urlscan.io logo urlscan.io
SecurityTrails logo

poverymilleruodomail210.ink Open in urlscan Pro
172.67.203.57  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
Submission: On April 09 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 22 HTTP transactions. The main IP is 172.67.203.57, located in United States and belongs to CLOUDFLARENET, US. The main domain is poverymilleruodomail210.ink.
TLS certificate: Issued by GTS CA 1P5 on April 4th 2024. Valid for: 3 months.
This is the only time poverymilleruodomail210.ink was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Cox (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
2 20 172.67.203.57 13335 (CLOUDFLAR...)
2 3.162.3.92 16509 (AMAZON-02)
1 3.161.213.7 16509 (AMAZON-02)
1 2 45.60.45.167 19551 (INCAPSULA)
22 4
Apex Domain
Subdomains		 Transfer
20 poverymilleruodomail210.ink
poverymilleruodomail210.ink
122 KB
2 cox.com
webcdn2.cox.com — Cisco Umbrella Rank: 388490
webcdn.cox.com — Cisco Umbrella Rank: 31520
9 KB
2 oktacdn.com
global.oktacdn.com — Cisco Umbrella Rank: 24198
47 KB
1 foresee.com
gateway.foresee.com — Cisco Umbrella Rank: 9009
3 KB
22 4
Domain Requested by
20 poverymilleruodomail210.ink 2 redirects poverymilleruodomail210.ink
2 global.oktacdn.com poverymilleruodomail210.ink
global.oktacdn.com
1 webcdn.cox.com
1 webcdn2.cox.com 1 redirects
1 gateway.foresee.com poverymilleruodomail210.ink
22 5

This site contains no links.

Subject Issuer Validity Valid
poverymilleruodomail210.ink
GTS CA 1P5		 2024-04-04 -
2024-07-03		 3 months crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-15 -
2025-01-02		 a year crt.sh
foresee.com
Amazon RSA 2048 M03		 2024-03-28 -
2025-04-26		 a year crt.sh

This page contains 3 frames:

Primary Page: https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
Frame ID: 3FAF180482525335736736E414BE0ED6
Requests: 18 HTTP requests in this frame

Frame: https://poverymilleruodomail210.ink/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: FC06726C56F1B0EEEAAA27B87E6C96C1
Requests: 2 HTTP requests in this frame

Frame: https://poverymilleruodomail210.ink/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: 5C51BD2A27AE26D1C083ABEE90792651
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cox Login - Sign Into Your Cox Account

Page URL History Show full URLs

  1. https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn Page URL
  2. https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

22
Requests

86 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

1
Countries

179 kB
Transfer

915 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn Page URL
  2. https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://poverymilleruodomail210.ink/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://poverymilleruodomail210.ink/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Request Chain 16
  • https://poverymilleruodomail210.ink/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://poverymilleruodomail210.ink/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Request Chain 20
  • https://webcdn2.cox.com/ui/presentation/tsw/faviconrebrand.ico HTTP 301
  • https://webcdn.cox.com/ui/presentation/tsw/faviconrebrand.ico

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
login.php
poverymilleruodomail210.ink/CQXFO/web/ 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc8425a1a8e215b991c389867e2f36e3864eb680fd02ff06f19dfd80ec5000cd
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
871de2c18da33dd3-MIA
content-type
text/html; charset=utf-8
date
Tue, 09 Apr 2024 22:20:40 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3tcTEigqCbpFrUcoRCsGcxzbYl3mJ1efxs75D8S18lid8OHAp23Np961PNCKekvlv4vpu8LPmnotm%2BXLqxrp%2FJjkVTBeX8whrzhB9nZVCX9XvPZnJNUcpCnD%2FJEneGNFxd%2BkcFCOVkbcWB6Ug2k%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
login.php
poverymilleruodomail210.ink/CQXFO/web/ 		0
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
Requested by
Host: poverymilleruodomail210.ink
URL: https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Requested-TimeStamp-Expire
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp
F9ZVZJ8cyAefmBLbllmcwsxw9Sw
28282432
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 09 Apr 2024 22:20:41 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ScraW7LSb9RxvAJljhshkC79CeAkkGivH1OyKKzxSrpB25YT6Jbr3cTtd8gfQtG4Udcxzflk3kpECrI5dmswUEeuD%2Fu1m5Fjd8OAJj%2FDSatZ7ONzBxPjuaiah1uh31rVA8h6nhCkws%2Fefb5FkI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
871de2c3b8783dd3-MIA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
main.js
poverymilleruodomail210.ink/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame FC06
Redirect Chain
  • https://poverymilleruodomail210.ink/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://poverymilleruodomail210.ink/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://poverymilleruodomail210.ink/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Protocol
H3
Server
172.67.203.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c7556e8c2066fe885ed58e24601b25c82b747589dc17900051bc9cb98053329
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Apr 2024 22:20:40 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PMmx88AsbNQc%2BJRq%2FLOwvHEhbxs%2BAlehVRzWcnFt5Hcm9djUtraas31TEZLY5j7ZX4KbOca37jbcBx6fjeiZTnw0CBw8DqPzaAhgrOYNM6q41%2F3UIm0ymZVQ070lRpmXMVLhDxTUKtd3wCa13oo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
871de2c3f8c43dd3-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 09 Apr 2024 22:20:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pRW4pTcLSxROY56fO6CldyyeifZjvfeh20LG3ghGE3WGa6cQHUJEDXtrchnKvuWV%2BYToILZVV4w6dkvWwPMP%2Fiae8qVNcnakXX9rgiQ%2FVu4IFGvVPzMXqfERNrj8d3PTH2nL8PtdtzX8GngKisg%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
871de2c3b87d3dd3-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
poverymilleruodomail210.ink/ 		257 B
675 B 		Other
General
Check archive.org
Download Go to
Full URL
https://poverymilleruodomail210.ink/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5128b5e331cad19df2f67041ffc85bf716d6e6106dea098c37524593fb268e9
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 09 Apr 2024 22:20:40 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
121702
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1VI4FX6rRmR6kvLVn%2BgIHI9forbWQQK76mxWnpgn4DXbodHRbP26S0gthBQ6iv%2F%2FBBEoGmzeFwpGUpRoTjyIi5%2BZkOBGt44uih038AomoVmCVzmJcbLtBdDV26XBQNPebsMVuJbgmTEDXJxx5AQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray
871de2c3c8823dd3-MIA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
871de2c18da33dd3
poverymilleruodomail210.ink/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame FC06 		0
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://poverymilleruodomail210.ink/cdn-cgi/challenge-platform/h/b/jsd/r/871de2c18da33dd3
Requested by
Host: poverymilleruodomail210.ink
URL: https://poverymilleruodomail210.ink/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Apr 2024 22:20:41 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XtYjZPo%2FxPJFv9i3BfbAKmFwGoTHdUBcj%2F71spoZfy%2FzAay4vYB00d4%2BzVIC6nZti7RhZpJqbgubsVWS3LaQ%2FL5nK9NAavExl93EU5yp4iugDH9VFjiejwPDLpnkExJJbbGW3HgvaqTmoXrkNJA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
871de2c4b9b63dd3-MIA
alt-svc
h3=":443"; ma=86400
Primary Request login.php
poverymilleruodomail210.ink/CQXFO/web/ 		28 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
Requested by
Host: poverymilleruodomail210.ink
URL: https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c9b035113fbce5a62dee624c5b91ea60963ed4e6c40f482ef23ef16dfc3da7
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
871de2c4d9e33dd3-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 09 Apr 2024 22:20:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jbToHvTY6GDMUSauxyGOHdJjCMVQUIhe5ga%2F1f4kiL%2FvkZjLwHiP4Yqayh8qjQBSlF6xVbaHT9rf5KwH2NY5APXPaMkEtalm0YuQvWAiYyY5iV1lCKqazw9pnqmf3hHKAfYlXwOJk3OK%2BS0oZ5s%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
okta-sign-in.min.css
global.oktacdn.com/okta-signin-widget/3.8.2/css/ 		180 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-signin-widget/3.8.2/css/okta-sign-in.min.css
Requested by
Host: poverymilleruodomail210.ink
URL: https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-92.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68ef764e2d683a2b137e78e7b4a96cc195e229729bf9f82ad7b92eb0892b3a06
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://poverymilleruodomail210.ink/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
VioymT0ami6RAq5l.msmhnEwxweXAIS1
strict-transport-security
max-age=315360000
x-content-type-options
nosniff
date
Tue, 09 Apr 2024 04:04:36 GMT
content-encoding
gzip
x-amz-cf-pop
YUL62-P2
age
65767
via
1.1 10f978be0e76903f65b35bee6581c310.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 20 Mar 2020 02:19:40 GMT
server
AmazonS3
etag
W/"92cb194fd7896eb0997c23a4a3dbb596"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
x-amz-cf-id
3iTD01NzQlUWkiDiwO6iGUWlzWFsWPTWDv7OaPoRddxEtvg1hTnVjw==
flex-presentation.css
poverymilleruodomail210.ink/CQXFO/web/assets/css/ 		173 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://poverymilleruodomail210.ink/CQXFO/web/assets/css/flex-presentation.css
Requested by
Host: poverymilleruodomail210.ink
URL: https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4456f76512cd54420bbc6cd0b1f92db6f087ca96ca2cde36974f7cd6b3edb4f4
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 22:20:41 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2689
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
pragma
public
last-modified
Tue, 19 Oct 2021 02:52:50 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DW4Kn7KYCwxB5XdgINJDTGzJOL3PAi7%2Bx0qkCoBdtIfJwWpZvR78FZhmD8wvkuYTeajXWuHnKLyup7ZoeHxSFyb970oNxkooBCHiVl0271QbtxXXh6ijE4o4q%2BIVs%2FW%2B%2FVGDIUS%2FxSBS4q0gnHM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
871de2c9af243dd3-MIA
expires
Thu, 09 May 2024 21:35:52 GMT
cox-residential-aemapp.css
poverymilleruodomail210.ink/CQXFO/web/assets/css/ 		424 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://poverymilleruodomail210.ink/CQXFO/web/assets/css/cox-residential-aemapp.css
Requested by
Host: poverymilleruodomail210.ink
URL: https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c762adc41ad599e970d9abfa68241385a659911d11e96f152670620995d68f5e
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 22:20:41 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132625
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
pragma
public
last-modified
Mon, 13 Sep 2021 00:34:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y69VdS%2BaKY4LyaShz33goKiy%2FN%2BD%2FJA6Y4wcVIW0ZqmVkRJuW7CBe3KFWESk76%2B2%2FWRo7UMZo37gVaz92f9JF6O4NA6PrV2E9mvk9GaTo50km89lWIv1gRAVomZ7a7EgwCxJWVYamfsch75YRyk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
871de2c9af273dd3-MIA
expires
Wed, 08 May 2024 09:30:16 GMT
flex2text-styles.min.css
poverymilleruodomail210.ink/CQXFO/web/assets/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://poverymilleruodomail210.ink/CQXFO/web/assets/css/flex2text-styles.min.css
Requested by
Host: poverymilleruodomail210.ink
URL: https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4929a2cc0087f4dc4362c4560fd1fb087168a026c0e798bbc869072ba0c2376
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 22:20:41 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132625
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
pragma
public
last-modified
Mon, 13 Sep 2021 00:34:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q0Srki79B4C7b5iBaD3uES%2FSC0KaiRM3dhKZZM%2FKS90hejXyJ4g7s9H6jMgU59WarESiu9tQXq3uTFzQBkUNxXjqXkiqNFFu1tjFlUFqKxi5LbLSmXLfcLu5vSJxpsSWQolT4mctrrbQW6KrTNM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
871de2c9af2a3dd3-MIA
expires
Wed, 08 May 2024 09:30:16 GMT
overrides.min.css
poverymilleruodomail210.ink/CQXFO/web/assets/css/ 		49 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://poverymilleruodomail210.ink/CQXFO/web/assets/css/overrides.min.css
Requested by
Host: poverymilleruodomail210.ink
URL: https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c4a03e412933e80d79287abd90e2674bf51d408c30e49b850239b2378d7e899
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 22:20:41 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
121705
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
pragma
public
last-modified
Mon, 13 Sep 2021 00:34:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2BKIrL3YdpahI9NcAT5YZUpIvCddy0YNE%2FVP34FHzfdTjhbOfF6q0%2FDjeuUG9mPwcHKfspqJ26%2FJXtbfdjQIY2OlDO6W6hE4a6uySrTHs5nn2bzMop6ox0H70z%2Fl9SMISp6V1lgW4O1uvDe5Brc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
871de2c9af2b3dd3-MIA
expires
Wed, 08 May 2024 12:32:16 GMT
oo_icon_white.gif
gateway.foresee.com/code/5.10.4-oo/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gateway.foresee.com/code/5.10.4-oo/oo_icon_white.gif
Requested by
Host: poverymilleruodomail210.ink
URL: https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-7.yul62.r.cloudfront.net
Software
/
Resource Hash
c3f012ffdb0be6fe0417057e7debc8c5129eed0476fd765cd93f234bb2cf77a3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://poverymilleruodomail210.ink/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 16 Mar 2024 06:46:20 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 baa0aaa1ff4766ddf3afe80431a74b82.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P1
age
2129662
x-cache
Hit from cloudfront
status
200
content-length
2247
last-modified
Thu, 24 Jun 2021 17:07:14 GMT
etag
"f12d8abbdb0cb10ebe21199595d28c4b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=2419200
access-control-allow-headers
X-Requested-With
x-amz-cf-id
DZAm7rpuIjOd8y4_IdG9G05C-z-ilRSk1SfwoaNTEDhIqCT3jyh6dg==
expires
Sat, 13 Apr 2024 06:46:20 GMT
cox_logo.png
poverymilleruodomail210.ink/CQXFO/web/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://poverymilleruodomail210.ink/CQXFO/web/assets/img/cox_logo.png
Requested by
Host: poverymilleruodomail210.ink
URL: https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d60826499153bf6fcb4e8a8809d3b10d737cf4990ee4a0c8d796af7d5c0a9175
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 22:20:42 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132625
alt-svc
h3=":443"; ma=86400
content-length
1865
x-xss-protection
1; mode=block, 1; mode=block
pragma
public
last-modified
Mon, 18 Oct 2021 21:55:26 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lUTO7WirO%2BrFgpsisqPlmk2hhUYiShOqqFslgRHnyzvzOmEFxT4hRDh2sFpCQyYrh5b7ZpzOfSGNhGMbZF0b5ccYurOMPg1giqvI6dco1X7XugBYkUiV%2FQQJONbM5w2UsBVJQxuw9Bd78coau9U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=5184000
accept-ranges
bytes
cf-ray
871de2cb49843dd3-MIA
expires
Fri, 07 Jun 2024 09:30:17 GMT
checkbox-default.svg
poverymilleruodomail210.ink/CQXFO/web/assets/img/ 		270 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://poverymilleruodomail210.ink/CQXFO/web/assets/img/checkbox-default.svg
Requested by
Host: poverymilleruodomail210.ink
URL: https://poverymilleruodomail210.ink/CQXFO/web/assets/css/cox-residential-aemapp.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5647edf02795dbd3d4fb9f5c38e1ffefa0d563c31c9cc060db7320e28bf9844
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://poverymilleruodomail210.ink/CQXFO/web/assets/css/cox-residential-aemapp.css
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 22:20:42 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
121705
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
pragma
public
last-modified
Mon, 13 Sep 2021 00:34:34 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S3zo7V8epFRlyQ7LlXUkDF9Oan0yMvj7%2BObA%2F9bboeEI5M1mnvWm1EUwDd59kKUBQjOeQfY4qYIFVC6NHOsR69dK6cCeLKrzQC1r4vj9VLhfS%2BfF2dMU4K4l3iZn6vJE0Njv4cwYUdzgDkNHtWo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=5184000
cf-ray
871de2cb49853dd3-MIA
expires
Fri, 07 Jun 2024 12:32:17 GMT
okticon.woff
global.oktacdn.com/okta-signin-widget/3.8.2/font/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-signin-widget/3.8.2/font/okticon.woff
Requested by
Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/3.8.2/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-92.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://global.oktacdn.com/okta-signin-widget/3.8.2/css/okta-sign-in.min.css
Origin
https://poverymilleruodomail210.ink
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
dDQhkYt0RHrEVEp9cvTtLweQzsWLGlTl
strict-transport-security
max-age=315360000
x-content-type-options
nosniff
date
Tue, 09 Apr 2024 09:38:30 GMT
via
1.1 3c503941ffd955a9223590c80d8af4c2.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
age
45733
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
20600
last-modified
Fri, 20 Mar 2020 02:19:41 GMT
server
AmazonS3
etag
"db28723126138387cdf40680e6e0fa5d"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=31536000,s-maxage=1814400
accept-ranges
bytes
x-amz-cf-id
b3BzZGLGI4y6kD_bXOvMKNzCFUb6Ves5a5XTz5jbH2wWfKPElD1iwQ==
OpenSans-Regular-webfont.woff
poverymilleruodomail210.ink/CQXFO/web/assets/css/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://poverymilleruodomail210.ink/CQXFO/web/assets/css/fonts/OpenSans-Regular-webfont.woff
Requested by
Host: poverymilleruodomail210.ink
URL: https://poverymilleruodomail210.ink/CQXFO/web/assets/css/flex-presentation.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://poverymilleruodomail210.ink/CQXFO/web/assets/css/flex-presentation.css
Origin
https://poverymilleruodomail210.ink
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 09 Apr 2024 22:20:42 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
121705
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X1yim8tpaP0TeO0vGjqHkv63Q50y9Trlh%2FEGsBNkaCbER7OEhvVysk8j2JKpTSkAXLb7kqYFQ2QYNcVj%2FwT970VJtYBxW9TvwaSdoq5XYM6dmVUh1vUiLoAZUgEcriHp2prNS%2FxxLMr9Sm7rdJs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray
871de2cb598b3dd3-MIA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
OpenSans-Semibold-webfont.woff
poverymilleruodomail210.ink/CQXFO/web/assets/css/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://poverymilleruodomail210.ink/CQXFO/web/assets/css/fonts/OpenSans-Semibold-webfont.woff
Requested by
Host: poverymilleruodomail210.ink
URL: https://poverymilleruodomail210.ink/CQXFO/web/assets/css/flex-presentation.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://poverymilleruodomail210.ink/CQXFO/web/assets/css/flex-presentation.css
Origin
https://poverymilleruodomail210.ink
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 09 Apr 2024 22:20:42 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
121705
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z%2FjB7zuXLSsQHt3ghdqwM347xJHW2E2UgZkDFiYlkUER9wPGBPgAf2qh297FEDa0rC%2BTAisRCEVR83L2QDnduSgfrTRTICN%2Feqn6ud7KdewRGWyyFMccpZ4YOXU05tI%2Bo2SPRJdpqDHgtm6xgSE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray
871de2cb69973dd3-MIA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
main.js
poverymilleruodomail210.ink/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame 5C51
Redirect Chain
  • https://poverymilleruodomail210.ink/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://poverymilleruodomail210.ink/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://poverymilleruodomail210.ink/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Requested by
Host: poverymilleruodomail210.ink
URL: https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
Protocol
H3
Server
172.67.203.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed6ea62559587fd5921b2251cb8238ede87c5161d1677721bd8064f393ea3852
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Apr 2024 22:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bxRDciCH046r%2BCyvFrv8DAuTuiXWlPSlt%2Bo3PUFSrgp70DJ9f907EaCFB7sHzfIY%2BKgA2RqLJN0W1ZA8awT7FuKA%2BRn0bwzsamINXDX0HiKBeIMXQtHvLJhpiwYfRhU2HCgtD3v4VMJA%2F3ctTUI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
871de2cbba033dd3-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 09 Apr 2024 22:20:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RgUMN5wpi0Cz5nik5DLDlR3kW0l4sG6MO7J5iTCAPLkyyWEtW%2BBY4ewbVuZQ%2FrzHcxYkQAfFbnW6VPP701tpFUirw3uDuhYzS7cPNggSlKd5mIrBTfg6OsgZ0XVltY8DHLZXCVCPl76KYd5heUs%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
871de2cb79b93dd3-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
OpenSans-Regular-webfont.ttf
poverymilleruodomail210.ink/CQXFO/web/assets/css/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://poverymilleruodomail210.ink/CQXFO/web/assets/css/fonts/OpenSans-Regular-webfont.ttf
Requested by
Host: poverymilleruodomail210.ink
URL: https://poverymilleruodomail210.ink/CQXFO/web/assets/css/flex-presentation.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://poverymilleruodomail210.ink/CQXFO/web/assets/css/flex-presentation.css
Origin
https://poverymilleruodomail210.ink
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 09 Apr 2024 22:20:42 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
121704
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DBpPJAGkhUvzHa2EbokU5sRr%2FrrtrlRKLG44m6uCwwfjcSyAhQQ0zKAmDTI28ruuPIEWtUY3RkUIsNG4qizAfE68f76%2FADlPeJ%2FFU3AtyQp%2FHQscOTz1oL3inH9D38jfi6sy2Dy0HsHvC%2Fsk73E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray
871de2cb99ce3dd3-MIA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
OpenSans-Semibold-webfont.ttf
poverymilleruodomail210.ink/CQXFO/web/assets/css/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://poverymilleruodomail210.ink/CQXFO/web/assets/css/fonts/OpenSans-Semibold-webfont.ttf
Requested by
Host: poverymilleruodomail210.ink
URL: https://poverymilleruodomail210.ink/CQXFO/web/assets/css/flex-presentation.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://poverymilleruodomail210.ink/CQXFO/web/assets/css/flex-presentation.css
Origin
https://poverymilleruodomail210.ink
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Tue, 09 Apr 2024 22:20:42 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
121704
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8tcwws2yC1TiKDq3Jg%2FS7xOddH6Uoesbb%2FfQTFMTihFexAedqovErXNnMmjqrXBOAvd%2FE%2F2sWVVWzBzPstY7xxQEDXGNBM5U1vSbprnAPivr3Js1Rey0AzbmnsdXGfMNaTC37fG8RjXE2AGk3EA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray
871de2cba9e13dd3-MIA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
871de2c4d9e33dd3
poverymilleruodomail210.ink/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 5C51 		0
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://poverymilleruodomail210.ink/cdn-cgi/challenge-platform/h/b/jsd/r/871de2c4d9e33dd3
Requested by
Host: poverymilleruodomail210.ink
URL: https://poverymilleruodomail210.ink/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.203.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Apr 2024 22:20:42 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uiyqnYiHa%2FnJXIQpjf%2FyRHbKjTQ%2F51VCzXl8FGBRk46HuG43DAO5KMqoBrud5tymIXUp2MOMxqA0hNLNgkOJWgWm0UpvL5KTYqM8L8WeNtXdGOuzxV1erABVodCFX2oitCsVMdT5KNbM%2Bc6I6sc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
871de2cd4c453dd3-MIA
alt-svc
h3=":443"; ma=86400
faviconrebrand.ico
webcdn.cox.com/ui/presentation/tsw/
Redirect Chain
  • https://webcdn2.cox.com/ui/presentation/tsw/faviconrebrand.ico
  • https://webcdn.cox.com/ui/presentation/tsw/faviconrebrand.ico
8 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://webcdn.cox.com/ui/presentation/tsw/faviconrebrand.ico
Protocol
H2
Server
45.60.45.167 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
7506b6707d00a8c8ecb5c5d56098452d885e0dde167ab9e77be7fd826a9b2c17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://poverymilleruodomail210.ink/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Thu, 04 Apr 2024 12:09:10 GMT
via
1.1 9c1e51085ad77fbbab78fe2feb46cf98.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-cdn
Imperva
x-amz-cf-pop
MIA3-C2
age
468692
x-cache
Hit from cloudfront
x-iinfo
15-22564162-22564169 NNNN CT(0 4 0) RT(1712701242435 67) q(0 0 0 6) r(0 0) U24
content-length
8195
last-modified
Tue, 05 Mar 2024 05:58:17 GMT
server
nginx
etag
"65e6b479-2003"
content-type
image/x-icon
access-control-allow-origin
*
cache-control
s-maxage=1209590, must-revalidate
x-incap-sess-cookie-hdr
UUDWNU1l2T6B7DgZGo5CFjq/FWYAAAAA0LoHaMV8ofDkaVYAJ3KaBg==
accept-ranges
bytes
x-amz-cf-id
jwS7xbYvwaedb0YyVpX3PRcPtyad-ohvsBN1WdfXJpIwtBems3hiww==

Redirect headers

location
https://webcdn.cox.com/ui/presentation/tsw/faviconrebrand.ico
strict-transport-security
max-age=31536000
content-length
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Cox (Telecommunication)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| now number| year

13 Cookies

Domain/Path Name / Value
poverymilleruodomail210.ink/ Name: vOZi1T_wRKfGsA_u1B0BUFIcSu8
Value: KyO2xP2hlCaZmUfJuI5svmZLxgY
poverymilleruodomail210.ink/ Name: mTJHx5NqR5E-Qq_JdPFMPQ1IPDg
Value: 1712701231
poverymilleruodomail210.ink/ Name: wVcIu6Jka_odAw2Z8cI2Ai06FAQ
Value: 1712787631
poverymilleruodomail210.ink/ Name: 8dWU3-wKl1ku74-7u3-lwVDimBc
Value: Tti1Ex6bWYZVhMtmNgNsAm1mXww
poverymilleruodomail210.ink/ Name: OaNxEKGE9761eLGP0HfY_RNn7dQ
Value: XFiKRrgpscIhUIVy7It28PfoUDk
poverymilleruodomail210.ink/ Name: gDlobNsbKWQAEdafZ7uLHRrrevk
Value: dq-3g8otrQQLf6pV1Dpn2CLl5WQ
poverymilleruodomail210.ink/ Name: 74rx6ENRQWqvkh_hUI3gvzUl9Nc
Value: 1712701240
poverymilleruodomail210.ink/ Name: ozG8m-KpWLrUFf577V3OyclIzkQ
Value: 1712787640
poverymilleruodomail210.ink/ Name: zQJeyLFtq-bYrOK1Dg3teUu3bSE
Value: R4n6mc1VlZtWGSmyIa1Jff7nAKo
.poverymilleruodomail210.ink/ Name: cf_clearance
Value: FbwU2M7HPhwYRpgHxIusO81.XXTUzPPywkihcNxZH_U-1712701242-1.0.1.1-Iw5LezB1fU91cm8kNWsOiHY4liSUYXFYB4uj9M6CVel1aey.nu34xRzezlcZeCZZ2KOhz.URUBTiO_X6WP7kyA
.cox.com/ Name: visid_incap_2781768
Value: 0WhV+kdFQKe9v4QRo33Bbjq/FWYAAAAAQUIPAAAAAACPFDGcG797d35kcp8U9RkT
.cox.com/ Name: nlbi_2781768
Value: HOowBStSgXNZwXu8u5PrqQAAAAAyEaQ9lnZX67nhYZb20ZF5
.cox.com/ Name: incap_ses_1604_2781768
Value: L+hCN+RF4CGB7DgZGo5CFjq/FWYAAAAAPN9mMIKNVynaIIxV0BNL/g==

9 Console Messages

Source Level URL
Text
network error URL: https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://poverymilleruodomail210.ink/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://poverymilleruodomail210.ink/CQXFO/web/assets/css/fonts/OpenSans-Regular-webfont.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://poverymilleruodomail210.ink/CQXFO/web/assets/css/fonts/OpenSans-Semibold-webfont.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://poverymilleruodomail210.ink/CQXFO/web/assets/css/fonts/OpenSans-Regular-webfont.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://poverymilleruodomail210.ink/CQXFO/web/assets/css/fonts/OpenSans-Semibold-webfont.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://poverymilleruodomail210.ink/CQXFO/web/login.php?web/cox/SignOn
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block