71b6f00e2b06636395e54a9c210d997e-br"
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=3600
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 230
x-cache-hits: 2

POST
H3 200 64b5709b0ce6f13cc26931cd Show response
fokafodkresevesvpostzxj.tetsuo748.workers.dev/re/ 96 B
798 B 496ms
474ms XHR
application/json 2606:4700:3033::6815:26f4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fokafodkresevesvpostzxj.tetsuo748.workers.dev/re/64b5709b0ce6f13cc26931cd
Requested by: Host: unpkg.com
URL: https://unpkg.com/axios@0.16.1/dist/axios.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:26f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4912ff5158f3fa538d816b3a361c34e6dd57fac9c1477f1af25f577386236a9d

Request headers

authkey: false
Accept: application/json, text/plain, */*
Referer: https://t4kst3.codesandbox.io/
accept-language: de-DE,de;q=0.9
authvalue: false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarywdPI5ehpd2kHsqHl

Response headers

date: Tue, 08 Aug 2023 19:32:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://t4kst3.codesandbox.io
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFNqA547J%2B4RY1zDtDMDW7NKBPmKNt6Dbv%2FcLNa9UAQNyT2bDhAm%2Fqi%2FweBbDwTFPV6kQz181SlMs2PlKsvzgWXV8y6wTQeMtUt6wCD30%2B3qXfOP3lP7eDPBhSrSXkhL1mwVHpuYFMuQ53SpAm1IcHTfq0%2FfBYhPxa7sasY1eppQFEvnB14%2BvNz1YDE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache,no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7f3a2f4fcd4d697b-FRA
access-control-allow-headers: auth,authkey , authvalue, Authorization, User-Agent, Keep-Alive, Content-Type, X-Requested-With
expires: Mon, 25 Jul 1997 05:00:00 GMT

GET
H2 200 2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msauth.net/ests/2.1/content/images/backgrounds/ 2 KB
1 KB 26ms
9ms Image
image/svg+xml 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msauth.net/ests/2.1/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Requested by: Host: t4kst3.codesandbox.io
URL: https://t4kst3.codesandbox.io/?bbre=AULpKeOdkWFPHwIyvEmo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t4kst3.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 08 Aug 2023 19:32:21 GMT
content-encoding: gzip
x-cache: TCP_HIT
content-length: 673
x-ms-lease-status: unlocked
last-modified: Thu, 13 Feb 2020 02:05:12 GMT
etag: 0x8D7B0292911C366
x-azure-ref: 20230808T193221Z-nkxqp8w0p13txfvskqy2fbx9rs00000009mg00000000rph3
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 87b7a232-b01e-0094-0415-ca7c0c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET SegoeUI-SemiBold.woff2
nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/ 0
0

GET SegoeUI.woff2
nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/ 0
0

GET SegoeUI-SemiBold.woff
nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/ 0
0

GET SegoeUI.woff
nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/ 0
0

GET SegoeUI-SemiBold.ttf
nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/ 0
0

GET SegoeUI.ttf
nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/ 0
0

POST
H3 204 rum Show response
t4kst3.codesandbox.io/cdn-cgi/ 0
145 B 13ms
13ms XHR
text/plain 2606:4700::6812:672
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t4kst3.codesandbox.io/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:672 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://t4kst3.codesandbox.io/?bbre=AULpKeOdkWFPHwIyvEmo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type: application/json

Response headers

date: Tue, 08 Aug 2023 19:32:21 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://t4kst3.codesandbox.io
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7f3a2f4f8f851c15-FRA

GET
H2 200 Primary Request zapata.cesar@epa.gov Show response
divasingnsonghappy.shawnetta88.workers.dev/64b5709b0ce6f13cc26931cd/om/ 20 KB
12 KB 563ms
518ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://divasingnsonghappy.shawnetta88.workers.dev/64b5709b0ce6f13cc26931cd/om/zapata.cesar@epa.gov
Requested by: Host: nanoarpistartmoenuz.web.app
URL: https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/js/238d344c676a54d66afd34590ccc34d21690995766.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e9774ef2d0e8baf74300510e3dccfdc6cff3861a82458686f21e8845e2e6e9

Request headers

Referer: https://t4kst3.codesandbox.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: auth,authkey , authvalue, Authorization, User-Agent, Keep-Alive, Content-Type, X-Requested-With
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS
access-control-allow-origin: null
access-control-max-age: 1
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f3a2f65ce829b25-FRA
content-encoding: br
content-type: text/html
date: Tue, 08 Aug 2023 19:32:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhJ052H78aNVQPiENPnvIcte5f6Tn6YmCAH2BvQH%2FBF0DYDHTUDTTkJK2wy2WfSaUa3omCmyK6v8IyBOG7kfd59c9%2FRFzorEToQAIaGO0zFWph6WHSNoRnnU%2FKeSje1vEHQ%2BYmhrGw402jUxvjv%2FnQblerw697Clv4zQoOeNOTLDH%2F%2FE1NMiMyQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding
x-cache-status: MISS

POST rum
t4kst3.codesandbox.io/cdn-cgi/ 0
0

GET
H2 200 BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js Show response
aadcdn.msauth.net/shared/1.0/content/js/ 135 KB
48 KB 27ms
13ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msauth.net/shared/1.0/content/js/BssoInterrupt_Core_nun_Nob0yT2WjCUfgBCTog2.js
Requested by: Host: divasingnsonghappy.shawnetta88.workers.dev
URL: https://divasingnsonghappy.shawnetta88.workers.dev/64b5709b0ce6f13cc26931cd/om/zapata.cesar@epa.gov
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cc51a8def572cc3523f9a4276fc4509a0e92b4d193fcfee35cdcf3a48662c92c

Request headers

Referer: https://divasingnsonghappy.shawnetta88.workers.dev/
Origin: https://divasingnsonghappy.shawnetta88.workers.dev
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 08 Aug 2023 19:32:25 GMT
content-encoding: gzip
x-cache: TCP_HIT
content-length: 48719
x-ms-lease-status: unlocked
last-modified: Wed, 12 Jul 2023 10:42:33 GMT
etag: 0x8DB82C4B32A50A1
x-azure-ref: 20230808T193225Z-1m3nu0qdet3v78fqkbfmz2zq7800000000k0000000000pk3
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 882a3f85-c01e-008b-450d-ca4531000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET zapata.cesar@epa.gov
divasingnsonghappy.shawnetta88.workers.dev/64b5709b0ce6f13cc26931cd/om/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nanoarpistartmoenuz.web.app
URL: https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/SegoeUI-SemiBold.woff2

Domain: nanoarpistartmoenuz.web.app
URL: https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/SegoeUI.woff2

Domain: nanoarpistartmoenuz.web.app
URL: https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/SegoeUI-SemiBold.woff

Domain: nanoarpistartmoenuz.web.app
URL: https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/SegoeUI.woff

Domain: nanoarpistartmoenuz.web.app
URL: https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/SegoeUI-SemiBold.ttf

Domain: nanoarpistartmoenuz.web.app
URL: https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/SegoeUI.ttf

Domain: t4kst3.codesandbox.io
URL: https://t4kst3.codesandbox.io/cdn-cgi/rum?

Domain: divasingnsonghappy.shawnetta88.workers.dev
URL: https://divasingnsonghappy.shawnetta88.workers.dev/64b5709b0ce6f13cc26931cd/om/zapata.cesar@epa.gov?sso_reload=true

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.codesandbox.io/	1969-12-31 23:59:59	Name: _cfuvid Value: zvn5rCdYfQfs8HLlkMOPyLC3Gg41LswB.34Hv4SgsGQ-1691523139967-0-604800000
			.codesandbox.io/	1970-01-20 22:37:39	Name: cf_clearance Value: ZCzrj8kHTxWYPPqYv4A0lz2DWC.i5sOJdLBQAvGZMao-1691523140-0-1-dc2103d3.4086d66.d49c8479-0.2.1691523140

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://t4kst3.codesandbox.io/?bbre=AULpKeOdkWFPHwIyvEmo#/ld-zapata.cesar@epa.gov Message: Access to font at 'https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/SegoeUI-SemiBold.woff2' from origin 'https://t4kst3.codesandbox.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/SegoeUI-SemiBold.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://t4kst3.codesandbox.io/?bbre=AULpKeOdkWFPHwIyvEmo#/ld-zapata.cesar@epa.gov Message: Access to font at 'https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/SegoeUI.woff2' from origin 'https://t4kst3.codesandbox.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/SegoeUI.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://t4kst3.codesandbox.io/?bbre=AULpKeOdkWFPHwIyvEmo#/ld-zapata.cesar@epa.gov Message: Access to font at 'https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/SegoeUI-SemiBold.woff' from origin 'https://t4kst3.codesandbox.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/SegoeUI-SemiBold.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://t4kst3.codesandbox.io/?bbre=AULpKeOdkWFPHwIyvEmo#/ld-zapata.cesar@epa.gov Message: Access to font at 'https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/SegoeUI.woff' from origin 'https://t4kst3.codesandbox.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/SegoeUI.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://t4kst3.codesandbox.io/?bbre=AULpKeOdkWFPHwIyvEmo#/ld-zapata.cesar@epa.gov Message: Access to font at 'https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/SegoeUI-SemiBold.ttf' from origin 'https://t4kst3.codesandbox.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/SegoeUI-SemiBold.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://t4kst3.codesandbox.io/?bbre=AULpKeOdkWFPHwIyvEmo#/ld-zapata.cesar@epa.gov Message: Access to font at 'https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/SegoeUI.ttf' from origin 'https://t4kst3.codesandbox.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://nanoarpistartmoenuz.web.app/sdgdsokeiokxciasijx/themes/css/assets/SegoeUI.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
ajax.googleapis.com
apiservices.krxd.net
cdnjs.cloudflare.com
codesandbox.io
divasingnsonghappy.shawnetta88.workers.dev
fokafodkresevesvpostzxj.tetsuo748.workers.dev
ktdakyqzrivsbffuoeezcu.kute.pw
magicmushroomsshop.io
nanoarpistartmoenuz.web.app
static.cloudflareinsights.com
t4kst3.codesandbox.io
unpkg.com
divasingnsonghappy.shawnetta88.workers.dev
nanoarpistartmoenuz.web.app
t4kst3.codesandbox.io
151.101.66.133
2606:4700:3033::6815:26f4
2606:4700:3034::ac43:a772
2606:4700::6810:3965
2606:4700::6810:7aaf
2606:4700::6811:180e
2606:4700::6812:672
2606:4700::6812:772
2620:0:890::100
2620:1ec:46::45
2a00:1450:4001:82b::200a
2a06:98c1:3121::3
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
118f4d0a8c85bfbe5e7dfa3162e04e73c6fcda9cf1736b28f9472aa7e03ba2af
16c3f6531d0fa5b4d16e82abf066233b2a9f284c068c663699313c09f5e8d6e6
1cdcf96d2c5a14a6475ae7fed2c98fb6c56827c1aaa12a7e57b37d174c87a388
20527289ca6a43abafb1fa42079d6c68425c583d5f93960eae5b5737bf28493b
23258114961c94563c3e7df66f059d487995e01f4ce666f2e5b84f1c499e63cc
26b286a9830d75f1dc1d69f52a444a121b1411fee72b54360e9d237429926d93
40e9774ef2d0e8baf74300510e3dccfdc6cff3861a82458686f21e8845e2e6e9
4912ff5158f3fa538d816b3a361c34e6dd57fac9c1477f1af25f577386236a9d
5a01a4f435ae1e511d874f1abc960898902b1d6d4731c3cf0f3383b1ec3ffd1d
5f1597d8c4ad4932102d5f5fbb0c35b827d7ccfc58a30ff6cdfe9dd0c3e5efa7
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
683fbdef88b2ebf85e44c498687952697f4093fb1ff40f884eb6a2f3c74d0bb7
6b2114a050aed49f4a24237d4d1f437b75ca10c6fc8623eae23c0558c53a7e21
74116901ac0ec12dd7af88a1e9ac55a5531f2dac5da8053cfa70042d738587e3
7649e92aa760b806193241148e8b88f3bc12c4e6cffbc35622a99477db798242
7b792d9cff94a4f92d164ec7233833c903b4fdbaef13e37a0dc4258b8312ca83
80951734f8a5032395162ff13b753b1d576f4c88132467461433d0f5bb00ba06
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87b08a80a57f5bf15c1c5f28da7f63c75e35ff3e238fb99b0ab7796c08c0bcc2
9e0156dd49c03744e79bbea60eebbbb94b5811c1b71b91f5fb38a8270dedfbaf
9e058b745b5579dc2bb262a50db8b17fa77a5bfa805ff099bdf2ba8d6837d669
a452c3178c3ac10631ab0f36a5dbb0bc07a877262c9ac2ed0791f9aafb36acc8
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c28c03d4b6d79fdfa5c8721fc3cbfae0ba3041b8199567bf873294eefc167b54
cc51a8def572cc3523f9a4276fc4509a0e92b4d193fcfee35cdcf3a48662c92c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f74bf2cf5a8225beb66712ff4e859c5d4ba9c24123e6de2f427b4b9fde408928
fc8b081ba3d5a5270fb663b4856ce474277a52421f98a3b8aa385100c342a3d8

divasingnsonghappy.shawnetta88.workers.dev Open in urlscan Pro 2a06:98c1:3121::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

78 %HTTPS

92 %IPv6

11 Domains

13 Subdomains

12 IPs

2 Countries

373 kBTransfer

1368 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

divasingnsonghappy.shawnetta88.workers.dev Open in urlscan Pro
2a06:98c1:3121::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

78 %
HTTPS

92 %
IPv6

11
Domains

13
Subdomains

12
IPs

2
Countries

373 kB
Transfer

1368 kB
Size

2
Cookies

41 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!