ross.golfappweb.com Open in urlscan Pro
2606:4700:3032::ac43:bc49 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tenj.gracelandsad.shop/index.php/campaigns/ar728fhcg5955/track-url/yn939l0j5m86a/e18cebf5c977499159955caf564f25c423e3c11a
Effective URL:
https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a
Submission: On November 03 via api (November 3rd 2024, 5:26:41 am UTC) from US — Scanned from DE

Summary HTTP 23 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 4 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3032::ac43:bc49, located in United States and belongs to CLOUDFLARENET, US. The main domain is ross.golfappweb.com.
TLS certificate: Issued by WE1 on October 9th 2024. Valid for: 3 months.

This is the only time ross.golfappweb.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::6815:425d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3032::6815:481b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2606:4700:303... 2606:4700:3032::ac43:bc49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:8ef5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2

1 2606:4700:3035::6815:425d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tenj.gracelandsad.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:481b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

facebook-verified.moonflowsad.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:3032::ac43:bc49 (United States)

ASN13335 (CLOUDFLARENET, US)

ross.golfappweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:8ef5 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	golfappweb.com ross.golfappweb.com	2 MB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1222	426 KB
1	moonflowsad.shop 1 redirects facebook-verified.moonflowsad.shop	724 B
1	gracelandsad.shop 1 redirects tenj.gracelandsad.shop	926 B
23	4

	Domain	Requested by
22	ross.golfappweb.com	ross.golfappweb.com
1	use.fontawesome.com	ross.golfappweb.com
1	facebook-verified.moonflowsad.shop	1 redirects
1	tenj.gracelandsad.shop	1 redirects
23	4

This site contains links to these domains. Also see Links.

Domain
virus-checked.golfapp.club

Subject Issuer	Validity	Valid
golfappweb.com WE1	`2024-10-09` - `2025-01-07`	3 months	crt.sh
use.fontawesome.com WE1	`2024-09-09` - `2024-12-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a
Frame ID: 65001EF08C46E1FBA48636CF8983FB3F
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rossmann - Umfragebelohnungen

Page URL History Show full URLs

http://tenj.gracelandsad.shop/index.php/campaigns/ar728fhcg5955/track-url/yn939l0j5m86a/e18cebf5c977499159... HTTP 307
https://tenj.gracelandsad.shop/index.php/campaigns/ar728fhcg5955/track-url/yn939l0j5m86a/e18cebf5c977499159... HTTP 301
https://facebook-verified.moonflowsad.shop/KoiUjeBsRshTEbsjIowIshTQsvGf?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0... HTTP 301
http://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a HTTP 307
https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Page URL

Detected technologies

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

23
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

2630 kB
Transfer

3473 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://virus-checked.golfapp.club/O3lPlsm3Nxf5Res8dFavX9fgY1ujem6Kosi9Lpw4UYtdg2bVc5gTrw1fQbH4sjU7isoM3sU1Trs/?source_id=G-Ross&s1=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a
Title: Continuer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tenj.gracelandsad.shop/index.php/campaigns/ar728fhcg5955/track-url/yn939l0j5m86a/e18cebf5c977499159955caf564f25c423e3c11a HTTP 307
https://tenj.gracelandsad.shop/index.php/campaigns/ar728fhcg5955/track-url/yn939l0j5m86a/e18cebf5c977499159955caf564f25c423e3c11a HTTP 301
https://facebook-verified.moonflowsad.shop/KoiUjeBsRshTEbsjIowIshTQsvGf?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a HTTP 301
http://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a HTTP 307
https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ross.golfappweb.com/ Redirect Chain http://tenj.gracelandsad.shop/index.php/campaigns/ar728fhcg5955/track-url/yn939l0j5m86a/e18cebf5c977499159955caf564f25c423e3c11a https://tenj.gracelandsad.shop/index.php/campaigns/ar728fhcg5955/track-url/yn939l0j5m86a/e18cebf5c977499159955caf564f25c423e3c11a https://facebook-verified.moonflowsad.shop/KoiUjeBsRshTEbsjIowIshTQsvGf?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a http://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a	31 KB 6 KB	625ms 540ms	Document text/html	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.3.13 Resource Hash `bf50b75839e09bb51cda517f43430777465f51c52870472c932b5fb3ce6c7f1e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8dc9f331c9f09f69-AMS content-encoding br content-type text/html; charset=UTF-8 date Sun, 03 Nov 2024 05:26:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H6iaKXvqgXbHcrghmS%2F4v5Ab0GJaCX4AhN61UCwq50e7EN%2BhsteUAK2uVlonyiD0iGyBQ63a9ul6%2BzEi7T4D0%2FTNhm1qKvoZntbF7HESfK4J%2BbFVsV0btZ7hk7uF%2FXjcs8HlN%2FYaoqmxnu32uBmIPHEq"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=28615&sent=7&recv=12&lost=0&retrans=0&sent_bytes=4004&recv_bytes=2430&delivery_rate=146978&cwnd=35&unsent_bytes=0&cid=49a03fc20094db4c&ts=549&x=0" x-powered-by PHP/8.3.13 Redirect headers Location https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Non-Authoritative-Reason HttpsUpgrades
GET H2	200	style.css ross.golfappweb.com/css/	17 KB 4 KB	580ms 578ms	Stylesheet text/css	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ross.golfappweb.com/css/style.css Requested by Host: ross.golfappweb.com URL: https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `72cd874f947116cba053e9a1ce527aad1246fa78accaff5be04bec50706b980d` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"45c9-625b7908382e5" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8VfxyfCnwzdu3I57ohBYaN%2F8IcT1i5WlZT%2Bt1SOeQdiFY9mHUfV62FQT92hNrPqdaZdW4wGla%2FMzSOI9AgrPGf7mn184QjXfUu%2B0o6xM%2B8Q3aHqK%2F%2FN0%2BXFYR8aNTRHo1ZJ%2BPT%2FzhA1teM%2FFLlCSwSR0"}],"group":"cf-nel","max_age":604800} cf-ray 8dc9f3358cfc9f69-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=32148&sent=27&recv=23&lost=0&retrans=0&sent_bytes=19042&recv_bytes=2858&delivery_rate=188817&cwnd=38&unsent_bytes=0&cid=49a03fc20094db4c&ts=1172&x=0" date Sun, 03 Nov 2024 05:26:33 GMT content-type text/css last-modified Wed, 30 Oct 2024 20:29:54 GMT vary Accept-Encoding server cloudflare
GET H2	200	animate.min.css ross.golfappweb.com/css/	70 KB 6 KB	559ms 558ms	Stylesheet text/css	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ross.golfappweb.com/css/animate.min.css Requested by Host: ross.golfappweb.com URL: https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `721fd25fad2ceea766b483f7692fc840097de75bb54185273920adf62da63e15` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"11847-625b7908be758" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AA06ehLL1sQ%2BnNLVJtVcQOHKVudh02DQHhE29FmyGxqtyZBR3rzThEBReuJoWYbOoWdhZxBJ4vmje11zPKOV0xCgQvvKzCOuJB7HIYlp9o4ThTX6Xfni5dVPF1AL9D%2FCU8oLwNauF2YMLq%2FQT9UovCbg"}],"group":"cf-nel","max_age":604800} cf-ray 8dc9f3358cfe9f69-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=32148&sent=16&recv=23&lost=0&retrans=0&sent_bytes=10013&recv_bytes=2858&delivery_rate=188817&cwnd=38&unsent_bytes=0&cid=49a03fc20094db4c&ts=1152&x=0" date Sun, 03 Nov 2024 05:26:33 GMT content-type text/css last-modified Wed, 30 Oct 2024 20:29:54 GMT vary Accept-Encoding server cloudflare
GET H2	200	all.js Show response use.fontawesome.com/releases/v5.15.4/js/	1 MB 426 KB	224ms 55ms	Script application/javascript	2606:4700:3037::ac43:8ef5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.15.4/js/all.js Requested by Host: ross.golfappweb.com URL: https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:8ef5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://ross.golfappweb.com Referer Response headers content-encoding br cf-cache-status HIT etag W/"5e29440867fdb02a48dffded02338c31" age 133813 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cca1bShZNrEEtbFIH65QoLuv8ZHeDT09cr3Y16Rkc7SPfL%2FphG0nIAOHoaND0EkdzGWbFhzR%2Fa99EIzn3xif%2Bm%2Fle1P9P2vK1brKxA%2FiutDF5XW06mvwo4aAWS6iL3%2FTXbsrkHR7TYvzOzI6xPn0HI33"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=19536&sent=7&recv=13&lost=0&retrans=0&sent_bytes=4018&recv_bytes=2286&delivery_rate=208009&cwnd=254&unsent_bytes=0&cid=b3c3100206946933&ts=133&x=0" date Sun, 03 Nov 2024 05:26:33 GMT content-type application/javascript last-modified Fri, 22 Sep 2023 01:45:24 GMT vary Origin, Accept-Encoding cache-control max-age=31556926 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dc9f33a2b5f91fc-FRA access-control-allow-origin * server cloudflare
GET H2	200	datehead.js Show response ross.golfappweb.com/js/	2 KB 1 KB	583ms 582ms	Script application/javascript	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ross.golfappweb.com/js/datehead.js Requested by Host: ross.golfappweb.com URL: https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4f7b917afd8fe42216c170d83013ba8e33ea0780576bc6df0ed7098ae6743859` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"958-625b79072c1ce" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PSn8LvbptQe3VMSB8xDJgxQSg0IPqMoLCZgmDUVBXcwk1jZ%2BrlWg92nosnDA%2FowW0BaqApxzWSYeMDfbdrChHf7iH6rAXJcXfd589unb6voy6em2KP3qHz8GRYmaqLeONBrh%2BXBJSYJxnygv750tQ%2FPC"}],"group":"cf-nel","max_age":604800} cf-ray 8dc9f3358cff9f69-AMS alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=32148&sent=33&recv=23&lost=0&retrans=0&sent_bytes=23360&recv_bytes=2858&delivery_rate=188817&cwnd=38&unsent_bytes=0&cid=49a03fc20094db4c&ts=1173&x=0" date Sun, 03 Nov 2024 05:26:33 GMT content-type application/javascript last-modified Wed, 30 Oct 2024 20:29:52 GMT vary Accept-Encoding server cloudflare
GET H2	200	logo.png ross.golfappweb.com/images/	37 KB 37 KB	608ms 607ms	Image image/png	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ross.golfappweb.com/images/logo.png Requested by Host: ross.golfappweb.com URL: https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4fb28bade9c42bcc3ea50a7a999ef2abca04c7b710e6d30d437d90a94ec281b2` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "92f0-625b79005c72f" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iv4RWkF9DJ%2BGeKdPrHp5fQ75P0spEcabvI4LQD4%2Fh0cry2Hv%2FLw3%2BPvhlb9pWibpnvsEEKQyhQ%2Bqj6MbqqOXiu4aBRStMBsVkI27LvVYWb%2BL8teMMf10JLKMOl6qNA5zSuyzucQUMlraritQ1vl1QHAQ"}],"group":"cf-nel","max_age":604800} cf-ray 8dc9f3358d019f69-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=27865&sent=36&recv=40&lost=0&retrans=0&sent_bytes=24742&recv_bytes=2858&delivery_rate=499470&cwnd=38&unsent_bytes=0&cid=49a03fc20094db4c&ts=1200&x=0" content-length 37616 date Sun, 03 Nov 2024 05:26:33 GMT content-type image/png last-modified Wed, 30 Oct 2024 20:29:45 GMT vary Accept-Encoding server cloudflare
GET H2	200	flaglogo.png ross.golfappweb.com/images/	2 KB 3 KB	561ms 561ms	Image image/png	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ross.golfappweb.com/images/flaglogo.png Requested by Host: ross.golfappweb.com URL: https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9876a7ae2fff3841f6815203eea614d8cd0022ebbe6b9b4d97bfbc53bf422fe4` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status REVALIDATED etag "998-625b78feca1a5" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5XlOXZbDTpJ6MeRm6ulUQIJstxy%2FEG1A5dzgw3dDX3en8Yig0t79wDWX7LdyxtneNc4DW%2BtSogciknecRAQvcALrSs2fvzlSx1tn5Uirb4SwqQbhDXOcSn1lyo%2FuUKcSdmeD0XqnktokLqMDia%2BbOVTN"}],"group":"cf-nel","max_age":604800} cf-ray 8dc9f3358d029f69-AMS accept-ranges bytes alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=TCP&rtt=32148&sent=23&recv=23&lost=0&retrans=0&sent_bytes=16026&recv_bytes=2858&delivery_rate=188817&cwnd=38&unsent_bytes=0&cid=49a03fc20094db4c&ts=1154&x=0" content-length 2456 date Sun, 03 Nov 2024 05:26:33 GMT content-type image/png last-modified Wed, 30 Oct 2024 20:29:44 GMT vary Accept-Encoding server cloudflare
GET H3	200	product.png ross.golfappweb.com/images/	642 KB 643 KB	35ms 34ms	Image image/png	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ross.golfappweb.com/images/product.png Requested by Host: ross.golfappweb.com URL: https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b8268ce80bdb9ad4455d230ab92dd5081fe431aa2200188c9c617099df740931` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "a09e9-625b78fcf45f8" age 2 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BhPW0%2F4u%2F5ftXeaj9MyidI5g2d56kc1Y8u8mGwXEegK8qiNpN2mJNZ6mzl5PXTiK5Fbi905JA7I1fyMjD5dHVHfcqtnX8rvrfIUEcPMyYWg6%2Bfv65kBIfPCKsveJaN4XRzvElT%2B6T%2Bg8S2OUHYknPbTE"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=26755&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4291&recv_bytes=4427&delivery_rate=598&cwnd=12000&unsent_bytes=0&cid=151ef7952be857ec&ts=563&x=1", cfHdrFlush;dur=0 date Sun, 03 Nov 2024 05:26:33 GMT content-type image/png last-modified Wed, 30 Oct 2024 20:29:42 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dc9f338fb89d295-FRA accept-ranges bytes content-length 657897 server cloudflare
GET H3	200	loadingBL.gif ross.golfappweb.com/images/	122 KB 122 KB	147ms 146ms	Image image/gif	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ross.golfappweb.com/images/loadingBL.gif Requested by Host: ross.golfappweb.com URL: https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d769b5e89c5845baca4f51f91d02fdf4a4cbeb9db32c30e1c1c1f7a539518216` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "1e64a-625b79048df14" age 2 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QUfgmWqjDXaTb1aXfFEo2zFXQTSLzb8NBlYG0HmhXXBZC1sVB%2FzwfIiwZGh3VqxtiSdRZUS%2Fg62MVYPBxVrgz2sXXfRmNQFP5MjFt%2BWV16nB58wa%2B%2FWupW00dKjUdoDQSwqqTSSi6pvrsipBepRK2L5L"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=26755&sent=26&recv=25&lost=0&retrans=0&sent_bytes=16360&recv_bytes=8943&delivery_rate=598&cwnd=12000&unsent_bytes=0&cid=151ef7952be857ec&ts=583&x=1", cfHdrFlush;dur=2 date Sun, 03 Nov 2024 05:26:33 GMT content-type image/gif last-modified Wed, 30 Oct 2024 20:29:50 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dc9f3391bbad295-FRA accept-ranges bytes content-length 124490 server cloudflare
GET H3	200	prize1.png ross.golfappweb.com/images/	643 KB 644 KB	166ms 164ms	Image image/png	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ross.golfappweb.com/images/prize1.png Requested by Host: ross.golfappweb.com URL: https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d20539463f7835cee50ddc2e6ff1eb479fbe85acafbadc6e50de49b91b5d1313` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "a0ca0-625b78fe43d31" age 2 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zu98ynnaM%2FUIsyJWwnrSD1vV0zCNxrdWPW5VtPqOScd7KLjK7dywLqH2aNpE7KjtTm44tPBx4D0XWkdMMzNcIlqk7%2FJ7WD9Wmt57zX2qpwwPDMCqdO%2B6eAtXDY5NFuIt3IQvv7mSqqsKpAV0hW7kRLnp"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=26755&sent=26&recv=25&lost=0&retrans=0&sent_bytes=16360&recv_bytes=8943&delivery_rate=598&cwnd=12000&unsent_bytes=0&cid=151ef7952be857ec&ts=583&x=1", cfHdrFlush;dur=2 date Sun, 03 Nov 2024 05:26:33 GMT content-type image/png last-modified Wed, 30 Oct 2024 20:29:43 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dc9f3391bbcd295-FRA accept-ranges bytes content-length 658592 server cloudflare
GET H3	200	1.jpg ross.golfappweb.com/images/	53 KB 53 KB	249ms 247ms	Image image/jpeg	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ross.golfappweb.com/images/1.jpg Requested by Host: ross.golfappweb.com URL: https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `609638eda5a0802f689f6cd7093b8c04203e8a7d380560703427202a0669c754` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "d283-625b7900e27bb" age 2 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IaWiA8wEpDiISTFDhLZNY8oq7vT8EHWpIcF1L93SvDJOTqUi9%2FASSjO3N8tdFdXnb51Th7xpUBADnL3j%2FOUk2YifyAzU1DDY49pUTz5WkEzEKbHazLr8qyKo88fw2lOf0P%2BitF4i1Ri%2B8ntHqU2vuwF8"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=26755&sent=26&recv=25&lost=0&retrans=0&sent_bytes=16360&recv_bytes=8943&delivery_rate=598&cwnd=12000&unsent_bytes=0&cid=151ef7952be857ec&ts=583&x=1", cfHdrFlush;dur=2 date Sun, 03 Nov 2024 05:26:33 GMT content-type image/jpeg last-modified Wed, 30 Oct 2024 20:29:46 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dc9f3391bc0d295-FRA accept-ranges bytes content-length 53891 server cloudflare
GET H3	200	2.jpg ross.golfappweb.com/images/	38 KB 39 KB	269ms 268ms	Image image/jpeg	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ross.golfappweb.com/images/2.jpg Requested by Host: ross.golfappweb.com URL: https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3726b1f4b3896a1732d72294945c4d459fcfa3341cd52eba3c53c2695e6ddc0a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "98b4-625b78ff50230" age 2 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xBxHBAl4Cm6eS%2Bd5tlQdUvSRZdHdkC4lHPzzPjaAxSy8a%2BsHob%2BSuVDRNOSuwKBk%2Fgk5pm%2Bdn0sElQO3J7Miu%2FB%2BIS9JE14ModG5uMHaFdylUeYndslNobON1%2F49tb62iqFiTT%2Bk3SlY8hqMs4GXwm3Y"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=28931&sent=46&recv=30&lost=0&retrans=0&sent_bytes=40360&recv_bytes=9158&delivery_rate=385294&cwnd=24000&unsent_bytes=0&cid=151ef7952be857ec&ts=586&x=1", cfHdrFlush;dur=21 date Sun, 03 Nov 2024 05:26:33 GMT content-type image/jpeg last-modified Wed, 30 Oct 2024 20:29:44 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dc9f3391bc2d295-FRA accept-ranges bytes content-length 39092 server cloudflare
GET H3	200	comm_pic_1.jpg ross.golfappweb.com/images/	73 KB 74 KB	277ms 276ms	Image image/jpeg	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ross.golfappweb.com/images/comm_pic_1.jpg Requested by Host: ross.golfappweb.com URL: https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9e881c84c114503dfcf2681927f47ebfaeaeada94eeed9b0e4f411fea3f48439` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "12460-625b7902fb989" age 2 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ho3HYwiktuMI%2FKOpiycNwlkRlB37xQ5fIkFcbZgM8ZAJiDWFg%2BrBr%2FeLGh1jKQ4A0D3qsXwD5tNR6d3FQ5nSMOFDWFVam2eFNuBZ2nxWwJFTglTvEjZfApLQY9el%2FNALVrSqogf0QivyEJmg9VSSU65Z"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=28931&sent=46&recv=30&lost=0&retrans=0&sent_bytes=40360&recv_bytes=9158&delivery_rate=385294&cwnd=24000&unsent_bytes=0&cid=151ef7952be857ec&ts=587&x=1", cfHdrFlush;dur=20 date Sun, 03 Nov 2024 05:26:33 GMT content-type image/jpeg last-modified Wed, 30 Oct 2024 20:29:48 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dc9f3391bc5d295-FRA accept-ranges bytes content-length 74848 server cloudflare
GET H3	200	3.jpg ross.golfappweb.com/images/	46 KB 47 KB	280ms 278ms	Image image/jpeg	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ross.golfappweb.com/images/3.jpg Requested by Host: ross.golfappweb.com URL: https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0c7a3b7317394dd60e3133f86ca4e82ca5107a00c93fe248b1e377c9ace8e4ce` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "b8d8-625b790275516" age 2 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jlxFs0wkE9LSOCOCK%2Fqt6xJGDdwsN%2BsFwfYKbHBG2DD%2B%2FvqnOHtsYowQXykdB%2BQooZGyYw7TL7fq4QRt7oSQDMwSTcB5ajjPn2n%2FTTlrvmxkMeGPkOXuKUez8ASCSTTkVDIt85T56TxoniMx90sttVBW"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=28931&sent=46&recv=30&lost=0&retrans=0&sent_bytes=40360&recv_bytes=9158&delivery_rate=385294&cwnd=24000&unsent_bytes=0&cid=151ef7952be857ec&ts=586&x=1", cfHdrFlush;dur=21 date Sun, 03 Nov 2024 05:26:33 GMT content-type image/jpeg last-modified Wed, 30 Oct 2024 20:29:48 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dc9f3391bc8d295-FRA accept-ranges bytes content-length 47320 server cloudflare
GET H3	200	4.jpg ross.golfappweb.com/images/	35 KB 36 KB	288ms 286ms	Image image/jpeg	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ross.golfappweb.com/images/4.jpg Requested by Host: ross.golfappweb.com URL: https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `126d10d15fe82745b61efa4b92471ab582ba2057a2aadffd8a0c0d846550407a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "8bba-625b790513f9f" age 2 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VZ1kBkFtWV1EWBWGrPKFbW3dROp2jbIhpVJMC5amWDDVeUNdnRQIpfuCrW%2BLOx%2BRcEIdNx2REX310ShK0wz8Yg7UIJAF8Mv7zQXvDDe%2BCul8H8Ap4w6vSgAKuXhh8gjlHOGLtnQ69HrCgzBQmhtkb%2Bvz"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=28931&sent=46&recv=30&lost=0&retrans=0&sent_bytes=40360&recv_bytes=9158&delivery_rate=385294&cwnd=24000&unsent_bytes=0&cid=151ef7952be857ec&ts=589&x=1", cfHdrFlush;dur=18 date Sun, 03 Nov 2024 05:26:33 GMT content-type image/jpeg last-modified Wed, 30 Oct 2024 20:29:50 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dc9f3391bcad295-FRA accept-ranges bytes content-length 35770 server cloudflare
GET H3	200	comm_pic_2.jpg ross.golfappweb.com/images/	95 KB 96 KB	290ms 286ms	Image image/jpeg	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ross.golfappweb.com/images/comm_pic_2.jpg Requested by Host: ross.golfappweb.com URL: https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b0d9b65a64ac267feaef7582d2b81993212f4e1ab4e562fc7daf48ebe1986fe8` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "17db4-625b790381a15" age 1 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dcwzuX1cdGsJLAD9H28c%2BypJqIkgSE8lMaJy0ltunzXKZxbc79pkZnPh93WjYcxdC0xw%2Bss3JPynoLy1ml4E4FgSy9US5zWY%2BcuBHHCUv1D%2BiSzJ8nJFqyUc8yXtJ0w8PoKIxVpCfufE6VgLmbOmmfc%2F"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=28931&sent=46&recv=30&lost=0&retrans=0&sent_bytes=40360&recv_bytes=9158&delivery_rate=385294&cwnd=24000&unsent_bytes=0&cid=151ef7952be857ec&ts=587&x=1", cfHdrFlush;dur=20 date Sun, 03 Nov 2024 05:26:33 GMT content-type image/jpeg last-modified Wed, 30 Oct 2024 20:29:49 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dc9f3391bcfd295-FRA accept-ranges bytes content-length 97716 server cloudflare
GET H3	200	5.jpg ross.golfappweb.com/images/	48 KB 49 KB	308ms 304ms	Image image/jpeg	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ross.golfappweb.com/images/5.jpg Requested by Host: ross.golfappweb.com URL: https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `369a79cca006827baf7e0cd3fe2482a2c2395965ddeb2523109075c281cb35ee` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "c16f-625b78fd7a684" age 2 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2FJSlZSQ%2BUqapFw0cdEwBrBWL%2F73Jva0iNr7FItsSiVnb6fyrpEhW1giztdXbJFT6nrkUxxhDKNJ90yDFdjQREyZ3ZWVhklasf%2BRhkLu5JZiTESGYP301tWuLy7%2BgbHicZHz5z%2BPuxu0j%2F0j5JG8Pw1j"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=28931&sent=46&recv=30&lost=0&retrans=0&sent_bytes=40360&recv_bytes=9158&delivery_rate=385294&cwnd=24000&unsent_bytes=0&cid=151ef7952be857ec&ts=595&x=1", cfHdrFlush;dur=12 date Sun, 03 Nov 2024 05:26:33 GMT content-type image/jpeg last-modified Wed, 30 Oct 2024 20:29:42 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dc9f3391bd1d295-FRA accept-ranges bytes content-length 49519 server cloudflare
GET H3	200	f_guarantee.png ross.golfappweb.com/images/	6 KB 7 KB	316ms 313ms	Image image/png	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ross.golfappweb.com/images/f_guarantee.png Requested by Host: ross.golfappweb.com URL: https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "18d0-625b790407aa0" age 2 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rakXJyBe59571s4%2BFYHOkkUZ2wZNfX8c0PdFbdGWryezDtdhYW6aXvuny7DF7iqGqQbr2hgbwxZM%2F8WfQd7fj47dflRS98FZ%2BWDLvGo0nADHAnAtS9PIIAFd%2Bpg7MX5ELj5O%2BqFGFC0L3XjWjj2cBWo1"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=28931&sent=46&recv=30&lost=0&retrans=0&sent_bytes=40360&recv_bytes=9158&delivery_rate=385294&cwnd=24000&unsent_bytes=0&cid=151ef7952be857ec&ts=587&x=1", cfHdrFlush;dur=20 date Sun, 03 Nov 2024 05:26:33 GMT content-type image/png last-modified Wed, 30 Oct 2024 20:29:49 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dc9f3391bd3d295-FRA accept-ranges bytes content-length 6352 server cloudflare
GET H3	200	f_secure_1.png ross.golfappweb.com/images/	10 KB 10 KB	318ms 315ms	Image image/png	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ross.golfappweb.com/images/f_secure_1.png Requested by Host: ross.golfappweb.com URL: https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "2686-625b790168c2e" age 2 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4gPOaBaME6P8c79nu6vREbPgV8GWo0rDtxcPyIgLaEgmHSvYExoIz0jU4p%2Fs3UcXsOL%2F4HjqTTmNyH%2Bgxc%2BqVPJOIaKLjWK2uTVzgmkZL82t7znVNQ8S4nuuJp%2FjNHt8H65zEvo2C8qHpV%2BPwxU7Zswn"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=28931&sent=46&recv=30&lost=0&retrans=0&sent_bytes=40360&recv_bytes=9158&delivery_rate=385294&cwnd=24000&unsent_bytes=0&cid=151ef7952be857ec&ts=587&x=1", cfHdrFlush;dur=20 date Sun, 03 Nov 2024 05:26:33 GMT content-type image/png last-modified Wed, 30 Oct 2024 20:29:46 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dc9f3391bd4d295-FRA accept-ranges bytes content-length 9862 server cloudflare
GET H3	200	logo2.png ross.golfappweb.com/images/	37 KB 38 KB	321ms 317ms	Image image/png	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ross.golfappweb.com/images/logo2.png Requested by Host: ross.golfappweb.com URL: https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `590d8aeae9f63085d5e10ba4d7259b8f2eb68263612a07028ca47a1cebbcb394` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status HIT etag "95a7-625b78ffd62bc" age 2 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bt2h48gCyrExMa32tUqSqwkPj4zct9bMZ9UuOKBa14W8nxI8v74o%2F%2Fmeulxk5iNdQxTKFCpdtR235LF02LnC1%2FxDbszKUoav3bL%2BAVj8eTX1UO28sVmx%2BvrwijByzv1yRi2FEyNyd8EOLiaBWaf9dKOa"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=28931&sent=46&recv=30&lost=0&retrans=0&sent_bytes=40360&recv_bytes=9158&delivery_rate=385294&cwnd=24000&unsent_bytes=0&cid=151ef7952be857ec&ts=587&x=1", cfHdrFlush;dur=20 date Sun, 03 Nov 2024 05:26:33 GMT content-type image/png last-modified Wed, 30 Oct 2024 20:29:45 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dc9f3391bd5d295-FRA accept-ranges bytes content-length 38311 server cloudflare
GET H3	200	script.js Show response ross.golfappweb.com/js/	10 KB 3 KB	252ms 250ms	Script application/javascript	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ross.golfappweb.com/js/script.js Requested by Host: ross.golfappweb.com URL: https://ross.golfappweb.com/?customer-id=ar728fhcg5955-ab1316xn9md23-yn939l0j5m86a Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f8003f36c919d6bcd0798530b75697b91cbeb0588529d2a1ac43b935f1d87c1a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status HIT etag W/"2935-625b7906a6142" age 2 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MmUZC%2FKH82Dy3ytjP%2FUkP%2BLzbYXSiz1F5Ml84hdPGH%2BA%2FLP%2FFEezd52rOKl61cC3ymXp08P1PhJ%2FKon7RmcGSbS%2FYh1YFV4a%2FnQ8o5l2CXwV09dvNPbNT4P%2F0dlJqYXFx5xd0QexB6W4YgCNGQNXoG8e"}],"group":"cf-nel","max_age":604800} cf-ray 8dc9f3391bbfd295-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=28931&sent=46&recv=30&lost=0&retrans=0&sent_bytes=40360&recv_bytes=9158&delivery_rate=385294&cwnd=24000&unsent_bytes=0&cid=151ef7952be857ec&ts=586&x=1", cfHdrFlush;dur=21 date Sun, 03 Nov 2024 05:26:33 GMT content-type application/javascript last-modified Wed, 30 Oct 2024 20:29:52 GMT vary Accept-Encoding server cloudflare
GET H3	200	bg.png ross.golfappweb.com/images/	285 KB 285 KB	336ms 332ms	Image image/png	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ross.golfappweb.com/images/bg.png Requested by Host: ross.golfappweb.com URL: https://ross.golfappweb.com/css/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6b30009f4e913929f5ad7491a440865817a22917fb4c9624c0b62741eb4ad9ce` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://ross.golfappweb.com/css/style.css Response headers cf-cache-status HIT etag "472e0-625b7901ef48a" age 2 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7YK1to%2Bs7%2FBG9DTiZ53oENrg%2Fl11hpUrEkm1xHbYLLQKMHsHBH7%2FzLc%2BwWPklE5WIRMPnyjdrckK%2Fu%2FLczAMnmG6vJPDWofVjpr%2BniDRpuONttMi5KLEszy5FC%2BDqpleQF6LvXJxcMwN4bYlSHzE5Fcw"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=28931&sent=46&recv=30&lost=0&retrans=0&sent_bytes=40360&recv_bytes=9158&delivery_rate=385294&cwnd=24000&unsent_bytes=0&cid=151ef7952be857ec&ts=587&x=1", cfHdrFlush;dur=20 date Sun, 03 Nov 2024 05:26:33 GMT content-type image/png last-modified Wed, 30 Oct 2024 20:29:47 GMT vary Accept-Encoding cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8dc9f3391bd6d295-FRA accept-ranges bytes content-length 291552 server cloudflare
GET H3	404	favicon.ico ross.golfappweb.com/	196 B 787 B	574ms 572ms	Other text/html	2606:4700:3032::ac43:bc49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ross.golfappweb.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:bc49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UQCBMbbgt%2BFa6ff3yjW69yD9QGuaPKS%2F6duvMbSbO91q9xv04fjJuN8T4ZxEZjBvjsvGDL99FS3Kr6T5jX75s2wenuSrU3L0xDSJWcGdyX13v8UclOGhlPERyBpZQ%2BT2I0CgsGXlx3ekVG%2FvnTSL40WZ"}],"group":"cf-nel","max_age":604800} cf-ray 8dc9f33c4fefd295-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=25975&sent=2068&recv=275&lost=156&retrans=156&sent_bytes=2435860&recv_bytes=20777&delivery_rate=4336164&cwnd=181343&unsent_bytes=0&cid=151ef7952be857ec&ts=1638&x=1", cfHdrFlush;dur=0 date Sun, 03 Nov 2024 05:26:34 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			tenj.gracelandsad.shop/	1969-12-31 23:59:59	Name: mwsid Value: 0n4jrm8rdhg87j400rtpdjplub

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ross.golfappweb.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

facebook-verified.moonflowsad.shop
ross.golfappweb.com
tenj.gracelandsad.shop
use.fontawesome.com
2606:4700:3032::6815:481b
2606:4700:3032::ac43:bc49
2606:4700:3035::6815:425d
2606:4700:3037::ac43:8ef5
0c7a3b7317394dd60e3133f86ca4e82ca5107a00c93fe248b1e377c9ace8e4ce
126d10d15fe82745b61efa4b92471ab582ba2057a2aadffd8a0c0d846550407a
369a79cca006827baf7e0cd3fe2482a2c2395965ddeb2523109075c281cb35ee
3726b1f4b3896a1732d72294945c4d459fcfa3341cd52eba3c53c2695e6ddc0a
4f7b917afd8fe42216c170d83013ba8e33ea0780576bc6df0ed7098ae6743859
4fb28bade9c42bcc3ea50a7a999ef2abca04c7b710e6d30d437d90a94ec281b2
590d8aeae9f63085d5e10ba4d7259b8f2eb68263612a07028ca47a1cebbcb394
609638eda5a0802f689f6cd7093b8c04203e8a7d380560703427202a0669c754
6b30009f4e913929f5ad7491a440865817a22917fb4c9624c0b62741eb4ad9ce
721fd25fad2ceea766b483f7692fc840097de75bb54185273920adf62da63e15
72cd874f947116cba053e9a1ce527aad1246fa78accaff5be04bec50706b980d
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
812ab0e46f86b2ce98ab2425ab2224b90d0845952a1ac0d5abd734b6217e98bf
9876a7ae2fff3841f6815203eea614d8cd0022ebbe6b9b4d97bfbc53bf422fe4
9e881c84c114503dfcf2681927f47ebfaeaeada94eeed9b0e4f411fea3f48439
b0d9b65a64ac267feaef7582d2b81993212f4e1ab4e562fc7daf48ebe1986fe8
b8268ce80bdb9ad4455d230ab92dd5081fe431aa2200188c9c617099df740931
bf50b75839e09bb51cda517f43430777465f51c52870472c932b5fb3ce6c7f1e
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
d20539463f7835cee50ddc2e6ff1eb479fbe85acafbadc6e50de49b91b5d1313
d769b5e89c5845baca4f51f91d02fdf4a4cbeb9db32c30e1c1c1f7a539518216
f8003f36c919d6bcd0798530b75697b91cbeb0588529d2a1ac43b935f1d87c1a

ross.golfappweb.com Open in urlscan Pro 2606:4700:3032::ac43:bc49 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

100 %IPv6

4 Domains

4 Subdomains

2 IPs

1 Countries

2630 kBTransfer

3473 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

17 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

ross.golfappweb.com Open in urlscan Pro
2606:4700:3032::ac43:bc49 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

2630 kB
Transfer

3473 kB
Size

1
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!