oh638vr7t.gcr-fnac7ficher-ed0cf3v.de Open in urlscan Pro
2a02:4780:1:1380:0:1add:3b4e:10 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de/0GaNg56.html
Submission: On February 26 via automatic, source phishtank (February 26th 2024, 5:23:01 pm UTC) — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 13 HTTP transactions. The main IP is 2a02:4780:1:1380:0:1add:3b4e:10, located in Asheville, United States and belongs to AS-HOSTINGER, CY. The main domain is oh638vr7t.gcr-fnac7ficher-ed0cf3v.de.
TLS certificate: Issued by R3 on February 26th 2024. Valid for: 3 months.

This is the only time oh638vr7t.gcr-fnac7ficher-ed0cf3v.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a02:4780:1:1... 2a02:4780:1:1380:0:1add:3b4e:10	47583 (AS-HOSTINGER) (AS-HOSTINGER)
5	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
5	2606:4700:310... 2606:4700:310c::ac42:2c95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	5

1 2a02:4780:1:1380:0:1add:3b4e:10 (Asheville, United States)

ASN47583 (AS-HOSTINGER, CY)

oh638vr7t.gcr-fnac7ficher-ed0cf3v.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

fonts.bunny.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:310c::ac42:2c95 (United States)

ASN13335 (CLOUDFLARENET, US)

orange-style.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

ajax.aspnetcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	pages.dev orange-style.pages.dev	61 KB
5	bunny.net fonts.bunny.net — Cisco Umbrella Rank: 9815	76 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	5 KB
1	aspnetcdn.com ajax.aspnetcdn.com — Cisco Umbrella Rank: 2393	30 KB
1	gcr-fnac7ficher-ed0cf3v.de oh638vr7t.gcr-fnac7ficher-ed0cf3v.de	8 KB
13	5

	Domain	Requested by
5	orange-style.pages.dev	oh638vr7t.gcr-fnac7ficher-ed0cf3v.de
5	fonts.bunny.net	oh638vr7t.gcr-fnac7ficher-ed0cf3v.de fonts.bunny.net
1	cdnjs.cloudflare.com	oh638vr7t.gcr-fnac7ficher-ed0cf3v.de
1	ajax.aspnetcdn.com	oh638vr7t.gcr-fnac7ficher-ed0cf3v.de
1	oh638vr7t.gcr-fnac7ficher-ed0cf3v.de
13	5

This site contains no links.

Subject Issuer	Validity	Valid
oh638vr7t.gcr-fnac7ficher-ed0cf3v.de R3	`2024-02-26` - `2024-05-26`	3 months	crt.sh
fonts.bunny.net R3	`2024-02-25` - `2024-05-25`	3 months	crt.sh
orange-style.pages.dev E1	`2024-02-21` - `2024-05-21`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2023-05-05` - `2024-04-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de/0GaNg56.html
Frame ID: ABC50A9DA9E07B52479D7BEC1E73B879
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

identifiez-vous

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

180 kB
Transfer

625 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 0GaNg56.html Show response
oh638vr7t.gcr-fnac7ficher-ed0cf3v.de/ 70 KB
8 KB 411ms
114ms Document
text/html 2a02:4780:1:1380:0:1add:3b4e:10
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de/0GaNg56.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:1:1380:0:1add:3b4e:10 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e333e1f7e55b0800b85419932a44e945d2d3136d19736aa801a864c715865f00

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 7432
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Mon, 26 Feb 2024 17:22:57 GMT
etag: "11630-65dc8892-6599a248bae45395;br"
last-modified: Mon, 26 Feb 2024 12:48:18 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding

GET
H2 200 css
fonts.bunny.net/ 17 KB
2 KB 101ms
16ms Stylesheet
text/css 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/css?family=Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Quicksand:300,regular,500,600,700&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
Requested by: Host: oh638vr7t.gcr-fnac7ficher-ed0cf3v.de
URL: https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de/0GaNg56.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: c2d8a852a3ca066fcdddcaaa72be6fcab67e697f0eba6f8c0dce79928e528b07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 17:22:57 GMT
content-encoding: br
cdn-edgestorageid: 1080
cdn-cachedat: 02/13/2024 16:41:00
cdn-pullzone: 781720
last-modified: Tue, 13 Feb 2024 16:41:00 GMT
server: BunnyCDN-DE1-1082
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: be2a8beaa5c01dc7f0aadf38d2cbc3d5
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 group-1.min.css
orange-style.pages.dev/css/ 31 KB
5 KB 95ms
52ms Stylesheet
text/css 2606:4700:310c::ac42:2c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orange-style.pages.dev/css/group-1.min.css

Requested by

Host: oh638vr7t.gcr-fnac7ficher-ed0cf3v.de
URL: https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de/0GaNg56.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2c95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

533414542c94a48d4d8618b5f6818336e6a3a20761e96070cc4933a89d0ea05a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 17:22:57 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"048ebb7bfec4014065287158a85ebb1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e9VvXn1U83VOWhFc7k%2BsYx4pPrDaFm2laS%2BvrjA3nlNSNu65BTOZOaVKs%2BtWKW%2B2HKb6nbY7VEnBdX8DPmJn%2Fx0KriDLW5qzHzsbB4pc9v9nvynhwcX0vdu2svyD6our%2Bqhept7zye%2BNDIahyks93pyQnF4R"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 85b9df85ad289279-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 preview.min.css
orange-style.pages.dev/css/ 312 KB
35 KB 99ms
56ms Stylesheet
text/css 2606:4700:310c::ac42:2c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://orange-style.pages.dev/css/preview.min.css

Requested by

Host: oh638vr7t.gcr-fnac7ficher-ed0cf3v.de
URL: https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de/0GaNg56.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2c95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb2412a64fa6dcf8a6caf8b41aa1e282b4a427273aeeb3a6918ee00f2f23f57e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 17:22:57 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"78e6c19583cea51c165b286f5e7a491a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bi8THIugllT4W1yMpyqILk%2FkR28TXcBbJnx%2BossRqLBBuvzA1Ht4BdNl%2F%2FrBWYONer6PEp83XNjjNyYF9e3AGuL7iWPRbHWEJXKueT37XA7ID62Z5IpWWFxr1u0yPiQDoujmOwp0LK6ZwFpgxVpv3ZiB8uXY"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 85b9df85ad2b9279-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 3.png
orange-style.pages.dev/images/ 7 KB
8 KB 92ms
48ms Image
image/png 2606:4700:310c::ac42:2c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orange-style.pages.dev/images/3.png

Requested by

Host: oh638vr7t.gcr-fnac7ficher-ed0cf3v.de
URL: https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de/0GaNg56.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2c95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

367a70075972dbb2db782b9359484f63f14e500f14575238e98d877b682e2711

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 17:22:57 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8a7734645ffc601ad01e97ea749a5242"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0qoFi8UHBe2uEj2PwSxqSxijEbk27Yo9vSWQmdqcY6pBnctaIJ9coCIpbggOtN%2F%2FKJzgOWOp03%2FaRTRoCBVtpss7nRVOhdDo8atwiZ8wXgiHfS%2BX74QipWlm6kq6TJe6CuhZiom7%2F9rkzSfdsDDDyjbfamd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 85b9df85ad2c9279-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7559

GET
H2 200 jquery-3.3.1.min.js Show response
ajax.aspnetcdn.com/ajax/jQuery/ 85 KB
30 KB 66ms
15ms Script
application/javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js

Requested by

Host: oh638vr7t.gcr-fnac7ficher-ed0cf3v.de
URL: https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de/0GaNg56.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.199.19.160 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48FC) /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 17:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15616504
x-cache: HIT
content-length: 30394
x-xss-protection: 1; mode=block
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (ama/48FC)
etag: "80288516b793d31:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.mask.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/ 20 KB
5 KB 31ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js

Requested by

Host: oh638vr7t.gcr-fnac7ficher-ed0cf3v.de
URL: https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de/0GaNg56.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 17:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6386173
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4517
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-4e98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0XdmtHeJ3eSTaaPQFoWksa4mNfbu0o%2BwUCmQrDxLIKEzJU8Cuh2g%2FeVFJx4jVi%2BQkkLpEw9kZcX02rsRuH1YH%2FHV3rEErE0t%2F0ef3ga1JCFiOhJUZG5gKVyKxso7N9hXIQYtYEUQiTjNm7TPrVZvPDpD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85b9df857f6265a6-FRA
expires: Sat, 15 Feb 2025 17:22:57 GMT

GET
H2 200 lato-latin-700-normal.woff2
fonts.bunny.net/lato/files/ 23 KB
23 KB 47ms
18ms Font
font/woff2 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/lato/files/lato-latin-700-normal.woff2
Requested by: Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Quicksand:300,regular,500,600,700&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Request headers

Referer: https://fonts.bunny.net/css?family=Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Quicksand:300,regular,500,600,700&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
Origin: https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 17:22:57 GMT
cdn-edgestorageid: 1081
cdn-storageserver: DE-680
cdn-cachedat: 09/05/2023 15:56:56
cdn-pullzone: 781720
content-length: 23040
last-modified: Thu, 06 Jul 2023 07:20:40 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 642
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "64a66b48-5a00"
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: 67496b395652a1966d26b1220f4bed16
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 quicksand-latin-700-normal.woff2
fonts.bunny.net/quicksand/files/ 13 KB
14 KB 67ms
39ms Font
font/woff2 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/quicksand/files/quicksand-latin-700-normal.woff2
Requested by: Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Quicksand:300,regular,500,600,700&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 3bc49e2ecbfb96f9f55fdbd2c9631d6e67fefffeb1e667bab4bb2b98673b828c

Request headers

Referer: https://fonts.bunny.net/css?family=Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Quicksand:300,regular,500,600,700&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
Origin: https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 17:22:57 GMT
cdn-edgestorageid: 1081
cdn-storageserver: DE-587
cdn-cachedat: 10/31/2023 18:10:48
cdn-pullzone: 781720
content-length: 13332
last-modified: Thu, 06 Jul 2023 09:02:25 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 644
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "64a68321-3414"
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: d6681de6cce7fc02558e11e3d4d25f74
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lato-latin-400-normal.woff2
fonts.bunny.net/lato/files/ 23 KB
24 KB 75ms
47ms Font
font/woff2 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/lato/files/lato-latin-400-normal.woff2
Requested by: Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Quicksand:300,regular,500,600,700&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Request headers

Referer: https://fonts.bunny.net/css?family=Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Quicksand:300,regular,500,600,700&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
Origin: https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 17:22:57 GMT
cdn-edgestorageid: 1082
cdn-storageserver: DE-679
cdn-cachedat: 09/05/2023 15:56:54
cdn-pullzone: 781720
content-length: 23580
last-modified: Thu, 06 Jul 2023 07:20:41 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 656
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "64a66b49-5c1c"
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: a3a81215fcc380bebcfa97272328ea26
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 quicksand-latin-500-normal.woff2
fonts.bunny.net/quicksand/files/ 14 KB
14 KB 59ms
34ms Font
font/woff2 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.bunny.net/quicksand/files/quicksand-latin-500-normal.woff2
Requested by: Host: fonts.bunny.net
URL: https://fonts.bunny.net/css?family=Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Quicksand:300,regular,500,600,700&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: b2acebc85d9188ee80d3c9b04d3b5cda759566c88f2ca252b3cf4ba87e729d63

Request headers

Referer: https://fonts.bunny.net/css?family=Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Quicksand:300,regular,500,600,700&subset=arabic,bengali,cyrillic,cyrillic-ext,devanagari,greek,greek-ext,gujarati,hebrew,khmer,korean,latin-ext,tamil,telugu,thai,vietnamese&display=swap
Origin: https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 17:22:57 GMT
cdn-edgestorageid: 1081
cdn-storageserver: SYD-214
cdn-cachedat: 02/20/2024 07:00:02
cdn-pullzone: 781720
content-length: 13936
last-modified: Thu, 06 Jul 2023 04:18:19 GMT
server: BunnyCDN-DE1-1082
cdn-fileserver: 241
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "64a6408b-3670"
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
cdn-requestid: e46d64c668c939a28c3b20a31068d4db
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 1.png
orange-style.pages.dev/images/ 644 B
972 B 33ms
33ms Image
image/png 2606:4700:310c::ac42:2c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orange-style.pages.dev/images/1.png

Requested by

Host: oh638vr7t.gcr-fnac7ficher-ed0cf3v.de
URL: https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de/0GaNg56.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2c95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2a8cf93f6c88865c7f7e3b133f3dfeaf0b5300764255838fb05590aec432d85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 17:22:57 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "dd4bbbbc46e8e7e791a17b5d716be986"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbu5HLIMTTH2qC96LIZVjclMC4%2BRSSB%2Bj8%2F%2FH%2Fe0F9g11b9M9rGdff3mhNyvO8dxuAi4r06%2BYvybf%2BaOXBA9i5AXGr7vBJU5FES6BKE%2Fr3fob24DVl8UyiBt0lfZpTcLKaDgkCUHOEH1%2Fhd%2Fy7ApxKNsc1Jg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 85b9df861d829279-FRA
alt-svc: h3=":443"; ma=86400
content-length: 644

GET
H2 200 2.png
orange-style.pages.dev/images/ 11 KB
11 KB 35ms
35ms Image
image/png 2606:4700:310c::ac42:2c95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://orange-style.pages.dev/images/2.png

Requested by

Host: oh638vr7t.gcr-fnac7ficher-ed0cf3v.de
URL: https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de/0GaNg56.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2c95 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0933a1eda8ab7d9208514a3c1a28d275031e9e1e37e66de89b4190854bad7a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oh638vr7t.gcr-fnac7ficher-ed0cf3v.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 17:22:57 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "bc28ed074cb92510c24305f6cde6d043"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnpBymqEEiM%2ByeqDa2Z08mXFJ%2BTPF3EfxEFjsjiUWbK1u2yiGWG2XE7a5RkEvu9id%2Fau0KhKUiuZhwzWrxfnJAz%2BQi2Zga97Sc8dGKTt9pTNpwl%2BLDffeOrTj4WI%2Bj7PApz1KbjgoM3GwagayXLWNEEX9Ln2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 85b9df862d8d9279-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11250

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| count number| counts

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
cdnjs.cloudflare.com
fonts.bunny.net
oh638vr7t.gcr-fnac7ficher-ed0cf3v.de
orange-style.pages.dev
152.199.19.160
2400:52e0:1e00::1082:1
2606:4700:310c::ac42:2c95
2606:4700::6811:190e
2a02:4780:1:1380:0:1add:3b4e:10
0933a1eda8ab7d9208514a3c1a28d275031e9e1e37e66de89b4190854bad7a8e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
367a70075972dbb2db782b9359484f63f14e500f14575238e98d877b682e2711
3bc49e2ecbfb96f9f55fdbd2c9631d6e67fefffeb1e667bab4bb2b98673b828c
533414542c94a48d4d8618b5f6818336e6a3a20761e96070cc4933a89d0ea05a
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
b2acebc85d9188ee80d3c9b04d3b5cda759566c88f2ca252b3cf4ba87e729d63
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
c2d8a852a3ca066fcdddcaaa72be6fcab67e697f0eba6f8c0dce79928e528b07
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d2a8cf93f6c88865c7f7e3b133f3dfeaf0b5300764255838fb05590aec432d85
e333e1f7e55b0800b85419932a44e945d2d3136d19736aa801a864c715865f00
fb2412a64fa6dcf8a6caf8b41aa1e282b4a427273aeeb3a6918ee00f2f23f57e

oh638vr7t.gcr-fnac7ficher-ed0cf3v.de Open in urlscan Pro 2a02:4780:1:1380:0:1add:3b4e:10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

180 kBTransfer

625 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

oh638vr7t.gcr-fnac7ficher-ed0cf3v.de Open in urlscan Pro
2a02:4780:1:1380:0:1add:3b4e:10 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

180 kB
Transfer

625 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions