gerat-aktualisierungg-future.es Open in urlscan Pro
2606:4700:3035::6815:4b76 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://australiapetdoors.com.au/S
Effective URL:
https://gerat-aktualisierungg-future.es/KML/k_link/
Submission: On November 22 via manual (November 22nd 2024, 11:06:29 am UTC) from DE — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3035::6815:4b76, located in United States and belongs to CLOUDFLARENET, US. The main domain is gerat-aktualisierungg-future.es.
TLS certificate: Issued by WE1 on October 12th 2024. Valid for: 3 months.

This is the only time gerat-aktualisierungg-future.es was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 2	2404:8280:a22... 2404:8280:a222:bbbb:bba1:79:ffff:ffff	38719 (DREAMSCAP...) (DREAMSCAPE-AS-AP Dreamscape Networks Limited)
2 15	2606:4700:303... 2606:4700:3035::6815:4b76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	3

2 2404:8280:a222:bbbb:bba1:79:ffff:ffff (Australia) 1 redirects

ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU)

australiapetdoors.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:3035::6815:4b76 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

gerat-aktualisierungg-future.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	gerat-aktualisierungg-future.es 2 redirects gerat-aktualisierungg-future.es	38 KB
2	australiapetdoors.com.au 1 redirects australiapetdoors.com.au	592 B
15	2

	Domain	Requested by
15	gerat-aktualisierungg-future.es	2 redirects gerat-aktualisierungg-future.es australiapetdoors.com.au
2	australiapetdoors.com.au	1 redirects
15	2

This site contains no links.

Subject Issuer	Validity	Valid
australiapetdoors.com.au Sectigo RSA Domain Validation Secure Server CA	`2023-11-01` - `2024-12-01`	a year	crt.sh
gerat-aktualisierungg-future.es WE1	`2024-10-12` - `2025-01-10`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://gerat-aktualisierungg-future.es/KML/k_link/
Frame ID: 6043963EED8432DFDABC7CA89F746713
Requests: 11 HTTP requests in this frame

Frame: https://gerat-aktualisierungg-future.es/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js
Frame ID: 32948FC63207057B807FF36DA332658B
Requests: 2 HTTP requests in this frame

Frame: https://gerat-aktualisierungg-future.es/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: DDBA473F17C8A383EF5E41C55ECB0854
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

https://australiapetdoors.com.au/S HTTP 301
https://australiapetdoors.com.au/S/ Page URL
https://gerat-aktualisierungg-future.es/KML/k_link/ Page URL
https://gerat-aktualisierungg-future.es/cdn-cgi/phish-bypass?atok=FNCJpjEv7WUFKYxBMtWoYLY.H4wL2q5T89NUgDD7tiM-173227... HTTP 301
https://gerat-aktualisierungg-future.es/KML/k_link/ Page URL
https://gerat-aktualisierungg-future.es/KML/k_link/ Page URL

Page Statistics

15
Requests

80 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

37 kB
Transfer

66 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://australiapetdoors.com.au/S HTTP 301
https://australiapetdoors.com.au/S/ Page URL
https://gerat-aktualisierungg-future.es/KML/k_link/ Page URL
https://gerat-aktualisierungg-future.es/cdn-cgi/phish-bypass?atok=FNCJpjEv7WUFKYxBMtWoYLY.H4wL2q5T89NUgDD7tiM-1732273569-0.0.1.1-%2FKML%2Fk_link%2F HTTP 301
https://gerat-aktualisierungg-future.es/KML/k_link/ Page URL
https://gerat-aktualisierungg-future.es/KML/k_link/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://australiapetdoors.com.au/S HTTP 301
https://australiapetdoors.com.au/S/

Request Chain 6

https://gerat-aktualisierungg-future.es/cdn-cgi/phish-bypass?atok=FNCJpjEv7WUFKYxBMtWoYLY.H4wL2q5T89NUgDD7tiM-1732273569-0.0.1.1-%2FKML%2Fk_link%2F HTTP 301
https://gerat-aktualisierungg-future.es/KML/k_link/

Request Chain 8

https://gerat-aktualisierungg-future.es/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://gerat-aktualisierungg-future.es/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
australiapetdoors.com.au/S/
Redirect Chain

https://australiapetdoors.com.au/S
https://australiapetdoors.com.au/S/

169 B
236 B

253ms
252ms

Document
text/html

2404:8280:a222:bbbb:bba1:79:ffff:ffff
DREAMSCAPE-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://australiapetdoors.com.au/S/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:8280:a222:bbbb:bba1:79:ffff:ffff , Australia, ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU),
Reverse DNS
Software: Apache / PHP/5.6.40
Resource Hash: 460e35eb3cf86249bb0c760c610510c7a573380da547c35711189bdc56b2e795

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-length: 152
content-type: text/html; charset=UTF-8
date: Fri, 22 Nov 2024 11:06:07 GMT
server: Apache
vary: Accept-Encoding
x-powered-by: PHP/5.6.40

Redirect headers

content-length: 243
content-type: text/html; charset=iso-8859-1
date: Fri, 22 Nov 2024 11:06:07 GMT
location: https://australiapetdoors.com.au/S/
server: Apache

GET
H3 403 / Show response
gerat-aktualisierungg-future.es/KML/k_link/ 4 KB
2 KB 259ms
51ms Document
text/html 2606:4700:3035::6815:4b76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gerat-aktualisierungg-future.es/KML/k_link/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4b76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab432c90eb8fbe59a359c54172331391789f51dc0ad5e9cef73b103510ef8c93

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://australiapetdoors.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-ray: 8e6872ce8c649220-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 22 Nov 2024 11:06:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1fH4SVRzUzxzkD7jQzlsv2z0Xp%2BW7f9Z9It3VYEJDCUohzeNyRJPRy6fnnJpr%2BL2g5sSF4t54KQJMgLRviwJbzwH%2F4jmEXg6%2BTFIs1Ebgu2Obzk2PZh2Gc3MR0H6TBkpwoAQAs0%2FiGuB7QE6i7v%2B0IJPQ9mI9JGELbHhyBz8"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET favicon.ico
australiapetdoors.com.au/ 0
0

GET
H3 200 cf.errors.css
gerat-aktualisierungg-future.es/cdn-cgi/styles/ 23 KB
5 KB 22ms
21ms Stylesheet
text/css 2606:4700:3035::6815:4b76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gerat-aktualisierungg-future.es/cdn-cgi/styles/cf.errors.css

Requested by

Host: gerat-aktualisierungg-future.es
URL: https://gerat-aktualisierungg-future.es/KML/k_link/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4b76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gerat-aktualisierungg-future.es/KML/k_link/

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
content-encoding: gzip
etag: W/"67379e96-5df3"
x-content-type-options: nosniff
cf-ray: 8e6872cfed219220-FRA
expires: Fri, 22 Nov 2024 13:06:09 GMT
date: Fri, 22 Nov 2024 11:06:09 GMT
content-type: text/css
last-modified: Fri, 15 Nov 2024 19:18:46 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 200 icon-exclamation.png
gerat-aktualisierungg-future.es/cdn-cgi/images/ 452 B
635 B 37ms
21ms Image
image/png 2606:4700:3035::6815:4b76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gerat-aktualisierungg-future.es/cdn-cgi/images/icon-exclamation.png?1376755637

Requested by

Host: gerat-aktualisierungg-future.es
URL: https://gerat-aktualisierungg-future.es/cdn-cgi/styles/cf.errors.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4b76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gerat-aktualisierungg-future.es/cdn-cgi/styles/cf.errors.css

Response headers

vary: Accept-Encoding
cache-control: max-age=7200, public
etag: "67379e96-1c4"
x-content-type-options: nosniff
cf-ray: 8e6872d1ce559220-FRA
expires: Fri, 22 Nov 2024 13:06:09 GMT
accept-ranges: bytes
content-length: 452
date: Fri, 22 Nov 2024 11:06:09 GMT
content-type: image/png
last-modified: Fri, 15 Nov 2024 19:18:46 GMT
server: cloudflare
x-frame-options: DENY

GET
H3 403 favicon.ico
gerat-aktualisierungg-future.es/ 548 B
850 B 28ms
26ms Other
text/html 2606:4700:3035::6815:4b76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gerat-aktualisierungg-future.es/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4b76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gerat-aktualisierungg-future.es/KML/k_link/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 3207176
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j8rq8%2FFiGqCivOeqbDj3dXwg%2BZhSuSFlLyQeezGd9elfsxWshuDMQfE6ar0qmJaT40x4L3LSpwNS8rJ0h1ssVdRRsCJ8qcG9PIR8ohWjnuqF8fV9k1ZvDkhvcqWVE6bL8IRxA5cIfE88wJVXEpAshCcfMMs5PEf6JtkV5YJB"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff, nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11937&sent=25&recv=18&lost=0&retrans=2&sent_bytes=13916&recv_bytes=5798&delivery_rate=16626&cwnd=12000&unsent_bytes=0&cid=fbfe01f34cb52312&ts=1296&x=1", cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 11:06:10 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
cf-ray: 8e6872d5387f9220-FRA
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H3

503

/ Show response
gerat-aktualisierungg-future.es/KML/k_link/
Redirect Chain

https://gerat-aktualisierungg-future.es/cdn-cgi/phish-bypass?atok=FNCJpjEv7WUFKYxBMtWoYLY.H4wL2q5T89NUgDD7tiM-1732273569-0.0.1.1-%2FKML%2Fk_link%2F
https://gerat-aktualisierungg-future.es/KML/k_link/

19 KB
20 KB

86ms
85ms

Document
text/html

2606:4700:3035::6815:4b76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gerat-aktualisierungg-future.es/KML/k_link/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4b76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21735b32ab12041a9f524e73018e0c491eb62bb913a1079ac3e69d1999478556

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Referer: https://gerat-aktualisierungg-future.es/KML/k_link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 8e6872f55e739220-FRA
content-type: text/html; charset=utf-8
date: Fri, 22 Nov 2024 11:06:15 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ik7IbbUldnfvQmqtQr8oV2KAV%2BR1L140g3UV88%2F%2Bw74Zpin8NteTZ3BulqawIwR6ziKPg0cmalUgUeVjjqZy8qk7ECnLWnOM6MKxKwtm9PXLdh1mEPjYNyIl4w1cc%2FosSULpraUU7%2BaFqqTj5Y2H3yYo0tse0qD3rp5X9FBV"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=11550&sent=31&recv=22&lost=0&retrans=2&sent_bytes=15344&recv_bytes=6910&delivery_rate=2334&cwnd=12000&unsent_bytes=0&cid=fbfe01f34cb52312&ts=6507&x=1" cfHdrFlush;dur=0
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

cache-control: private, no-cache
cf-ray: 8e6872f53e619220-FRA
content-length: 167
content-type: text/html
date: Fri, 22 Nov 2024 11:06:15 GMT
location: https://gerat-aktualisierungg-future.es/KML/k_link/
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY

POST
H3 204 /
gerat-aktualisierungg-future.es/KML/k_link/ 0
1 KB 102ms
101ms XHR
text/plain 2606:4700:3035::6815:4b76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gerat-aktualisierungg-future.es/KML/k_link/

Requested by

Host: australiapetdoors.com.au
URL: https://australiapetdoors.com.au/S/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4b76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Xn5Ldged2h3XVQB9rqwBrB-bOs: 41353145
Thfrne8LuLdyR8IlKALFG4BCMc8: xq6NgZe3Gbr9IUHKitvbdpOESN4
X-Requested-TimeStamp-Combination
Referer: https://gerat-aktualisierungg-future.es/KML/k_link/
X-Requested-TimeStamp
X-Requested-Type-Combination: GET
X-Requested-with: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-Requested-Type: GET
Content-type: application/x-www-form-urlencoded
X-Requested-TimeStamp-Expire

Response headers

cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sqmevJSQAghUh92akx28Hgyk0oWeQuz3EkUf9x0wI9SXoZ24N%2Btf%2BjHOXfepJSFb%2BxhNHniDJaW0PNFXMOWYHtPiYA19LKLiEuLgHiSw%2BYsL%2FaeF1CqnpdgyrulSpv4s%2FuBf8MZ4Ho5LTJqkWTQXzydXr164uC6eziHyCB7y"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff, nosniff
cf-ray: 8e6872f6af3b9220-FRA
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14329&sent=58&recv=36&lost=0&retrans=2&sent_bytes=41223&recv_bytes=9371&delivery_rate=28438&cwnd=22800&unsent_bytes=0&cid=fbfe01f34cb52312&ts=6688&x=1", cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 11:06:15 GMT
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H3

200

main.js
gerat-aktualisierungg-future.es/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/ Frame 3294
Redirect Chain

https://gerat-aktualisierungg-future.es/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://gerat-aktualisierungg-future.es/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?

8 KB
4 KB

22ms
22ms

Script
application/javascript

2606:4700:3035::6815:4b76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gerat-aktualisierungg-future.es/cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?

Protocol

Server

2606:4700:3035::6815:4b76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dl4e2hFGSCYu1ScX5CROBzXI%2BgL2OcBYLOFQH%2FD%2FkKpIOMmXa4VpzBAGGqVfA6GT6WSRuHRepCNAYR5HPAic2lTuzX8P6sQ7sn2id8cPeztilDCPIW7S4P9M6TzkbZFrzRMfwn8d6HiMjii5aTP%2FKH64PTg%2FlqRVQdMEpO5s"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e6872f6df589220-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14329&sent=54&recv=36&lost=0&retrans=2&sent_bytes=36608&recv_bytes=9371&delivery_rate=28438&cwnd=22800&unsent_bytes=0&cid=fbfe01f34cb52312&ts=6670&x=1", cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 11:06:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/e4025c85ea63/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=THYlBeUgfljgiYDP30hvg1MvrAdecuGGLr5gPAWVFLAL1Cc3ETHfSFeMYghFWrkJcbH7o9q9Eskv9V1WZTTEgG1vaXyidsuwB4zPm2e1F4%2BfELdcbrMP0psyU0LYV2uFBUJ%2BoL4lu%2FYPG9AMsHQH6s744kgojyNETTOMF2k%2B"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e6872f6af3c9220-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=15063&sent=52&recv=35&lost=0&retrans=2&sent_bytes=35888&recv_bytes=8800&delivery_rate=210977&cwnd=22800&unsent_bytes=0&cid=fbfe01f34cb52312&ts=6645&x=1", cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 11:06:15 GMT
vary: Accept-Encoding
server: cloudflare

POST
H3 200 8e6872f55e739220
gerat-aktualisierungg-future.es/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 3294 0
1 KB 26ms
22ms XHR
text/plain 2606:4700:3035::6815:4b76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gerat-aktualisierungg-future.es/cdn-cgi/challenge-platform/h/g/jsd/r/8e6872f55e739220
Requested by: Host: gerat-aktualisierungg-future.es
URL: https://gerat-aktualisierungg-future.es/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4b76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LSJVkSx5wDsAW%2BOyPkXKvJgtVDZxDw9TKU5cmhJGb7UQbxgs%2BDJ1x4utSAqjojQEK5a3QF2bfpfEtHFvxfpqKMcmfWyHb7l5VNQ7v2r43e%2BNR%2FHOkh4LRSLOUqD4IqLbhfbAZe3p1oBIGc0xO80GvES5DShBIkAxNARwxN4E"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e6872fae9f19220-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22018&sent=63&recv=54&lost=0&retrans=2&sent_bytes=42448&recv_bytes=27178&delivery_rate=195177&cwnd=22800&unsent_bytes=0&cid=fbfe01f34cb52312&ts=7334&x=1", cfHdrFlush;dur=0
content-length: 0
date: Fri, 22 Nov 2024 11:06:16 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H3 403 Primary Request / Show response
gerat-aktualisierungg-future.es/KML/k_link/ 1 KB
1 KB 53ms
50ms Document
text/html 2606:4700:3035::6815:4b76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gerat-aktualisierungg-future.es/KML/k_link/

Requested by

Host: australiapetdoors.com.au
URL: https://australiapetdoors.com.au/S/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4b76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33aad7d161e498191c0c45f37ec0f992e5600af7aebfd6d62eba29ed5073f8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Referer: https://gerat-aktualisierungg-future.es/KML/k_link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e6872fb0a069220-FRA
content-encoding: zstd
content-type: text/html
date: Fri, 22 Nov 2024 11:06:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K2%2BDkxqXRjds3lA%2BN65DClFiuQocSDk8meLfgFWilCrPeNxyLB%2FihaqRGgj3OPCN0E%2BdNHomRmIXNyMRR%2BZiAQFFn%2Bkh5tFusECVzeREh7c13Wd7P6YjxWmXJsekkMHXDv%2FaFlbkEqJlIq4y61DC84HGaMg8mAJbbJERWGhQ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=21169&sent=65&recv=56&lost=0&retrans=2&sent_bytes=43662&recv_bytes=28131&delivery_rate=22595&cwnd=22800&unsent_bytes=0&cid=fbfe01f34cb52312&ts=7380&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-xss-protection: 1; mode=block 1; mode=block

GET
H3 403 favicon.ico
gerat-aktualisierungg-future.es/ 548 B
0 1ms
1ms Other
text/html 2606:4700:3035::6815:4b76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gerat-aktualisierungg-future.es/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4b76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gerat-aktualisierungg-future.es/KML/k_link/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 3207176
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j8rq8%2FFiGqCivOeqbDj3dXwg%2BZhSuSFlLyQeezGd9elfsxWshuDMQfE6ar0qmJaT40x4L3LSpwNS8rJ0h1ssVdRRsCJ8qcG9PIR8ohWjnuqF8fV9k1ZvDkhvcqWVE6bL8IRxA5cIfE88wJVXEpAshCcfMMs5PEf6JtkV5YJB"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff, nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11937&sent=25&recv=18&lost=0&retrans=2&sent_bytes=13916&recv_bytes=5798&delivery_rate=16626&cwnd=12000&unsent_bytes=0&cid=fbfe01f34cb52312&ts=1296&x=1", cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 11:06:10 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
cf-ray: 8e6872d5387f9220-FRA
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

GET
H3 200 main.js Show response
gerat-aktualisierungg-future.es/cdn-cgi/challenge-platform/scripts/jsd/ Frame DDBA 8 KB
0 22ms
22ms Script
application/javascript 2606:4700:3035::6815:4b76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gerat-aktualisierungg-future.es/cdn-cgi/challenge-platform/scripts/jsd/main.js

Requested by

Host: australiapetdoors.com.au
URL: https://australiapetdoors.com.au/S/

Protocol

Server

2606:4700:3035::6815:4b76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d1ffff083f7298c71e491d7f3f6448e14cd22132cb263cf1cf392b36f5afea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dl4e2hFGSCYu1ScX5CROBzXI%2BgL2OcBYLOFQH%2FD%2FkKpIOMmXa4VpzBAGGqVfA6GT6WSRuHRepCNAYR5HPAic2lTuzX8P6sQ7sn2id8cPeztilDCPIW7S4P9M6TzkbZFrzRMfwn8d6HiMjii5aTP%2FKH64PTg%2FlqRVQdMEpO5s"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e6872f6df589220-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14329&sent=54&recv=36&lost=0&retrans=2&sent_bytes=36608&recv_bytes=9371&delivery_rate=28438&cwnd=22800&unsent_bytes=0&cid=fbfe01f34cb52312&ts=6670&x=1", cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 11:06:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

POST
H3 200 8e6872fb0a069220 Show response
gerat-aktualisierungg-future.es/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame DDBA 0
1 KB 48ms
32ms XHR
text/plain 2606:4700:3035::6815:4b76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gerat-aktualisierungg-future.es/cdn-cgi/challenge-platform/h/g/jsd/r/8e6872fb0a069220
Requested by: Host: gerat-aktualisierungg-future.es
URL: https://gerat-aktualisierungg-future.es/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:4b76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QXLRu7zimxLa4Jlj0uk7bk9Q7ToSNutzvgqFI64cQodnSUC1t8o0jLAZKlcdpOy%2BXt6PwHRf%2Fyfp2cp9xTrKI3TxreDG4H05jfyuLP0GadSmORGibh%2BJpyH0FgjIvEjCFl6N2kzZub529kaVps8ZEGgMp%2FBo%2B22IjsIY5SdM"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e6872fd4b879220-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19752&sent=70&recv=72&lost=0&retrans=2&sent_bytes=45031&recv_bytes=46222&delivery_rate=131886&cwnd=22800&unsent_bytes=0&cid=fbfe01f34cb52312&ts=7719&x=1", cfHdrFlush;dur=0
content-length: 0
date: Fri, 22 Nov 2024 11:06:16 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H3 403 favicon.ico
gerat-aktualisierungg-future.es/ 548 B
0 4ms
4ms Other
text/html 2606:4700:3035::6815:4b76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gerat-aktualisierungg-future.es/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:4b76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://gerat-aktualisierungg-future.es/KML/k_link/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 3207176
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j8rq8%2FFiGqCivOeqbDj3dXwg%2BZhSuSFlLyQeezGd9elfsxWshuDMQfE6ar0qmJaT40x4L3LSpwNS8rJ0h1ssVdRRsCJ8qcG9PIR8ohWjnuqF8fV9k1ZvDkhvcqWVE6bL8IRxA5cIfE88wJVXEpAshCcfMMs5PEf6JtkV5YJB"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff, nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11937&sent=25&recv=18&lost=0&retrans=2&sent_bytes=13916&recv_bytes=5798&delivery_rate=16626&cwnd=12000&unsent_bytes=0&cid=fbfe01f34cb52312&ts=1296&x=1", cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 11:06:10 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
cf-ray: 8e6872d5387f9220-FRA
x-xss-protection: 1; mode=block, 1; mode=block
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: australiapetdoors.com.au
URL: https://australiapetdoors.com.au/favicon.ico

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gerat-aktualisierungg-future.es/	1970-01-21 01:12:39	Name: __cf_mw_byp Value: FNCJpjEv7WUFKYxBMtWoYLY.H4wL2q5T89NUgDD7tiM-1732273569-0.0.1.1-/KML/k_link/
gerat-aktualisierungg-future.es/	1970-01-21 01:12:39	Name: 6P4JrLAgCjpVIY1EsqPhgJq80h4 Value: LFafqEA_CmYcrpeLhbMxrkbQmyQ
gerat-aktualisierungg-future.es/	1970-01-21 01:12:39	Name: gsTll5QGrhbmstxQCEv39OjDmDU Value: 1732273523
gerat-aktualisierungg-future.es/	1970-01-21 01:12:39	Name: qPqmtYwZAnxP2lLB8O8zZ11aiHo Value: 1732359923
gerat-aktualisierungg-future.es/	1970-01-21 01:12:39	Name: XnyP4qRpki_mbuhU4D9qROce6dI Value: qKzwIvwvaHKYamCFp23Or0gWFMI
gerat-aktualisierungg-future.es/	1970-01-21 01:12:39	Name: 3iAnNxEtHrE4EHQiNt6Uf_w1nWA Value: C9hegpzIrAJaTaQfLmJAoERTf54
gerat-aktualisierungg-future.es/	1970-01-21 01:12:39	Name: JDb571EI2EK9VqIouyL-BFegE1E Value: iq9VSgUi3G5_6oKzYmHeAMCyKYI
gerat-aktualisierungg-future.es/	1970-01-21 01:12:39	Name: rkw1jx4bzsoMYszWisPBFDKojq4 Value: 1732273575
gerat-aktualisierungg-future.es/	1970-01-21 01:12:39	Name: 1Wc4T7T170cvynKkCUXUKsSFNPo Value: 1732359975
gerat-aktualisierungg-future.es/	1970-01-21 01:12:39	Name: u1yvrnraIGAkZ9c-NcqnBi3hzUw Value: XVZ9WlwDJvmISkiFBH3T62fqrqI
gerat-aktualisierungg-future.es/	1970-01-21 01:12:39	Name: Nhd812hPDvAIJIkxmqk4GYxmwSI Value: e5rkQqEV_G7TnB4u9-hDI-A4f8w
.gerat-aktualisierungg-future.es/	1970-01-21 09:56:49	Name: cf_clearance Value: l5wz2Yr1iy.JXInkMtTBs1Rj4sI7Ols.Nr0FnHAyCE0-1732273576-1.2.1.1-WWsBhOoXgGIBu549R3NxJLWG_Q0qLz2ES7deF1Agpn7O_HdihpYjolHrKSHGikH4oXXECP.428hpvgiKqTYAgWMzpuHORBkXiDF2mIbQ5A6jfyZ_2k2EUoHFJPi2seopw3BeGZqs0b0r1OU.sQX8QtR2mMPPqr7hkZUac4LeW_IPSwJ4Gh49Jn3detMc7hVVug9NeXnvpIh8I5WsBwEPFhwBWxlWN6ABnFVH8qZmOo4h.ZnuTIlloFAzhcPMlM_3dqHDu2plDIhKnrGdLOz.HRXP9QsLgXwE_NwwJ33N7TlUcHM4twjYBD0a2BHhtJUwJGeppbFevaKZMXsmF96fGzdB720WC2RYovPrghLrBzLhjyqS1SW4Uuz79ir1ZNqq

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gerat-aktualisierungg-future.es/KML/k_link/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://gerat-aktualisierungg-future.es/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://gerat-aktualisierungg-future.es/KML/k_link/ Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://gerat-aktualisierungg-future.es/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://gerat-aktualisierungg-future.es/KML/k_link/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://gerat-aktualisierungg-future.es/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

australiapetdoors.com.au
gerat-aktualisierungg-future.es
australiapetdoors.com.au
2404:8280:a222:bbbb:bba1:79:ffff:ffff
2606:4700:3035::6815:4b76
1d1ffff083f7298c71e491d7f3f6448e14cd22132cb263cf1cf392b36f5afea4
21735b32ab12041a9f524e73018e0c491eb62bb913a1079ac3e69d1999478556
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
33aad7d161e498191c0c45f37ec0f992e5600af7aebfd6d62eba29ed5073f8dc
460e35eb3cf86249bb0c760c610510c7a573380da547c35711189bdc56b2e795
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
ab432c90eb8fbe59a359c54172331391789f51dc0ad5e9cef73b103510ef8c93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016

gerat-aktualisierungg-future.es Open in urlscan Pro 2606:4700:3035::6815:4b76 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

15 Requests

80 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

37 kBTransfer

66 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

12 Cookies

6 Console Messages

Indicators

gerat-aktualisierungg-future.es Open in urlscan Pro
2606:4700:3035::6815:4b76 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

80 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

37 kB
Transfer

66 kB
Size

12
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!