73892y355293e9477234.work.gd Open in urlscan Pro
154.216.18.197  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response 73892y355293e9477234.work.gd/	8 KB 3 KB	671ms 272ms	Document text/html	154.216.18.197 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Full URL https://73892y355293e9477234.work.gd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.18.197 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software nginx / PHP/8.3.14 PleskLin Resource Hash aa2f7aa12087917e73756ab965da7a84a3a0270a43b929fc8f2070561fac18fe Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 2450 content-type text/html; charset=UTF-8 date Sat, 07 Dec 2024 06:47:51 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx strict-transport-security max-age=15768000; includeSubDomains vary Accept-Encoding x-powered-by PHP/8.3.14 PleskLin
GET		/ invalid/	0 0
GET H2	200	normalize.min.css 73892y355293e9477234.work.gd/assets/	2 KB 989 B	274ms 272ms	Stylesheet text/css	154.216.18.197 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Full URL https://73892y355293e9477234.work.gd/assets/normalize.min.css Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.18.197 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software nginx / PleskLin Resource Hash b76ffbb2665f82b493e054b50d3d1bb3f2a8b4233be1795ca9937956eef196bc Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://73892y355293e9477234.work.gd/ Response headers strict-transport-security max-age=15768000; includeSubDomains content-encoding br etag W/"674b588a-897" date Sat, 07 Dec 2024 06:47:51 GMT content-type text/css last-modified Sat, 30 Nov 2024 18:25:14 GMT server nginx x-powered-by PleskLin
GET H2	200	css2 73892y355293e9477234.work.gd/assets/	15 KB 15 KB	514ms 512ms	Stylesheet application/octet-stream	154.216.18.197 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Full URL https://73892y355293e9477234.work.gd/assets/css2 Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.18.197 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software nginx / PleskLin Resource Hash 5945935b868b1a8f5eb9e4df30b412e760115b11aa161469fbcf79123816a3a0 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://73892y355293e9477234.work.gd/ Response headers strict-transport-security max-age=15768000; includeSubDomains etag "674b588a-3b94" accept-ranges bytes content-length 15252 date Sat, 07 Dec 2024 06:47:51 GMT content-type application/octet-stream last-modified Sat, 30 Nov 2024 18:25:14 GMT server nginx x-powered-by PleskLin
GET H2	200	style.css 73892y355293e9477234.work.gd/assets/	7 KB 1 KB	263ms 261ms	Stylesheet text/css	154.216.18.197 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Full URL https://73892y355293e9477234.work.gd/assets/style.css Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.18.197 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software nginx / PleskLin Resource Hash c4fb2ebb4b42b8e7af9b4e06bfa42634b62964ed748608de0191115771234cfe Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://73892y355293e9477234.work.gd/ Response headers strict-transport-security max-age=15768000; includeSubDomains content-encoding br etag W/"674b588a-1c74" date Sat, 07 Dec 2024 06:47:51 GMT content-type text/css last-modified Sat, 30 Nov 2024 18:25:14 GMT server nginx x-powered-by PleskLin
GET H2	200	jquery.min.js.indir Show response 73892y355293e9477234.work.gd/assets/	87 KB 30 KB	494ms 493ms	Script application/javascript	154.216.18.197 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Full URL https://73892y355293e9477234.work.gd/assets/jquery.min.js.indir Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.18.197 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software nginx / PleskLin Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://73892y355293e9477234.work.gd/ Response headers strict-transport-security max-age=15768000; includeSubDomains content-encoding br etag W/"674b588a-15d84" date Sat, 07 Dec 2024 06:47:51 GMT content-type application/javascript last-modified Sat, 30 Nov 2024 18:25:14 GMT server nginx x-powered-by PleskLin
GET H2	200	ak-white.png 73892y355293e9477234.work.gd/assets/	24 KB 24 KB	391ms 390ms	Image image/png	154.216.18.197 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Show image Full URL https://73892y355293e9477234.work.gd/assets/ak-white.png Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.18.197 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software nginx / PleskLin Resource Hash 4f97855a76153e617b653162f7ef0a9b3c92d74439a20b924f3b8671f952926b Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://73892y355293e9477234.work.gd/ Response headers strict-transport-security max-age=15768000; includeSubDomains etag "674b588a-5fa8" accept-ranges bytes content-length 24488 date Sat, 07 Dec 2024 06:47:51 GMT content-type image/png last-modified Sat, 30 Nov 2024 18:25:14 GMT server nginx x-powered-by PleskLin
GET H2	404	tr.png 73892y355293e9477234.work.gd/assets/	808 B 808 B	513ms 512ms	Image text/html	154.216.18.197 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Show image Full URL https://73892y355293e9477234.work.gd/assets/tr.png Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.18.197 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software nginx / Resource Hash b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://73892y355293e9477234.work.gd/ Response headers strict-transport-security max-age=15768000; includeSubDomains content-encoding br date Sat, 07 Dec 2024 06:47:51 GMT etag W/"328-627fd76ea089b" content-type text/html last-modified Thu, 28 Nov 2024 18:43:55 GMT server nginx
GET H2	404	bottom.png 73892y355293e9477234.work.gd/assets/	808 B 808 B	145ms 145ms	Image text/html	154.216.18.197 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Show image Full URL https://73892y355293e9477234.work.gd/assets/bottom.png Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.18.197 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software nginx / Resource Hash b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://73892y355293e9477234.work.gd/ Response headers strict-transport-security max-age=15768000; includeSubDomains content-encoding br date Sat, 07 Dec 2024 06:47:52 GMT etag W/"328-627fd76ea089b" content-type text/html last-modified Thu, 28 Nov 2024 18:43:55 GMT server nginx
GET H2	200	ok-black.png 73892y355293e9477234.work.gd/assets/	1 KB 1 KB	142ms 142ms	Image image/png	154.216.18.197 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Show image Full URL https://73892y355293e9477234.work.gd/assets/ok-black.png Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.18.197 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software nginx / PleskLin Resource Hash c8b1c29d7df4026dbe9656dfa69649cb9fa3050eadfd6fcf886401f54acba23e Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://73892y355293e9477234.work.gd/ Response headers strict-transport-security max-age=15768000; includeSubDomains etag "674b57fe-4d9" accept-ranges bytes content-length 1241 date Sat, 07 Dec 2024 06:47:52 GMT content-type image/png last-modified Sat, 30 Nov 2024 18:22:54 GMT server nginx x-powered-by PleskLin
GET H2	200	tr(1).png 73892y355293e9477234.work.gd/assets/	48 KB 48 KB	386ms 384ms	Image image/png	154.216.18.197 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Show image Full URL https://73892y355293e9477234.work.gd/assets/tr(1).png Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.18.197 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software nginx / PleskLin Resource Hash 19a22bf691a28b6707e9a2497e850376ab1cef09e095dc51f197bf7dcdebe6fe Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://73892y355293e9477234.work.gd/ Response headers strict-transport-security max-age=15768000; includeSubDomains etag "674b57fe-bed7" accept-ranges bytes content-length 48855 date Sat, 07 Dec 2024 06:47:52 GMT content-type image/png last-modified Sat, 30 Nov 2024 18:22:54 GMT server nginx x-powered-by PleskLin
GET H2	200	bottom(1).png 73892y355293e9477234.work.gd/assets/	69 KB 69 KB	270ms 269ms	Image image/png	154.216.18.197 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Show image Full URL https://73892y355293e9477234.work.gd/assets/bottom(1).png Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.18.197 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software nginx / PleskLin Resource Hash 4d22a50e5293e19387794c8268b8bc53f79fa5cebc4a1f519895e7a6c5df428e Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://73892y355293e9477234.work.gd/ Response headers strict-transport-security max-age=15768000; includeSubDomains etag "674b57fe-1125f" accept-ranges bytes content-length 70239 date Sat, 07 Dec 2024 06:47:52 GMT content-type image/png last-modified Sat, 30 Nov 2024 18:22:54 GMT server nginx x-powered-by PleskLin
GET H2	200	ok.png 73892y355293e9477234.work.gd/assets/	12 KB 12 KB	388ms 387ms	Image image/png	154.216.18.197 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Show image Full URL https://73892y355293e9477234.work.gd/assets/ok.png Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.18.197 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software nginx / PleskLin Resource Hash 8a76a84bbca5471a322f5734feb41feb6932902569a3cfa6ea72aecb61a160ae Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://73892y355293e9477234.work.gd/ Response headers strict-transport-security max-age=15768000; includeSubDomains etag "674b57fe-2f1b" accept-ranges bytes content-length 12059 date Sat, 07 Dec 2024 06:47:52 GMT content-type image/png last-modified Sat, 30 Nov 2024 18:22:54 GMT server nginx x-powered-by PleskLin
GET H2	200	loader.gif 73892y355293e9477234.work.gd/assets/	30 KB 30 KB	389ms 388ms	Image image/gif	154.216.18.197 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Show image Full URL https://73892y355293e9477234.work.gd/assets/loader.gif Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.18.197 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software nginx / PleskLin Resource Hash 22983733cd439df606d93b550e0baf86842a450cdedf34890b4cf216729b969f Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://73892y355293e9477234.work.gd/ Response headers strict-transport-security max-age=15768000; includeSubDomains etag "674b588a-77b4" accept-ranges bytes content-length 30644 date Sat, 07 Dec 2024 06:47:52 GMT content-type image/gif last-modified Sat, 30 Nov 2024 18:25:14 GMT server nginx x-powered-by PleskLin
GET H2	200	script.js.indir Show response 73892y355293e9477234.work.gd/assets/	2 KB 786 B	387ms 386ms	Script application/javascript	154.216.18.197 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Full URL https://73892y355293e9477234.work.gd/assets/script.js.indir Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.18.197 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software nginx / PleskLin Resource Hash 5f6e2bca038e8b0324f4b524fa88060ab5d5d4a7ba557cdbb94319958b73d2f0 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://73892y355293e9477234.work.gd/ Response headers strict-transport-security max-age=15768000; includeSubDomains content-encoding br etag W/"674b61ae-8e6" date Sat, 07 Dec 2024 06:47:52 GMT content-type application/javascript last-modified Sat, 30 Nov 2024 19:04:14 GMT server nginx x-powered-by PleskLin
GET H2	200	jquery-3.2.1.min.js.download Show response 73892y355293e9477234.work.gd/assets/	85 KB 29 KB	387ms 385ms	Script application/javascript	154.216.18.197 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Full URL https://73892y355293e9477234.work.gd/assets/jquery-3.2.1.min.js.download Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.18.197 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software nginx / PleskLin Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://73892y355293e9477234.work.gd/ Response headers strict-transport-security max-age=15768000; includeSubDomains content-encoding br etag W/"6718547c-15283" date Sat, 07 Dec 2024 06:47:52 GMT content-type application/javascript last-modified Wed, 23 Oct 2024 01:42:20 GMT server nginx x-powered-by PleskLin
GET		/ invalid/	0 0
GET		/ invalid/	0 0
GET H3	200	pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2 fonts.gstatic.com/s/poppins/v21/	5 KB 5 KB	113ms 33ms	Font font/woff2	2607:f8b0:4004:c1b::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1JlFc-K.woff2 Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/assets/css2 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 75cd1c2bbd47db72c1a7a720e764c7672a95bdae7033c570d549ac88c9add234 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://73892y355293e9477234.work.gd Referer https://73892y355293e9477234.work.gd/ Response headers age 111153 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 23:55:19 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 23:55:19 GMT last-modified Fri, 22 Mar 2024 00:01:13 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 5416 x-xss-protection 0 server sffe
GET H3	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v21/	8 KB 8 KB	133ms 54ms	Font font/woff2	2607:f8b0:4004:c1b::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/assets/css2 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://73892y355293e9477234.work.gd Referer https://73892y355293e9477234.work.gd/ Response headers age 90622 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 06 Dec 2025 05:37:30 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 05:37:30 GMT last-modified Fri, 22 Mar 2024 00:01:14 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 7748 x-xss-protection 0 server sffe
GET H3	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v21/	8 KB 8 KB	126ms 47ms	Font font/woff2	2607:f8b0:4004:c1b::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/assets/css2 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://73892y355293e9477234.work.gd Referer https://73892y355293e9477234.work.gd/ Response headers age 86919 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 06 Dec 2025 06:39:13 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 06:39:13 GMT last-modified Fri, 22 Mar 2024 00:00:32 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 7816 x-xss-protection 0 server sffe
GET H3	200	pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v21/	8 KB 8 KB	116ms 36ms	Font font/woff2	2607:f8b0:4004:c1b::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/assets/css2 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://73892y355293e9477234.work.gd Referer https://73892y355293e9477234.work.gd/ Response headers age 94040 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 06 Dec 2025 04:40:32 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 04:40:32 GMT last-modified Fri, 22 Mar 2024 00:00:59 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 8000 x-xss-protection 0 server sffe
GET H3	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v21/	8 KB 8 KB	120ms 41ms	Font font/woff2	2607:f8b0:4004:c1b::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/assets/css2 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://73892y355293e9477234.work.gd Referer https://73892y355293e9477234.work.gd/ Response headers age 129755 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 18:45:17 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 05 Dec 2024 18:45:17 GMT last-modified Fri, 22 Mar 2024 00:00:38 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 7884 x-xss-protection 0 server sffe
GET H3	200	pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2 fonts.gstatic.com/s/poppins/v21/	5 KB 5 KB	137ms 58ms	Font font/woff2	2607:f8b0:4004:c1b::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2 Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/assets/css2 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 26fd27fb6bb1dc4c64a687124cc328a5ed13d89155dbfcd218eda64a45835174 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://73892y355293e9477234.work.gd Referer https://73892y355293e9477234.work.gd/ Response headers age 93057 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 06 Dec 2025 04:56:55 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 04:56:55 GMT last-modified Fri, 22 Mar 2024 00:01:04 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 5484 x-xss-protection 0 server sffe
GET H3	200	pxiEyp8kv8JHgFVrJJnecmNE.woff2 fonts.gstatic.com/s/poppins/v21/	5 KB 5 KB	140ms 61ms	Font font/woff2	2607:f8b0:4004:c1b::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJnecmNE.woff2 Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/assets/css2 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a526dac26fcc645d428764b07fd6ae2ad3399129b75c22c8e149278157291189 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://73892y355293e9477234.work.gd Referer https://73892y355293e9477234.work.gd/ Response headers age 99116 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 06 Dec 2025 03:15:56 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 06 Dec 2024 03:15:56 GMT last-modified Fri, 22 Mar 2024 00:00:51 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 5552 x-xss-protection 0 server sffe
POST H2	200	jquery Show response 73892y355293e9477234.work.gd/	0 228 B	153ms 152ms	XHR text/html	154.216.18.197 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Full URL https://73892y355293e9477234.work.gd/jquery?ip=208.252.80.168 Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/assets/jquery-3.2.1.min.js.download Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.18.197 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software nginx / PHP/8.3.14, PleskLin Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers Referer https://73892y355293e9477234.work.gd/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept */* Response headers strict-transport-security max-age=15768000; includeSubDomains cache-control no-store, no-cache, must-revalidate pragma no-cache expires Thu, 19 Nov 1981 08:52:00 GMT content-length 0 date Sat, 07 Dec 2024 06:47:52 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/8.3.14, PleskLin server nginx
GET H2	404	favicon.ico 73892y355293e9477234.work.gd/	808 B 548 B	274ms 274ms	Other text/html	154.216.18.197 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Full URL https://73892y355293e9477234.work.gd/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.18.197 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software nginx / Resource Hash b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://73892y355293e9477234.work.gd/ Response headers strict-transport-security max-age=15768000; includeSubDomains content-encoding br date Sat, 07 Dec 2024 06:47:52 GMT etag W/"328-627fd76ea089b" content-type text/html last-modified Thu, 28 Nov 2024 18:43:55 GMT server nginx
POST H2	200	jquery Show response 73892y355293e9477234.work.gd/	0 228 B	148ms 147ms	XHR text/html	154.216.18.197 NETRESEARCH Silen...
General Check archive.org Show headers Download Go to Full URL https://73892y355293e9477234.work.gd/jquery?ip=208.252.80.168 Requested by Host: 73892y355293e9477234.work.gd URL: https://73892y355293e9477234.work.gd/assets/jquery-3.2.1.min.js.download Protocol H2 Security TLS 1.3, , AES_256_GCM Server 154.216.18.197 Hong Kong, Hong Kong, ASN215240 (NETRESEARCH Silent Connection Ltd., GB), Reverse DNS Software nginx / PHP/8.3.14, PleskLin Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15768000; includeSubDomains Request headers Referer https://73892y355293e9477234.work.gd/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept */* Response headers strict-transport-security max-age=15768000; includeSubDomains cache-control no-store, no-cache, must-revalidate pragma no-cache expires Thu, 19 Nov 1981 08:52:00 GMT content-length 0 date Sat, 07 Dec 2024 06:47:55 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/8.3.14, PleskLin server nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

invalid

URL

chrome-extension://invalid/

Domain

invalid

URL

chrome-extension://invalid/

Domain

invalid

URL

chrome-extension://invalid/

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AKBank (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| tcno_dogrula function| alertCagir function| closeAlert function| uyari function| uyari2 function| uyariKapat function| handleButtonClick function| submitCustomForm function| gonder

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			73892y355293e9477234.work.gd/	1969-12-31 23:59:59	Name: PHPSESSID Value: iadqt1lmmtl84vn5j2u443a4ph

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: https://73892y355293e9477234.work.gd/assets/tr.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://73892y355293e9477234.work.gd/assets/bottom.png Message: Failed to load resource: the server responded with a status of 404 ()
recommendation	verbose	URL: https://73892y355293e9477234.work.gd/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://73892y355293e9477234.work.gd/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

73892y355293e9477234.work.gd
fonts.gstatic.com
invalid
invalid
154.216.18.197
2607:f8b0:4004:c1b::5e
19a22bf691a28b6707e9a2497e850376ab1cef09e095dc51f197bf7dcdebe6fe
22983733cd439df606d93b550e0baf86842a450cdedf34890b4cf216729b969f
26fd27fb6bb1dc4c64a687124cc328a5ed13d89155dbfcd218eda64a45835174
4d22a50e5293e19387794c8268b8bc53f79fa5cebc4a1f519895e7a6c5df428e
4f97855a76153e617b653162f7ef0a9b3c92d74439a20b924f3b8671f952926b
5945935b868b1a8f5eb9e4df30b412e760115b11aa161469fbcf79123816a3a0
5f6e2bca038e8b0324f4b524fa88060ab5d5d4a7ba557cdbb94319958b73d2f0
75cd1c2bbd47db72c1a7a720e764c7672a95bdae7033c570d549ac88c9add234
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8a76a84bbca5471a322f5734feb41feb6932902569a3cfa6ea72aecb61a160ae
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a526dac26fcc645d428764b07fd6ae2ad3399129b75c22c8e149278157291189
aa2f7aa12087917e73756ab965da7a84a3a0270a43b929fc8f2070561fac18fe
b76ffbb2665f82b493e054b50d3d1bb3f2a8b4233be1795ca9937956eef196bc
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
c4fb2ebb4b42b8e7af9b4e06bfa42634b62964ed748608de0191115771234cfe
c8b1c29d7df4026dbe9656dfa69649cb9fa3050eadfd6fcf886401f54acba23e
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d