pub-d66b247c05b343c1b624fde64a178feb.r2.dev Open in urlscan Pro
2606:4700::6812:323 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Effective URL:
https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Submission: On May 15 via api (May 15th 2024, 9:13:20 pm UTC) from US — Scanned from DE

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 20 HTTP transactions. The main IP is 2606:4700::6812:323, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-d66b247c05b343c1b624fde64a178feb.r2.dev.
TLS certificate: Issued by E1 on April 5th 2024. Valid for: 3 months.

This is the only time pub-d66b247c05b343c1b624fde64a178feb.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700::68... 2606:4700::6812:323	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a05:d014:275... 2a05:d014:275:cb01::c8	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	6

2 2606:4700::6812:323 (United States)

ASN13335 (CLOUDFLARENET, US)

pub-d66b247c05b343c1b624fde64a178feb.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a05:d014:275:cb01::c8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

newmedappdate.netlify.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	netlify.app newmedappdate.netlify.app	1 MB
3	jquery.com code.jquery.com — Cisco Umbrella Rank: 776	108 KB
2	r2.dev pub-d66b247c05b343c1b624fde64a178feb.r2.dev	402 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	7 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 380	30 KB
0	0174meldingen.online Failed 0174meldingen.online Failed
20	6

	Domain	Requested by
12	newmedappdate.netlify.app	pub-d66b247c05b343c1b624fde64a178feb.r2.dev
3	code.jquery.com	pub-d66b247c05b343c1b624fde64a178feb.r2.dev
2	pub-d66b247c05b343c1b624fde64a178feb.r2.dev
1	cdnjs.cloudflare.com	pub-d66b247c05b343c1b624fde64a178feb.r2.dev
1	ajax.googleapis.com	pub-d66b247c05b343c1b624fde64a178feb.r2.dev
0	0174meldingen.online Failed	newmedappdate.netlify.app
20	6

This site contains no links.

Subject Issuer	Validity	Valid
*.r2.dev E1	`2024-04-05` - `2024-07-04`	3 months	crt.sh
*.netlify.app DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-15` - `2025-02-14`	a year	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Frame ID: 91D3136A7D34313D6E19A7F84BEF74F4
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ledger Live

Page URL History Show full URLs

http://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html HTTP 307
https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html Page URL

Detected technologies

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

95 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

1924 kB
Transfer

2656 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html HTTP 307
https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.html Show response
pub-d66b247c05b343c1b624fde64a178feb.r2.dev/
Redirect Chain

http://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html

375 KB
376 KB

414ms
373ms

Document
text/html

2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1683b3bf200cdae3e8d70e9cd3e07c717e10117613bbf229a19336a457b165fb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
CF-RAY: 88462177584d3617-FRA
Connection: keep-alive
Content-Length: 384235
Content-Type: text/html
Date: Wed, 15 May 2024 21:13:14 GMT
ETag: "7e3ff599caafba66dc4af803ccdd939a"
Last-Modified: Sun, 12 May 2024 10:32:03 GMT
Server: cloudflare
Vary: Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Non-Authoritative-Reason: HSTS

GET
H2 200 UMX9jlahOh2Y.css
newmedappdate.netlify.app/Folder/ 37 KB
6 KB 49ms
8ms Stylesheet
text/css 2a05:d014:275:cb01::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newmedappdate.netlify.app/Folder/UMX9jlahOh2Y.css

Requested by

Host: pub-d66b247c05b343c1b624fde64a178feb.r2.dev
URL: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

6626713211e198c04d94e042abd4d81cb92c73d149da01ec209408d83be959e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXZ1MA1QWAR7NMD945EV0XNP
date: Wed, 15 May 2024 21:13:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 8816
cache-status: "Netlify Edge"; hit
etag: "f8e7429d623c08a7d4a2d0b7958bf0d5-ssl-df"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 5429

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 290ms
7ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: pub-d66b247c05b343c1b624fde64a178feb.r2.dev
URL: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 May 2025 11:27:42 GMT

GET
H2 200 jquery-3.1.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 48ms
7ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.min.js
Requested by: Host: pub-d66b247c05b343c1b624fde64a178feb.r2.dev
URL: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 21:13:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3253684
x-cache: HIT, HIT
content-length: 30070
x-served-by: cache-lga21947-LGA, cache-fra-etou8220093-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1715807595.551940,VS0,VE0
etag: W/"28feccc0-152b5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 93, 23136

GET
H2 200 jquery-3.3.1.js Show response
code.jquery.com/ 265 KB
79 KB 47ms
7ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.js
Requested by: Host: pub-d66b247c05b343c1b624fde64a178feb.r2.dev
URL: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Origin: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 21:13:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 21005391
x-cache: HIT, HIT
content-length: 80268
x-served-by: cache-lga21980-LGA, cache-fra-etou8220053-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1715807595.552019,VS0,VE0
etag: W/"28feccc0-42587"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 10089, 4966

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 68ms
40ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: pub-d66b247c05b343c1b624fde64a178feb.r2.dev
URL: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Origin: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 21:13:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 605075
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6157
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HXgGVu5dTGXvcVKHSq56H4i33VpKSKCH054pUaHCm9vbItu1JBhM%2BhllGJAnm8bBqRH5Tgyoxojg3KXY0RYShV666aNBuowr5NJWgWEKa%2BSHUNv0cW6Ha6JIw33890otnYpcNQrvo8MBmrkyZsyNEdCq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88462179ec2c3656-FRA
expires: Mon, 05 May 2025 21:13:14 GMT

GET
H2 200 mfkNbEskGSwj.svg
newmedappdate.netlify.app/Folder/ 2 KB
993 B 19ms
9ms Image
image/svg+xml 2a05:d014:275:cb01::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newmedappdate.netlify.app/Folder/mfkNbEskGSwj.svg

Requested by

Host: pub-d66b247c05b343c1b624fde64a178feb.r2.dev
URL: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

7c34850991c3b7dd8816ea3314a4ddf849f6fa94a5fc39b2493593f9f6aac253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXZ1MA1RDEAZPQ42KF2YBC05
date: Wed, 15 May 2024 21:13:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 8816
cache-status: "Netlify Edge"; hit
etag: "3553cfc4584e5cd2ea4ca1cbd3151f7d-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 891

GET
H2 200 Yzvm8sG7noXg.png
newmedappdate.netlify.app/Folder/ 92 KB
92 KB 23ms
13ms Image
image/png 2a05:d014:275:cb01::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newmedappdate.netlify.app/Folder/Yzvm8sG7noXg.png

Requested by

Host: pub-d66b247c05b343c1b624fde64a178feb.r2.dev
URL: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

91d6b82c75ef8695f4c907c99e9239458afab5f00159eb8294f3d94f0e75ab28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXZ1MA1RTC9H158DBMXB1YHZ
date: Wed, 15 May 2024 21:13:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 8816
cache-status: "Netlify Edge"; hit
etag: "6ce1e9e8599b1e5f4a2af2151eaf5aa9-ssl"
content-type: image/png
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 94006

GET
H2 200 WZ0i3ciKJp19.png
newmedappdate.netlify.app/Folder/ 127 KB
127 KB 16ms
15ms Image
image/png 2a05:d014:275:cb01::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newmedappdate.netlify.app/Folder/WZ0i3ciKJp19.png

Requested by

Host: pub-d66b247c05b343c1b624fde64a178feb.r2.dev
URL: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

96c9ec39ea7361144c797060b09398fa43bff0dca108225afe910461c1ee73a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXZ1MA28DEAA5E57YKZ1J80T
date: Wed, 15 May 2024 21:13:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 8816
cache-status: "Netlify Edge"; hit
etag: "f6e28c29da153bd1631563a6bdb6c241-ssl"
content-type: image/png
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 130032

GET
H2 200 8Sy1Q1E1EfZN.png
newmedappdate.netlify.app/Folder/ 139 KB
140 KB 8ms
8ms Image
image/png 2a05:d014:275:cb01::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newmedappdate.netlify.app/Folder/8Sy1Q1E1EfZN.png

Requested by

Host: pub-d66b247c05b343c1b624fde64a178feb.r2.dev
URL: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

f50d7f92ceba5914f2e7574605800f7b43ac355d2544857eaa25c728bf7111c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXZ1MA2RY3YJPTZFJ5VP7MZX
date: Wed, 15 May 2024 21:13:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 8816
cache-status: "Netlify Edge"; hit
etag: "f2677c2381fc8ef42a6778d292cc2cfb-ssl"
content-type: image/png
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 142771

GET
H2 200 eGfjLjEcIGAc.png
newmedappdate.netlify.app/Folder/ 140 KB
140 KB 8ms
8ms Image
image/png 2a05:d014:275:cb01::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newmedappdate.netlify.app/Folder/eGfjLjEcIGAc.png

Requested by

Host: pub-d66b247c05b343c1b624fde64a178feb.r2.dev
URL: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

bac2c823a8696c6a658e36167eacd615f5ef53781274e77ddc8e9946205fe309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXZ1MA9RDCA9HAM0SHQ9P0R6
date: Wed, 15 May 2024 21:13:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 8816
cache-status: "Netlify Edge"; hit
etag: "1f7d38e70ae40bea88277df450a6b064-ssl"
content-type: image/png
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 143614

GET
H2 200 a9SypYD4A2v9.png
newmedappdate.netlify.app/Folder/ 143 KB
143 KB 8ms
8ms Image
image/png 2a05:d014:275:cb01::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newmedappdate.netlify.app/Folder/a9SypYD4A2v9.png

Requested by

Host: pub-d66b247c05b343c1b624fde64a178feb.r2.dev
URL: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

b98d5ed89d2ce6b5143e31feb7c4ed60b63c8c6e08ae4f60385a8e7bf6899c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXZ1MAA2J9GAYFA9T5JBE1PA
date: Wed, 15 May 2024 21:13:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 8816
cache-status: "Netlify Edge"; hit
etag: "84826b699c6448a7becbd6f603a03317-ssl"
content-type: image/png
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 146477

GET %66%6F%6E%74%73.%70%6E%67
0174meldingen.online/%63%73%73/%43%72%79%70%74%6F/ 0
0

GET
H2 200 jquery-3.1.1.min.js Show response
code.jquery.com/ 85 KB
0 0ms
0ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.min.js
Requested by: Host: pub-d66b247c05b343c1b624fde64a178feb.r2.dev
URL: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 21:13:14 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3253684
x-cache: HIT, HIT
content-length: 30070
x-served-by: cache-lga21947-LGA, cache-fra-etou8220093-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1715807595.551940,VS0,VE0
etag: W/"28feccc0-152b5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 93, 23136

GET
H2 200 mfkNbEskGSwj.svg
newmedappdate.netlify.app/Folder/ 2 KB
65 B 9ms
8ms Image
image/svg+xml 2a05:d014:275:cb01::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newmedappdate.netlify.app/Folder/mfkNbEskGSwj.svg

Requested by

Host: pub-d66b247c05b343c1b624fde64a178feb.r2.dev
URL: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

7c34850991c3b7dd8816ea3314a4ddf849f6fa94a5fc39b2493593f9f6aac253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXZ1MAGJDQ9G8C30VM3SGW3E
date: Wed, 15 May 2024 21:13:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
server: Netlify
age: 8816
cache-status: "Netlify Edge"; hit
etag: "3553cfc4584e5cd2ea4ca1cbd3151f7d-ssl-df"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 891

GET
H2 200 eGfjLjEcIGAc.png
newmedappdate.netlify.app/Folder/ 140 KB
40 B 22ms
22ms Image
image/png 2a05:d014:275:cb01::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newmedappdate.netlify.app/Folder/eGfjLjEcIGAc.png

Requested by

Host: pub-d66b247c05b343c1b624fde64a178feb.r2.dev
URL: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

bac2c823a8696c6a658e36167eacd615f5ef53781274e77ddc8e9946205fe309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXZ1MAGJ47RSA23Y6DTBAAC5
date: Wed, 15 May 2024 21:13:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 8816
cache-status: "Netlify Edge"; hit
etag: "1f7d38e70ae40bea88277df450a6b064-ssl"
content-type: image/png
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 143614

GET
H2 206 Bflfh7PtIV1m.mov
newmedappdate.netlify.app/Folder/ 80 KB
0 10ms
9ms Media
video/quicktime 2a05:d014:275:cb01::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newmedappdate.netlify.app/Folder/Bflfh7PtIV1m.mov

Requested by

Host: pub-d66b247c05b343c1b624fde64a178feb.r2.dev
URL: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXZ1MAGQN7K2A7P9K0754P5M
date: Wed, 15 May 2024 21:13:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 8816
cache-status: "Netlify Edge"; hit
etag: "d3779301f4f187459d906e549889d7c5-ssl"
content-type: video/quicktime
Content-Range: bytes 0-820217/820218
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
Content-Length: 820218

GET
H2 206 Bflfh7PtIV1m.mov
newmedappdate.netlify.app/Folder/ 33 KB
33 KB 13ms
12ms Media
video/quicktime 2a05:d014:275:cb01::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newmedappdate.netlify.app/Folder/Bflfh7PtIV1m.mov

Requested by

Host: pub-d66b247c05b343c1b624fde64a178feb.r2.dev
URL: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

c87c33b358ec9ac0f76c40a98c6cc16dabe5c00329e4e45f7c5d183f29606624

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Range: bytes=786432-
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXZ1MAH4N927MNA3BXSMG5FC
date: Wed, 15 May 2024 21:13:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 8816
cache-status: "Netlify Edge"; hit
etag: "d3779301f4f187459d906e549889d7c5-ssl"
content-type: video/quicktime
Content-Range: bytes 786432-820217/820218
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
Content-Length: 33786

GET
H2 206 Bflfh7PtIV1m.mov
newmedappdate.netlify.app/Folder/ 737 KB
649 KB 9ms
7ms Media
video/quicktime 2a05:d014:275:cb01::c8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newmedappdate.netlify.app/Folder/Bflfh7PtIV1m.mov

Requested by

Host: pub-d66b247c05b343c1b624fde64a178feb.r2.dev
URL: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:275:cb01::c8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

f0bd4a87030a8359cda954cd78052993756d831ac4513b1257b3423eb1aa6fa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Range: bytes=65536-
sec-ch-ua-platform: "Win32"

Response headers

x-nf-request-id: 01HXZ1MAHRWVCXZC0BAN0PY5QJ
date: Wed, 15 May 2024 21:13:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: Netlify
age: 8816
cache-status: "Netlify Edge"; hit
etag: "d3779301f4f187459d906e549889d7c5-ssl"
content-type: video/quicktime
Content-Range: bytes 65536-820217/820218
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
Content-Length: 754682

GET
H/1.1 404
Not Found favicon.ico
pub-d66b247c05b343c1b624fde64a178feb.r2.dev/ 27 KB
27 KB 51ms
51ms Other
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 21:13:15 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 8846217d3fde3617-FRA
Content-Length: 27242
Vary: Accept-Encoding
Content-Type: text/html

GET
DATA 200
OK truncated
/ 37 KB
37 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34

Request headers

Referer
Origin: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13c19ec8ecbdb0854e61b191ea4f6a9820760381bf6ce39d4e18193a4b808ca5

Request headers

Referer
Origin: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 0174meldingen.online
URL: https://0174meldingen.online/%63%73%73/%43%72%79%70%74%6F/%66%6F%6E%74%73.%70%6E%67

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pub-d66b247c05b343c1b624fde64a178feb.r2.dev/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0174meldingen.online
ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
newmedappdate.netlify.app
pub-d66b247c05b343c1b624fde64a178feb.r2.dev
0174meldingen.online
2606:4700::6811:190e
2606:4700::6812:323
2a00:1450:4001:810::200a
2a04:4e42:400::649
2a05:d014:275:cb01::c8
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
13c19ec8ecbdb0854e61b191ea4f6a9820760381bf6ce39d4e18193a4b808ca5
1683b3bf200cdae3e8d70e9cd3e07c717e10117613bbf229a19336a457b165fb
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499
6626713211e198c04d94e042abd4d81cb92c73d149da01ec209408d83be959e5
7c34850991c3b7dd8816ea3314a4ddf849f6fa94a5fc39b2493593f9f6aac253
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
91d6b82c75ef8695f4c907c99e9239458afab5f00159eb8294f3d94f0e75ab28
96c9ec39ea7361144c797060b09398fa43bff0dca108225afe910461c1ee73a3
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
b98d5ed89d2ce6b5143e31feb7c4ed60b63c8c6e08ae4f60385a8e7bf6899c53
bac2c823a8696c6a658e36167eacd615f5ef53781274e77ddc8e9946205fe309
c87c33b358ec9ac0f76c40a98c6cc16dabe5c00329e4e45f7c5d183f29606624
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
f0bd4a87030a8359cda954cd78052993756d831ac4513b1257b3423eb1aa6fa8
f50d7f92ceba5914f2e7574605800f7b43ac355d2544857eaa25c728bf7111c2

pub-d66b247c05b343c1b624fde64a178feb.r2.dev Open in urlscan Pro 2606:4700::6812:323 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

95 %HTTPS

100 %IPv6

6 Domains

6 Subdomains

6 IPs

2 Countries

1924 kBTransfer

2656 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

pub-d66b247c05b343c1b624fde64a178feb.r2.dev Open in urlscan Pro
2606:4700::6812:323 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

95 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

1924 kB
Transfer

2656 kB
Size

0
Cookies

20 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!