megapersonals-refund-money.xyz Open in urlscan Pro
2606:4700:3034::ac43:8391 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://megapersonals-refund-money.xyz/
Submission: On November 14 via automatic, source certstream-suspicious (November 14th 2024, 5:06:57 pm UTC) — Scanned from CA

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3034::ac43:8391, located in United States and belongs to . The main domain is megapersonals-refund-money.xyz.
TLS certificate: Issued by WE1 on November 14th 2024. Valid for: 3 months.

This is the only time megapersonals-refund-money.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:303... 2606:4700:3034::ac43:8391	() ()
5	2600:141b:1c0... 2600:141b:1c00:2587::523	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2607:f8b0:400... 2607:f8b0:4006:80e::200a	15169 (GOOGLE) (GOOGLE)
13	4

5 2606:4700:3034::ac43:8391 (United States)

ASN- ()

megapersonals-refund-money.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:141b:1c00:2587::523 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 3289	211 KB
5	megapersonals-refund-money.xyz megapersonals-refund-money.xyz	93 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 55	2 KB
13	3

	Domain	Requested by
5	res.cloudinary.com	megapersonals-refund-money.xyz
5	megapersonals-refund-money.xyz	megapersonals-refund-money.xyz
3	fonts.googleapis.com	megapersonals-refund-money.xyz
13	3

This site contains no links.

Subject Issuer	Validity	Valid
megapersonals-refund-money.xyz WE1	`2024-11-14` - `2025-02-12`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2023-12-18` - `2025-01-13`	a year	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://megapersonals-refund-money.xyz/
Frame ID: 910EAC8A5D07C0C14127121DF402CEDB
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MegaPersonals: Classified hookups

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Cloudinary (CDN) Expand

Overall confidence: 80%
Detected patterns

<img[^>]+\.cloudinary\.com

Page Statistics

13
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

306 kB
Transfer

629 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
megapersonals-refund-money.xyz/ 24 KB
13 KB 929ms
614ms Document
text/html 2606:4700:3034::ac43:8391

General

Check archive.org

Show headers Download Go to

Full URL

https://megapersonals-refund-money.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8391 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

fa5f291f7d2f55cdcb2310374af038de9e4b72258be0a685e8d405f806e70da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e2897ea4dae41d9-EWR
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Thu, 14 Nov 2024 17:06:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
referrer-policy: same-origin same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mAAzSmhVaUjCXgL%2FMUa6q%2BqeJW7Wlw265OmJWyzi6GWV%2Bm35LKxuQngiVa7nstwPWrruiJ1P6a%2F195K0%2BYeAR3N%2F0pnS5ZHNgGiVp91ihMrtOM2J0fji1PYAkBVgR%2BeZp8SE%2BP7zKXienR6invAmsVSmKmC%2F2hdNIbiJOvc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=167907&sent=13&recv=9&lost=0&retrans=0&sent_bytes=4195&recv_bytes=4394&delivery_rate=3593&cwnd=12000&unsent_bytes=0&cid=9c75dd6d6f3b2db6&ts=572&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies: master-only master-only
x-xss-protection: 1; mode=block 1; mode=block

GET
H3 200 bootstrap.min.css
megapersonals-refund-money.xyz/assets/css/ 114 KB
21 KB 635ms
631ms Stylesheet
text/css 2606:4700:3034::ac43:8391

General

Check archive.org

Show headers Download Go to

Full URL: https://megapersonals-refund-money.xyz/assets/css/bootstrap.min.css
Requested by: Host: megapersonals-refund-money.xyz
URL: https://megapersonals-refund-money.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:8391 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ce245955796422865e751be55df3863da7e2cf9f594b6f1522d20e0f3d12fa2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://megapersonals-refund-money.xyz/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"6640d542-1c9be"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OYEpN0Ei87gcbAe5Ey21zYNUEtN4xSY7k4OOafnp8vW1SL%2FmAf6qeVO1H1BbqE4rM4yVD1jLHySKF010TyP2XK2CNIUXaZITbzjTkwpCuDeern1W1rKHUrNueQ%2FITKqsbxtaCO9BGcoj3VLehGa8OBXpSTKla8lc0doPBh0%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=232065&sent=28&recv=22&lost=0&retrans=0&sent_bytes=19238&recv_bytes=6139&delivery_rate=3558&cwnd=20400&unsent_bytes=0&cid=9c75dd6d6f3b2db6&ts=1505&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 14 Nov 2024 17:06:41 GMT
content-type: text/css
last-modified: Sun, 12 May 2024 14:42:10 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e2897efedb941d9-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 custom3400.css
megapersonals-refund-money.xyz/assets/css/ 117 KB
26 KB 852ms
849ms Stylesheet
text/css 2606:4700:3034::ac43:8391

General

Check archive.org

Show headers Download Go to

Full URL: https://megapersonals-refund-money.xyz/assets/css/custom3400.css
Requested by: Host: megapersonals-refund-money.xyz
URL: https://megapersonals-refund-money.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:8391 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 40224814ded1139dff6d70fdf40e4bd77ef544737ff95af4860a02811674e888

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://megapersonals-refund-money.xyz/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"6640d542-1d3fa"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LKVYR6A%2BLSGeHjwz8DRMZFBt5lFovakwJspRxSXULoqTJ9rw2brg%2FTLBoHr%2FtgwvyKrnke8DXtqfSeFgjduYT3sYHmned3nwgR1TywcsHNBnbMLPL%2FGRhMIlyXlLR9M7xkldjk8XfSDKyHzpCdegz9rRZTAz1nBszwCx2fc%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=232065&sent=45&recv=22&lost=0&retrans=0&sent_bytes=39638&recv_bytes=6139&delivery_rate=3558&cwnd=20400&unsent_bytes=0&cid=9c75dd6d6f3b2db6&ts=1525&x=1", cfExtPri, cfHdrFlush;dur=216
date: Thu, 14 Nov 2024 17:06:41 GMT
content-type: text/css
last-modified: Sun, 12 May 2024 14:42:10 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e2897efedbb41d9-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 custombabu.css
megapersonals-refund-money.xyz/assets/css/ 148 KB
32 KB 899ms
896ms Stylesheet
text/css 2606:4700:3034::ac43:8391

General

Check archive.org

Show headers Download Go to

Full URL: https://megapersonals-refund-money.xyz/assets/css/custombabu.css
Requested by: Host: megapersonals-refund-money.xyz
URL: https://megapersonals-refund-money.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:8391 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d1224a693a8517c90fcdff56f93dca4e33bb0f684c977739e6db5c59661dbf0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://megapersonals-refund-money.xyz/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"668c1df0-24f02"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tiA1MmN4K%2BHmuwQMo3DlSSdMfsDkxRlBcS2hvTCinBa1zjInpU1LCTCIhcPd8NSSh33udC6l%2FWPljdAxGBB7HR0gzsoVZxrHTj1p9rulMj70UWS%2FlLE%2BSQ7Ae%2F5O%2Bgw3QPD7LLZpMoJepa7df%2B%2Br6WNXSEux4Pzki%2BRrJ28%3D"}],"group":"cf-nel","max_age":604800}
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=232065&sent=45&recv=22&lost=0&retrans=0&sent_bytes=39638&recv_bytes=6139&delivery_rate=3558&cwnd=20400&unsent_bytes=0&cid=9c75dd6d6f3b2db6&ts=1538&x=1", cfExtPri, cfHdrFlush;dur=203
date: Thu, 14 Nov 2024 17:06:41 GMT
content-type: text/css
last-modified: Mon, 08 Jul 2024 17:12:16 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e2897efedbf41d9-EWR
access-control-allow-origin: *
server: cloudflare

GET
H2 200 3e12bb861bfee4f0_cqshvw.png
res.cloudinary.com/dj86ouq8b/image/upload/v1709824147/ 9 KB
9 KB 1595ms
470ms Image
image/png 2600:141b:1c00:2587::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dj86ouq8b/image/upload/v1709824147/3e12bb861bfee4f0_cqshvw.png

Requested by

Host: megapersonals-refund-money.xyz
URL: https://megapersonals-refund-money.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:141b:1c00:2587::523 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

542313fc7785c926f516cad8007c318efd827652441b16dcaf1c814c38539645

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
timing-allow-origin: *
etag: "5d9ed4895a43176ffc869572f91cca3b"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cld-akam;dur=4;start=2024-11-14T17:06:43.417Z;desc=hit,rtt;dur=41,content-info;desc="width=640,height=160,bytes=8872,o=1,ef=(17)"
content-length: 8872
date: Thu, 14 Nov 2024 17:06:43 GMT
content-type: image/png
last-modified: Thu, 07 Mar 2024 15:09:09 GMT
server: Cloudinary

GET
H2 200 reloadButton_ay2zax.png
res.cloudinary.com/dj86ouq8b/image/upload/v1709825391/mnew/ 14 KB
14 KB 2018ms
942ms Image
image/png 2600:141b:1c00:2587::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dj86ouq8b/image/upload/v1709825391/mnew/reloadButton_ay2zax.png

Requested by

Host: megapersonals-refund-money.xyz
URL: https://megapersonals-refund-money.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:141b:1c00:2587::523 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

635a0dc1908d6eb031909778848d35423d4483f58307141d6b25a4e56ee140ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
timing-allow-origin: *
etag: "59f88ed629cbc157ddf82f50f898378c"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cld-akam;dur=4;start=2024-11-14T17:06:43.417Z;desc=hit,rtt;dur=41,content-info;desc="width=102,height=102,bytes=14355,o=1,ef=(17)"
content-length: 14355
date: Thu, 14 Nov 2024 17:06:43 GMT
content-type: image/png
last-modified: Thu, 07 Mar 2024 15:29:52 GMT
server: Cloudinary

GET
H2 200 warning-modal-header_pnr4sh.png
res.cloudinary.com/dj86ouq8b/image/upload/v1709825396/mnew/ 53 KB
54 KB 1626ms
501ms Image
image/png 2600:141b:1c00:2587::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dj86ouq8b/image/upload/v1709825396/mnew/warning-modal-header_pnr4sh.png

Requested by

Host: megapersonals-refund-money.xyz
URL: https://megapersonals-refund-money.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:141b:1c00:2587::523 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

995692f313cb94ea452fb5a75c8535b0219d72d453ac90c38d0418ca7f1b7cdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
timing-allow-origin: *
etag: "e1d77b2f8053fd31f1a3a727dfd6ac48"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cld-akam;dur=4;start=2024-11-14T17:06:43.417Z;desc=hit,rtt;dur=41,content-info;desc="width=585,height=300,bytes=54640,o=1,ef=(17)"
content-length: 54640
date: Thu, 14 Nov 2024 17:06:43 GMT
content-type: image/png
last-modified: Thu, 07 Mar 2024 15:29:58 GMT
server: Cloudinary

GET
H3 200 email-decode.min.js Show response
megapersonals-refund-money.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 306ms
304ms Script
application/javascript 2606:4700:3034::ac43:8391

General

Check archive.org

Show headers Download Go to

Full URL

https://megapersonals-refund-money.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: megapersonals-refund-money.xyz
URL: https://megapersonals-refund-money.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8391 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://megapersonals-refund-money.xyz/

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"672e2372-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nlA27lze9ChvtlnLI7VbGCJ%2FA%2FkhK8oCTWHmwRm2zPt%2FbDYFNLshyYzESLskKfCo7QDMOMx38geTqfWU25vHZaZzM451uotgMaJg0QIN0P1nzyYJ7Ovnvq3paLbJ2k0FFyajlXp0vnYdGW1FKu%2FO892I4RxcOhZntF92bjs%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e2897efedc241d9-EWR
expires: Sat, 16 Nov 2024 17:06:41 GMT
date: Thu, 14 Nov 2024 17:06:41 GMT
content-type: application/javascript
last-modified: Fri, 08 Nov 2024 14:42:58 GMT
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 931c523af26860f24744565505518bd9c5b25e812add1c342863744dc03d618f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 1071ms
529ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lemonada:300,400,700

Requested by

Host: megapersonals-refund-money.xyz
URL: https://megapersonals-refund-money.xyz/assets/css/custom3400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0fb2c33540e12812a53d164fa81be30ec4e02e05937a0166e15d1a502b3b92b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 17:06:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 17:06:42 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 14 Nov 2024 17:03:26 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 1 KB
561 B 1112ms
570ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Patrick+Hand

Requested by

Host: megapersonals-refund-money.xyz
URL: https://megapersonals-refund-money.xyz/assets/css/custom3400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c42e25c38a1ab403d3c0bfbc75f2038d6ba6c3f37ac8b2869275e89363da0c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 17:06:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 17:06:42 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 14 Nov 2024 16:30:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 645 B
529 B 1110ms
569ms Stylesheet
text/css 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Neucha

Requested by

Host: megapersonals-refund-money.xyz
URL: https://megapersonals-refund-money.xyz/assets/css/custom3400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

757cd544226f4760ea0301106b64ddec05963881e7b94e3617f268bea3a46897

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 14 Nov 2024 17:06:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 14 Nov 2024 17:06:42 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 14 Nov 2024 16:32:46 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 bannersContainer_xrnl7j.png
res.cloudinary.com/dj86ouq8b/image/upload/v1709826279/mnew/ 70 KB
70 KB 932ms
931ms Image
image/png 2600:141b:1c00:2587::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dj86ouq8b/image/upload/v1709826279/mnew/bannersContainer_xrnl7j.png

Requested by

Host: megapersonals-refund-money.xyz
URL: https://megapersonals-refund-money.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:141b:1c00:2587::523 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

5c730cb976d0d3844b735843d35a033dff7da4d0aae4a3b47652b8e9663216c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://megapersonals-refund-money.xyz/

Response headers

strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
timing-allow-origin: *
etag: "6d48073fdbb982d0ac528f3fbb26584d"
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
server-timing: cld-akam;dur=4;start=2024-11-14T17:06:43.417Z;desc=hit,rtt;dur=41,content-info;desc="width=1150,height=508,bytes=71456,o=1,ef=(17)"
content-length: 71456
date: Thu, 14 Nov 2024 17:06:43 GMT
content-type: image/png
last-modified: Thu, 07 Mar 2024 15:44:40 GMT
server: Cloudinary

GET
H2 200 devilgirl_favicon_fdykrx.ico
res.cloudinary.com/dj86ouq8b/image/upload/v1709824763/ 62 KB
63 KB 143ms
136ms Other
image/x-icon 2600:141b:1c00:2587::523
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://res.cloudinary.com/dj86ouq8b/image/upload/v1709824763/devilgirl_favicon_fdykrx.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2600:141b:1c00:2587::523 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Cloudinary /

Resource Hash

92bf4a69a0c456c8254fc05efb0a157e857a86c0bbb1d1e1a5b9fad39c8bf799

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Robots-Tag,X-Content-Type-Options
content-encoding: gzip
etag: W/"658ab7234c10a4acee8a12f6b9cc98d9"
x-content-type-options: nosniff
server-timing: cld-akam;dur=3;start=2024-11-14T17:06:44.379Z;desc=hit,rtt;dur=18,content-info;desc="width=256,height=256,bytes=63907,o=1,ef=(17)"
date: Thu, 14 Nov 2024 17:06:44 GMT
content-type: image/x-icon
last-modified: Thu, 07 Mar 2024 15:19:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 63897
server: Cloudinary

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://megapersonals-refund-money.xyz/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
megapersonals-refund-money.xyz
res.cloudinary.com
2600:141b:1c00:2587::523
2606:4700:3034::ac43:8391
2607:f8b0:4006:80e::200a
0fb2c33540e12812a53d164fa81be30ec4e02e05937a0166e15d1a502b3b92b3
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
40224814ded1139dff6d70fdf40e4bd77ef544737ff95af4860a02811674e888
4ce245955796422865e751be55df3863da7e2cf9f594b6f1522d20e0f3d12fa2
542313fc7785c926f516cad8007c318efd827652441b16dcaf1c814c38539645
5c730cb976d0d3844b735843d35a033dff7da4d0aae4a3b47652b8e9663216c5
635a0dc1908d6eb031909778848d35423d4483f58307141d6b25a4e56ee140ef
757cd544226f4760ea0301106b64ddec05963881e7b94e3617f268bea3a46897
7d1224a693a8517c90fcdff56f93dca4e33bb0f684c977739e6db5c59661dbf0
92bf4a69a0c456c8254fc05efb0a157e857a86c0bbb1d1e1a5b9fad39c8bf799
931c523af26860f24744565505518bd9c5b25e812add1c342863744dc03d618f
995692f313cb94ea452fb5a75c8535b0219d72d453ac90c38d0418ca7f1b7cdc
c42e25c38a1ab403d3c0bfbc75f2038d6ba6c3f37ac8b2869275e89363da0c36
fa5f291f7d2f55cdcb2310374af038de9e4b72258be0a685e8d405f806e70da4

megapersonals-refund-money.xyz Open in urlscan Pro 2606:4700:3034::ac43:8391 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

4 IPs

1 Countries

306 kBTransfer

629 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

megapersonals-refund-money.xyz Open in urlscan Pro
2606:4700:3034::ac43:8391 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

306 kB
Transfer

629 kB
Size

0
Cookies

13 HTTP transactions
1 data transactions