o8web.help-d47.ru Open in urlscan Pro
2606:4700:3033::ac43:9b6f  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://aflahcommunication.net/images/ Page URL
2. https://o8web.help-d47.ru/ Page URL
3. https://o8web.help-d47.ru/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

• https://o8web.help-d47.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
• https://o8web.help-d47.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response aflahcommunication.net/images/	198 B 465 B	1213ms 538ms	Document text/html	103.140.158.4 AFLAH-BD Aflah Co...
General Check archive.org Show headers Download Go to Full URL https://aflahcommunication.net/images/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.140.158.4 , Bangladesh, ASN139276 (AFLAH-BD Aflah Communication, BD), Reverse DNS Software LiteSpeed / Resource Hash fc4a2328d5366bcab9272e0ccd7698b43a37b5e0dcd1ee5e51d671ccf3e3c83b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 198 content-type text/html date Tue, 27 Aug 2024 09:04:58 GMT etag "c6-66cd78b6-1f4047;;;" last-modified Tue, 27 Aug 2024 06:56:54 GMT server LiteSpeed
GET H2	200	/ Show response o8web.help-d47.ru/	1 KB 1 KB	5012ms 4490ms	Document text/html	2606:4700:3033::ac43:9b6f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://o8web.help-d47.ru/ Requested by Host: aflahcommunication.net URL: https://aflahcommunication.net/images/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:9b6f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 08d6913a968a9bcd7ba326fbe88246f71632deab07c29d516289ee2c69e2046b Request headers Referer https://aflahcommunication.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8b96d8dbfb06abae-YYZ content-encoding br content-type text/html; charset=UTF-8 date Mon, 26 Aug 2024 21:17:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8hdoGAl4hNe6MTlkD4HIT0qMuY8XHpHWajZ5epnf%2BGK6iJ866eGjZql5Z%2F2Xcidsn7xFGzZwZuNct0S2Q02F2nLn3rchexLppVq5pvEuByEFb32l1a62pzE4XW23ZBaEqll6xvVJlYgpPngstSu9%2FA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	404	favicon.ico o8web.help-d47.ru/	315 B 702 B	421ms 420ms	Other text/html	2606:4700:3033::ac43:9b6f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://o8web.help-d47.ru/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:9b6f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers Referer https://o8web.help-d47.ru/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 21:17:15 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xldW69xuxPIKAwPAo%2FaKpHRP6PM6l7A%2B4C1Mmd8FmHWHR0tgf65pnxoj7Ciiusi%2BNuWng7kBfgr7SDSEHK1W6YbBYK9P7wFfS%2FPZ%2F%2Fr6VPU4dIgEseA3kA5wXx3f6JAhIlnbeIxiTP9xBPNnhhsnLw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 8b96d8f88a7936d4-YYZ alt-svc h3=":443"; ma=86400
GET H3	200	Primary Request / Show response o8web.help-d47.ru/	11 KB 4 KB	462ms 461ms	Document text/html	2606:4700:3033::ac43:9b6f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://o8web.help-d47.ru/ Requested by Host: o8web.help-d47.ru URL: https://o8web.help-d47.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:9b6f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 141bbb240780a1d84968703d9cc6f8abe568db4f92bb9f04d5233520ad984bbf Request headers Referer https://o8web.help-d47.ru/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8b96d9050d4f36d4-YYZ content-encoding br content-type text/html; charset=UTF-8 date Mon, 26 Aug 2024 21:17:17 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CLHRGbTicObQvzKEVq8coukl0TYchabELblRhh%2F1wryF%2B5%2FRf1zy2E2kyXQtaSy2KtRWzoc341YdL1OWa8UdwtERTcwI3lN412GJF%2Fk12Y2xZYDpbAlzbUAW3yTtNt6BTc2iRQf2YZXbLfzNplg4pg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	mdb.min.css green-bullet.de/hu_files/lib/styles/	287 KB 41 KB	763ms 643ms	Stylesheet text/css	2606:4700:3034::6815:47e7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://green-bullet.de/hu_files/lib/styles/mdb.min.css Requested by Host: o8web.help-d47.ru URL: https://o8web.help-d47.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:47e7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c80866893373ec9896baeef7fd0aeb5dc5ed5d20ca19506f9152332198550a71 Request headers Referer https://o8web.help-d47.ru/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 21:17:18 GMT content-encoding br cf-cache-status MISS last-modified Mon, 03 Jun 2024 01:12:44 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"47cdf-619f207d9ac2a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YEm44jAP%2FAcVj8iksP0hpymqFYNGuCMRF11B%2BzaZGsTLzmOlHFPCrTvNBulxxE4u0a5Py2WltDMYn4p2dJjq4EQOG70xxFddK%2BtAnLB95wgNFMNfPRZuRv3MAlMWlBgoa8Rtp9Dr8KFMcseksV0%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=14400 cf-ray 8b96d908bb5fab09-YYZ alt-svc h3=":443"; ma=86400
GET H3	200	modernizr.min.js Show response cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/	11 KB 5 KB	131ms 34ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js Requested by Host: o8web.help-d47.ru URL: https://o8web.help-d47.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer Origin https://o8web.help-d47.ru User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 21:17:17 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 344416 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 3980 last-modified Mon, 04 May 2020 16:13:26 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03f26-2b4c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QDTxPXONQwmTPMef%2BYy3%2FzOtLW9DDdQP99ARdDMjaQ11skM5vuU398LYhgEejuh%2B90XYBXtYQgavjrCRBrV6WKTXUy5PENoiJQRM6BX5jByG2jLkD6vx65B7YHPYurwpMXdW6MLb7JDi5IHQIEegXx%2Fw"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8b96d9088a65711c-YYZ expires Sat, 16 Aug 2025 21:17:17 GMT
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/	158 KB 26 KB	157ms 34ms	Stylesheet text/css	2606:4700::6812:bb1f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css Requested by Host: o8web.help-d47.ru URL: https://o8web.help-d47.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://o8web.help-d47.ru/ Origin https://o8web.help-d47.ru User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 21:17:17 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 9705643 x-jsd-version 4.6.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 26291 x-served-by cache-fra-etou8220126-FRA, cache-lga21977-LGA x-jsd-version-type version server cloudflare etag W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kTajhyqhzPwMEMA8THeSJaYZVI9W0xHjv15KPgCUNa79XqhICBQGSt9ae1yIQp%2B3KkDVKtBLKSU%2FjC1aZ0wCfMrWSSremCs3jGyRrzAcgQEkNSaHbiQDJ8f1%2BndBFX5poOWzywzleTVgpzzf6X8%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin * cf-ray 8b96d908c8fda220-YYZ
GET H3	200	csslogin.css green-bullet.de/hu_files/ca/	11 KB 3 KB	368ms 255ms	Stylesheet text/css	2606:4700:3034::6815:47e7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://green-bullet.de/hu_files/ca/csslogin.css Requested by Host: o8web.help-d47.ru URL: https://o8web.help-d47.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:47e7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1e49c66c2f4e50cc707de1e1b944372bce1ce4a270f275f26aa4b8e63f0b92ea Request headers Referer https://o8web.help-d47.ru/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 21:17:17 GMT content-encoding br cf-cache-status MISS last-modified Mon, 03 Jun 2024 19:02:09 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2b42-61a00f8595b2b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L15ZI8fpVtqPmE3mhllG33aA1TlHiZ%2F07%2ByfwyMJxaxbBWyX%2BtchoRcGO1cPMwOxyKhrg1dJlMNqNvOOrXj6WvJMclj82Gu4lH8MqpUedfyyMbHCW4HyYH6rWw6hxQbaSZ9WR8SqO2DogdOZTyU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=14400 cf-ray 8b96d908bb66ab09-YYZ alt-svc h3=":443"; ma=86400
GET H2	200	pro.min.js Show response kit-pro.fontawesome.com/releases/v5.10.1/js/	38 KB 14 KB	174ms 36ms	Script application/javascript	2606:4700:4400::ac40:93bc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit-pro.fontawesome.com/releases/v5.10.1/js/pro.min.js Requested by Host: o8web.help-d47.ru URL: https://o8web.help-d47.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 99dfbe63c61bafe408cb64769cb5cea7371ae1fa9d8f0ee9b9d3f56fc069cb84 Request headers Referer https://o8web.help-d47.ru/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 21:17:17 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 01 Jul 2021 19:18:44 GMT server cloudflare x-amz-request-id G6M8HJ41HBSYANQE age 15554106 etag W/"4766b73f9b7e21dda2ce268440367566" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31556926 cf-ray 8b96d908ea14544f-YYZ x-amz-id-2 UCWm0/JGKQoxKoFOv0zw0IfcyA/zGMOlUpkCcbsJL3sLMQUWy7H6BJorhrdpvTVB/IrwQqzDU9o= expires Wed, 27 Aug 2025 03:06:03 GMT
GET H3	200	jquery-3.3.1.min.js Show response green-bullet.de/hu_files/lib/js/	85 KB 31 KB	561ms 450ms	Script application/javascript	2606:4700:3034::6815:47e7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://green-bullet.de/hu_files/lib/js/jquery-3.3.1.min.js Requested by Host: o8web.help-d47.ru URL: https://o8web.help-d47.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:47e7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Request headers Referer https://o8web.help-d47.ru/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 21:17:17 GMT content-encoding br cf-cache-status MISS last-modified Sat, 01 Jun 2024 23:18:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1538f-619dc52573f12" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HYttnrdQOObBz8nVL2QOix04o2xiQXeu%2FFoljufXUt%2B%2F072ojyVjr0K6Ux8QxBkMqjwjp%2BEqju7qexjU14va%2FcW%2B8LQoAPiYRa8CSTMIqklTkn9vvXYm37J0jm9j2ybEVxb%2BZ21S%2FtcAjfkxdOg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control max-age=14400 cf-ray 8b96d908bb63ab09-YYZ alt-svc h3=":443"; ma=86400
GET H3	200	lockup.svg green-bullet.de/hu_files/lib/pics/	4 KB 2 KB	347ms 235ms	Image image/svg+xml	2606:4700:3034::6815:47e7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://green-bullet.de/hu_files/lib/pics/lockup.svg Requested by Host: o8web.help-d47.ru URL: https://o8web.help-d47.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:47e7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ce0c7443f6975ac01655f26813947926a374c68f28289dd198fc6299203beed Request headers Referer https://o8web.help-d47.ru/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 21:17:17 GMT content-encoding br cf-cache-status MISS last-modified Mon, 03 Jun 2024 01:13:50 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"f66-619f20bc1aee5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2F2R2HFYF73esc5Kk3Inc9KHW5pQvRAQ8P2KeiGFj67xslHvS32LlvmdmpRakzGWbUIUMyu6F47WL5BZ0aiNlIG4JcQqpm7m0dxO7Tckp8SWvcbqNTsObcD1d28uEBZLZNFZjImYtX%2B6mET4dN4%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control max-age=14400 cf-ray 8b96d908bb65ab09-YYZ alt-svc h3=":443"; ma=86400
GET H3	200	org.jpg green-bullet.de/hu_files/lib/pics/	12 KB 13 KB	347ms 237ms	Image image/jpeg	2606:4700:3034::6815:47e7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://green-bullet.de/hu_files/lib/pics/org.jpg Requested by Host: o8web.help-d47.ru URL: https://o8web.help-d47.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:47e7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12a0ff19ee00a5bb06e0563058736ca6c95369515e0b3796f910e37bae5f524c Request headers Referer https://o8web.help-d47.ru/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 21:17:17 GMT cf-cache-status MISS last-modified Mon, 03 Jun 2024 01:14:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "315e-619f20cd41ad1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6m9uOW7PzXtZrMLyvjHS%2BC8lHJyGO0LAokwb9DlJQEchVCY%2FcrOAJiTgGwK%2BP6ae%2F339s35aow5k0BFfk6oyt22s9DqrrECl%2BAgI5Qrqs6lJH328AKvcU%2FD%2FA8EDP3xu8HSv6ySmMrMGb6bFcIc%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 8b96d908bb61ab09-YYZ alt-svc h3=":443"; ma=86400 content-length 12638
GET H3	200	EHL_Black_HouseOnly.svg green-bullet.de/hu_files/lib/pics/	707 B 816 B	237ms 237ms	Image image/svg+xml	2606:4700:3034::6815:47e7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://green-bullet.de/hu_files/lib/pics/EHL_Black_HouseOnly.svg Requested by Host: o8web.help-d47.ru URL: https://o8web.help-d47.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:47e7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4808c0ca2576dc18bf8df509199edef7a4a2b809fde09ecc6688f998e855486e Request headers Referer https://o8web.help-d47.ru/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 21:17:18 GMT content-encoding br cf-cache-status MISS last-modified Mon, 03 Jun 2024 01:14:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2c3-619f20dca485f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FX7t1OkilTMQlr3mDJw9d5sxURfTeqDRml9wWF7dZTm0IiTEN00Br5y%2FPFpul0cbx9xXPZpig7l6UHvRrtDCb89JcyFFgSvWJ0m9gU1suLGhVZm%2BOKf4zQ%2FSYhD9awFJnlU%2FzBl3tlP5SBmtIFs%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control max-age=14400 cf-ray 8b96d90a3c5fab09-YYZ alt-svc h3=":443"; ma=86400
GET H3	200	mdb.min.js Show response cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/3.6.0/	230 KB 46 KB	127ms 30ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/3.6.0/mdb.min.js Requested by Host: o8web.help-d47.ru URL: https://o8web.help-d47.ru/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c203b910388ddd0a665f9d474cb718737002a0ba8188ba1eb7b6f1848b595868 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://o8web.help-d47.ru/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 21:17:17 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 2083006 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 46537 last-modified Mon, 07 Jun 2021 14:34:00 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "60be2e58-b5c9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=264ulNpFtYlc1hvn%2Fc7m8chznWxOajEfY6z9n%2FfYCKYztosNZ35UAj4qHZrBOvXq7DPUVeyibAEDsjVSJruYd%2Bco8PiWaU5P3GzstSCQKgm0zYklYku1neQ2TBllOZHoS1Lu8gkB%2BIlJdbFCWjcIk8cN"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8b96d90aff1eac39-YYZ expires Sat, 16 Aug 2025 21:17:17 GMT
GET H2	200	popper.min.js Show response cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/	21 KB 8 KB	37ms 36ms	Script application/javascript	2606:4700::6812:bb1f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js Requested by Host: o8web.help-d47.ru URL: https://o8web.help-d47.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://o8web.help-d47.ru/ Origin https://o8web.help-d47.ru User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 21:17:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 9705581 x-jsd-version 1.16.1 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 7831 x-served-by cache-fra-eddf8230124-FRA, cache-lga21977-LGA x-jsd-version-type version server cloudflare etag W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bxFAH%2BF5mr9rnD9MufZ4D3GzmtaP9RERQrm5ulFRvzx1vqDVMjiLzDCVlf7kwlP%2FQ%2FY8pyXnW%2Fhj9Cvd4y%2FpDFwwE7deeja%2FOxckMNGS75j5neErsipaKKBWfqXPir%2BaFYPzWm80ZPGKSVkoYFs%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin * cf-ray 8b96d90b7ae6a220-YYZ
GET H2	200	bootstrap.min.js Show response cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/	62 KB 16 KB	35ms 33ms	Script application/javascript	2606:4700::6812:bb1f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js Requested by Host: o8web.help-d47.ru URL: https://o8web.help-d47.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://o8web.help-d47.ru/ Origin https://o8web.help-d47.ru User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Mon, 26 Aug 2024 21:17:18 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 9705593 x-jsd-version 4.6.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 16235 x-served-by cache-fra-eddf8230032-FRA, cache-lga21962-LGA x-jsd-version-type version server cloudflare etag W/"f7eb-O+7WjtfXU8a/T2HCY4bd15KboDA" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ijUHLUrX130d9HvfKSxfOIP9gwgWN4EeL27aiElgpP9weh4lPdPRmSWtfJoeX1GwIbnLLDP7ZW5poHzDy%2FzRHg9LIqgcilv2gZcc3oLDcLLMLqASEIQ1qB4yIY5U0txFmmB4bBrN%2BRV6wuZUCXY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin * cf-ray 8b96d90bbb0ca220-YYZ
GET		bars.svg kit-pro.fontawesome.com/releases/v5.10.1/svgs/solid/	0 0
GET		search.svg kit-pro.fontawesome.com/releases/v5.10.1/svgs/solid/	0 0
GET		lock.svg kit-pro.fontawesome.com/releases/v5.10.1/svgs/solid/	0 0
GET		facebook-square.svg kit-pro.fontawesome.com/releases/v5.10.1/svgs/brands/	0 0
GET		twitter.svg kit-pro.fontawesome.com/releases/v5.10.1/svgs/brands/	0 0
GET		instagram.svg kit-pro.fontawesome.com/releases/v5.10.1/svgs/brands/	0 0
GET		youtube.svg kit-pro.fontawesome.com/releases/v5.10.1/svgs/brands/	0 0
GET		main.js o8web.help-d47.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/ Frame E4A8 Redirect Chain https://o8web.help-d47.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js https://o8web.help-d47.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?	0 0
GET		favi.ico green-bullet.de/hu_files/lib/pics/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

kit-pro.fontawesome.com

URL

https://kit-pro.fontawesome.com/releases/v5.10.1/svgs/solid/bars.svg

Domain

kit-pro.fontawesome.com

URL

https://kit-pro.fontawesome.com/releases/v5.10.1/svgs/solid/search.svg

Domain

kit-pro.fontawesome.com

URL

https://kit-pro.fontawesome.com/releases/v5.10.1/svgs/solid/lock.svg

Domain

kit-pro.fontawesome.com

URL

https://kit-pro.fontawesome.com/releases/v5.10.1/svgs/brands/facebook-square.svg

Domain

kit-pro.fontawesome.com

URL

https://kit-pro.fontawesome.com/releases/v5.10.1/svgs/brands/twitter.svg

Domain

kit-pro.fontawesome.com

URL

https://kit-pro.fontawesome.com/releases/v5.10.1/svgs/brands/instagram.svg

Domain

kit-pro.fontawesome.com

URL

https://kit-pro.fontawesome.com/releases/v5.10.1/svgs/brands/youtube.svg

Domain

o8web.help-d47.ru

URL

https://o8web.help-d47.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?

Domain

green-bullet.de

URL

https://green-bullet.de/hu_files/lib/pics/favi.ico

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Huntington Bank (Banking)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| html5 object| Modernizr object| FontAwesomeConfig object| ___FONT_AWESOME___ object| FontAwesome function| $ function| jQuery number| uidEvent object| mdb function| Popper object| bootstrap

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.help-d47.ru/	1970-01-21 07:50:43	Name: __ddg1_ Value: c1dxcIhDg1JapPDxD7zX
			o8web.help-d47.ru/	1970-01-20 23:05:08	Name: pass Value: 2001%3A4958%3A1420%3A151%3A%3A70
			o8web.help-d47.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: e85ed2fac913bb2ea8c33762b8feaafa

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://o8web.help-d47.ru/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
recommendation	warning	URL: https://o8web.help-d47.ru/ Message: [DOM] Found 2 elements with non-unique id #form1Example1: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://o8web.help-d47.ru/ Message: [DOM] Found 2 elements with non-unique id #form1Example2: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	warning	URL: https://o8web.help-d47.ru/ Message: [DOM] Found 2 elements with non-unique id #form_box: (More info: https://goo.gl/9p2vKq) %o %o
recommendation	verbose	URL: https://o8web.help-d47.ru/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://o8web.help-d47.ru/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aflahcommunication.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
green-bullet.de
kit-pro.fontawesome.com
o8web.help-d47.ru
green-bullet.de
kit-pro.fontawesome.com
o8web.help-d47.ru
103.140.158.4
2606:4700:3033::ac43:9b6f
2606:4700:3034::6815:47e7
2606:4700:4400::ac40:93bc
2606:4700::6811:180e
2606:4700::6812:bb1f
08d6913a968a9bcd7ba326fbe88246f71632deab07c29d516289ee2c69e2046b
12a0ff19ee00a5bb06e0563058736ca6c95369515e0b3796f910e37bae5f524c
141bbb240780a1d84968703d9cc6f8abe568db4f92bb9f04d5233520ad984bbf
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1e49c66c2f4e50cc707de1e1b944372bce1ce4a270f275f26aa4b8e63f0b92ea
4808c0ca2576dc18bf8df509199edef7a4a2b809fde09ecc6688f998e855486e
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
99dfbe63c61bafe408cb64769cb5cea7371ae1fa9d8f0ee9b9d3f56fc069cb84
9ce0c7443f6975ac01655f26813947926a374c68f28289dd198fc6299203beed
c203b910388ddd0a665f9d474cb718737002a0ba8188ba1eb7b6f1848b595868
c80866893373ec9896baeef7fd0aeb5dc5ed5d20ca19506f9152332198550a71
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba
fc4a2328d5366bcab9272e0ccd7698b43a37b5e0dcd1ee5e51d671ccf3e3c83b
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f