main.ds4azd6yoma7a.amplifyapp.com
18.64.122.52 Malicious Activity! Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

URL:
https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644 1mo old
Submission: On April 17 via manual (April 17th 2026, 2:09:48 am UTC) from JP — Scanned from JP

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 37 HTTP transactions. The main IP is 18.64.122.52, located in United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is main.ds4azd6yoma7a.amplifyapp.com. 1mo old
TLS certificate: Issued by Amazon RSA 2048 M04 on April 17th 2026. Valid for: 7mo.

This is the only time main.ds4azd6yoma7a.amplifyapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
2 31	18.64.122.52 18.64.122.52	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	57.155.120.218 57.155.120.218	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	172.66.44.254 172.66.44.254	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2603:1061:14:... 2603:1061:14:187::1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	51.8.207.171 51.8.207.171	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1 2	2603:1061:14:... 2603:1061:14:189::1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1 1	2620:1ec:33:2... 2620:1ec:33:2::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
37	7

31 18.64.122.52 (United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-18-64-122-52.nrt12.r.cloudfront.net

main.ds4azd6yoma7a.amplifyapp.com 1mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 57.155.120.218 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

www.clarity.ms 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 172.66.44.254 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

mj-5ye.pages.dev 4mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2603:1061:14:187::1 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

scripts.clarity.ms 9mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 51.8.207.171 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

l.clarity.ms 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2603:1061:14:189::1 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

c.clarity.ms 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2620:1ec:33:2::10 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

c.bing.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
31	amplifyapp.com 2 redirects main.ds4azd6yoma7a.amplifyapp.com 1mo old	600 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 424 8yr old scripts.clarity.ms — Cisco Umbrella Rank: 581 9mo old l.clarity.ms — Cisco Umbrella Rank: 5450 5yr old c.clarity.ms — Cisco Umbrella Rank: 748 5yr old	29 KB
2	pages.dev mj-5ye.pages.dev 4mo old
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 197 13yr old	773 B
0	onrender.com Failed newpp81.onrender.com Failed 4mo old
37	5

	Domain	Requested by
31	main.ds4azd6yoma7a.amplifyapp.com	2 redirects main.ds4azd6yoma7a.amplifyapp.com
2	c.clarity.ms	1 redirects
2	l.clarity.ms	scripts.clarity.ms
2	mj-5ye.pages.dev	main.ds4azd6yoma7a.amplifyapp.com
1	c.bing.com	1 redirects
1	scripts.clarity.ms	www.clarity.ms
1	www.clarity.ms	main.ds4azd6yoma7a.amplifyapp.com
0	newpp81.onrender.com Failed	main.ds4azd6yoma7a.amplifyapp.com
37	8

This site contains no links.

Subject Issuer	Validity	Valid
*.ds4azd6yoma7a.amplifyapp.com Amazon RSA 2048 M04	`2026-04-17` - `2026-10-31`	7mo	crt.sh
a.tag.clarity.ms Microsoft TLS G2 RSA CA OCSP 04	`2026-03-04` - `2026-08-31`	6mo	crt.sh
mj-5ye.pages.dev WE1	`2026-03-28` - `2026-06-26`	3mo	crt.sh
scripts.clarity.ms Microsoft TLS G2 RSA CA OCSP 02	`2026-04-07` - `2026-10-04`	6mo	crt.sh
a.clarity.ms Microsoft TLS G2 RSA CA OCSP 02	`2026-03-04` - `2026-08-31`	6mo	crt.sh

This page contains 1 frames:

Primary Page: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Frame ID: 1E21028453590577AA9241E7D45B4269
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ヘルプデスクを取得 -01JP21

Detected technologies

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

jquery
/jquery(?:-(\d+\.\d+\.\d+))[/.-]

Page Statistics

37
Requests

89 %
HTTPS

43 %
IPv6

5
Domains

8
Subdomains

7
IPs

3
Countries

628 kB
Transfer

1487 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://main.ds4azd6yoma7a.amplifyapp.com/events HTTP 301
https://main.ds4azd6yoma7a.amplifyapp.com/events/

Request Chain 31

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=725673F28DF645688AB71897CE796932&RedC=c.clarity.ms&MXFR=0F09A01D5B43601211ACB7235F436E1D HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=725673F28DF645688AB71897CE796932&MUID=2516E3F5A4BA62881A9FF4CBA5C2637A

Request Chain 32

https://main.ds4azd6yoma7a.amplifyapp.com/index_1.html HTTP 301
https://main.ds4azd6yoma7a.amplifyapp.com/index_1/

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
main.ds4azd6yoma7a.amplifyapp.com/ 14 KB
5 KB 87ms
5ms Document
text/html 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2fcab6be2021e3456fefbdb8d6175039c011cbeaa7b2467e6690a8d4a20f5e2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

age: 260
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
content-type: text/html
date: Fri, 17 Apr 2026 02:05:29 GMT
etag: W/"44074779a2df7a9c2ca550e60111eff7"
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 e3eedb321410bc8954938be244c29b8e.cloudfront.net (CloudFront)
x-amz-cf-id: CAg-y8r9hrP6oY2VNzoelMvxaFzgxZ5huuFenpvZD5ysvgUHg5EA6A==
x-amz-cf-pop: NRT12-P1
x-cache: Hit from cloudfront

GET
H2 200 script.manual.min.js Show response
main.ds4azd6yoma7a.amplifyapp.com/js/ 1 KB
945 B 13ms
10ms Script
text/javascript 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/js/script.manual.min.js
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f76d6601aec548e26e8b9ae2f45bcae2ae331a409dddfd92f022b63845052175

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"124795936209aa9084c20facbd6a9df5"
age: 259
via: 1.1 e3eedb321410bc8954938be244c29b8e.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: BdCZLct-H0W1A07J8r2hAwMQBIonmZQs2y1VNbw9kBmEAJ_eL7x0rg==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: text/javascript
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1
vary: Accept-Encoding

GET
H2 200 01css32bd.css
main.ds4azd6yoma7a.amplifyapp.com/css/ 18 KB
4 KB 8ms
6ms Stylesheet
text/css 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/css/01css32bd.css
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7a738278d81398475643b61e8337eebe912009c7d5d39854141ce5fb55cfbdec

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"829b989d370a66562d2800df22c13a2a"
age: 259
via: 1.1 e3eedb321410bc8954938be244c29b8e.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: FeHdESuM0B4qWhYYtRx8-2N-BmknEW0LxG060k_E1fHhIJckS75OXQ==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: text/css
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1
vary: Accept-Encoding

GET
H2 200 jquery-1.4.4.min.js Show response
main.ds4azd6yoma7a.amplifyapp.com/js/ 77 KB
26 KB 9ms
7ms Script
text/javascript 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/js/jquery-1.4.4.min.js
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"73a9c334c5ca71d70d092b42064f6476"
age: 259
via: 1.1 e3eedb321410bc8954938be244c29b8e.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: cpUFChbionmbAPP7UGhQMiCrnEMuTG2wFkyEWG6m9JRAI_lQRsup9w==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: text/javascript
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1
vary: Accept-Encoding

GET
H2 200 12dgdur.js Show response
main.ds4azd6yoma7a.amplifyapp.com/js/ 164 KB
35 KB 10ms
8ms Script
text/javascript 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/js/12dgdur.js
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dac67b4d40ccdab250479a4fc8644de097b58e90039bb8254537fb60148a85b1

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"3c61f42a030a7c4c90031b5353faf4ad"
age: 259
via: 1.1 e3eedb321410bc8954938be244c29b8e.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: BOwRWRFhpVDog8RJPpuogEB3Yweqrp5-Rn6BttN1MYDymtqzHSK2RQ==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: text/javascript
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1
vary: Accept-Encoding

GET
H2 200 11gfdjuef.js Show response
main.ds4azd6yoma7a.amplifyapp.com/js/ 7 KB
1 KB 10ms
9ms Script
text/javascript 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/js/11gfdjuef.js
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ce965395dab2a14b0edb0f3851cb38d0a031d9e0e1bba3d0a09cc06730738b8

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"bc3bc8f225db800a86111f9b23e30a1f"
age: 259
via: 1.1 e3eedb321410bc8954938be244c29b8e.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: yryZoqWMNznMohAb_o0dKRuy8Mi82rbRznsZ3_lwXjzyxExtldqOjQ==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: text/javascript
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1
vary: Accept-Encoding

GET
H2 200 09sgsgsfr.js Show response
main.ds4azd6yoma7a.amplifyapp.com/js/ 0
371 B 12ms
10ms Script
text/javascript 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/js/09sgsgsfr.js
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 259
via: 1.1 e3eedb321410bc8954938be244c29b8e.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 0
x-amz-cf-id: XeDYKnwloT4rTqvd1qZIELBehbL4gR6Q5qe8XFV5xRc3nYLRYtqKzQ==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: text/javascript
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1

GET
H2 200 13dugfjdf.js Show response
main.ds4azd6yoma7a.amplifyapp.com/js/ 482 B
873 B 13ms
11ms Script
text/javascript 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/js/13dugfjdf.js
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4f3bc4e75efb722542d52947ad623b09a164380454f26decceab576e0af59d1

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "94d312a8f4107a095bae3b1d37be439f"
age: 259
via: 1.1 e3eedb321410bc8954938be244c29b8e.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 482
x-amz-cf-id: 6-J8s4rbmvx-fLz_YiKv10IZ2Oxyk-fQ2BDoHWdOI1QdX61Empk3IQ==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: text/javascript
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1

GET
H2 200 fesbg.png
main.ds4azd6yoma7a.amplifyapp.com/images/ 294 KB
294 KB 13ms
12ms Image
image/png 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/images/fesbg.png
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3b4a81e6687a2153a530d448edc8ef11e9034c68636c9b98950092cd4313515

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "165fe97127e1d1414c5070caa56d3a36"
age: 259
via: 1.1 e3eedb321410bc8954938be244c29b8e.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 300642
x-amz-cf-id: E6du49BjZx5vOWL_KCOMjl6xEwxjUo8yMdz2WRiXHMSHYSh2jn6S9w==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: image/png
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1

GET
H2 200 bx1.png
main.ds4azd6yoma7a.amplifyapp.com/images/ 116 KB
117 KB 16ms
15ms Image
image/png 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/images/bx1.png
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 02b2f65af6dc9b2d3ce4524cc0df3939a2cc8f851ec39439f417faf7729bda35

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "375f2aedc7a2c955f3a3d6086ab9560b"
age: 259
via: 1.1 e3eedb321410bc8954938be244c29b8e.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 119079
x-amz-cf-id: Y-tJq-f6SU_qAT1X87CUtiQT_e5YVInNUn9swY8igY7pS01zTtry1A==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: image/png
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1

GET
H3 200 web1.png
main.ds4azd6yoma7a.amplifyapp.com/images/ 58 KB
58 KB 6ms
5ms Image
image/png 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/images/web1.png
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20b06790b46a305c70cdd9837e24abaa5511aed95df8fa54ad0c9ff117c6042d

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "3c4478d9526bbac9186ed7b1f68a228d"
age: 259
via: 1.1 f2f4975292b62b8912a072e49f082cbc.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 59561
x-amz-cf-id: o7n57wON7y3gPHiGOeJAT3C_-85pBVbF3zRA30dOzRozR1R5zu64ng==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: image/png
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1

GET
H3 200 img01df.png
main.ds4azd6yoma7a.amplifyapp.com/images/ 148 B
451 B 11ms
8ms Image
image/png 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/images/img01df.png
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "786e451b89111d04cb1fba3d32c398fa"
age: 259
via: 1.1 f2f4975292b62b8912a072e49f082cbc.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 148
x-amz-cf-id: lO26UhrKvX7skvmCpTUbHSI44Q2LzVIBy-tUqgSTWQP-Bk9e-z6klQ==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: image/png
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1

GET
H3 200 winlo.png
main.ds4azd6yoma7a.amplifyapp.com/images/ 12 KB
12 KB 11ms
8ms Image
image/png 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/images/winlo.png
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 250008e9dc0fe4d75cdb46c8ba05ad92f49496361419cc526ebbddaefa2f84d2

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "20fc730f7b1ae7b900f66dbc7ddc3fc3"
age: 259
via: 1.1 f2f4975292b62b8912a072e49f082cbc.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 12386
x-amz-cf-id: p8w4LNfwUWFdvLPJ1PFpcL3OE4a1lL-7qABrk8rcP7SCcIiRox1Gzg==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: image/png
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1

GET
H3 200 dm.png
main.ds4azd6yoma7a.amplifyapp.com/images/ 347 B
651 B 14ms
12ms Image
image/png 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/images/dm.png
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1062361de4627c89f8ea0541b529769540a46687daa3f4b5c9e4a84e3de604d5

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "4a39876d0660cfe5b1f5cb073498c66d"
age: 259
via: 1.1 f2f4975292b62b8912a072e49f082cbc.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 347
x-amz-cf-id: 35xWLp877-LbxF4KvmaHebW6EwXadOp-8vEozAZaDBJzRVvIHfb7Gw==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: image/png
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1

GET
H3 200 cs.png
main.ds4azd6yoma7a.amplifyapp.com/images/ 3 KB
3 KB 15ms
13ms Image
image/png 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/images/cs.png
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1e9d0861c6671644ad118df8150e394f8cba36b9536f64898bd35919e5515b4

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "911f04c21d791a20574a4b287b60d3af"
age: 259
via: 1.1 f2f4975292b62b8912a072e49f082cbc.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 3152
x-amz-cf-id: kyQpKjwOSBhvpYJuCxueFmLvsliHKu3ExE1x2ersXpUeZlbWlwQR8g==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: image/png
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1

GET
H3 200 re.gif
main.ds4azd6yoma7a.amplifyapp.com/images/ 14 KB
15 KB 15ms
13ms Image
image/gif 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/images/re.gif
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "6fcb78e0cd7933a70eea2cf071f82118"
age: 259
via: 1.1 f2f4975292b62b8912a072e49f082cbc.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 14751
x-amz-cf-id: DV0WaAayAX9OPc_tKKtJZ9eXtHrf0_VOy7j6jfeLxyhXzz0pK3GVYg==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: image/gif
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1

GET
H3 200 08dgsg3d.js Show response
main.ds4azd6yoma7a.amplifyapp.com/js/ 3 KB
1 KB 11ms
9ms Script
text/javascript 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/js/08dgsg3d.js
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce9616dc67cea493708d1bb4c1abb8ac969d99c07240f2d807e39f015952f545

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"8b7bad9feac78dba055fbf980710f250"
age: 259
via: 1.1 f2f4975292b62b8912a072e49f082cbc.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: E6elb-rCCu7eC8dNnQc9_-jGCuxnopwy1c9HptLwwKNjssQ9WcvWbg==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: text/javascript
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1
vary: Accept-Encoding

GET
H3 200 07sdgsg4.js Show response
main.ds4azd6yoma7a.amplifyapp.com/js/ 502 B
817 B 12ms
10ms Script
text/javascript 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/js/07sdgsg4.js
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 651fac0cdd16e75985e56ad77570f0a978aaedcf21f2a13db9c59d8925f82431

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "f67e907ae4048d5a9905fd36828a822e"
age: 259
via: 1.1 f2f4975292b62b8912a072e49f082cbc.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 502
x-amz-cf-id: LH2TE_zrQUBdKMx6xRycJY0-J_BuZsNzznre16g2XbKVNRh-xGfMnQ==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: text/javascript
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1

GET
H3 200 06hshs.js Show response
main.ds4azd6yoma7a.amplifyapp.com/js/ 15 KB
5 KB 11ms
9ms Script
text/javascript 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/js/06hshs.js
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ef9633a9637e4167a4202a9c1f0c3376ad5451346e759371fda0dcbada2d118

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"d20a8fff8c987318235cad8b9e08eeff"
age: 259
via: 1.1 f2f4975292b62b8912a072e49f082cbc.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 9_MS9hHfERAqzTWnvwVgqdJ6nP3VcHXLmgpxmzp6xz5uup50panK4w==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: text/javascript
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1
vary: Accept-Encoding

GET
H3 200 05sdghdf.js Show response
main.ds4azd6yoma7a.amplifyapp.com/js/ 1 KB
739 B 12ms
10ms Script
text/javascript 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/js/05sdghdf.js
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed1a100bcf8740c56e4bd57cff82386afe9149ef7f8051610f9ca6fe1952bd3d

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"795db086c6ed2eac9332a556e18976f1"
age: 259
via: 1.1 f2f4975292b62b8912a072e49f082cbc.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: bZovziZHzEpok32nlUmIfQD-uyJn_LkMrJ9rndJ-1L_Yw_pfwxWBbg==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: text/javascript
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1
vary: Accept-Encoding

GET
H3 200 04shesc1.js Show response
main.ds4azd6yoma7a.amplifyapp.com/js/ 85 B
400 B 12ms
10ms Script
text/javascript 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/js/04shesc1.js
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9318f4c19c26a4cd08a3ed06fc21fdd6ebe7cda4c12add30b75007d30dad3f7a

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "f9bbaa8dfa61570c8bf088f2c3985aab"
age: 259
via: 1.1 f2f4975292b62b8912a072e49f082cbc.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 85
x-amz-cf-id: YrDnAvjnFWjDPjFPet8WJ3Q4gQE69eMJIrEa070lUBlFgEX5l7s1lg==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: text/javascript
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1

GET
H3 200 03fgsskryeivh.js Show response
main.ds4azd6yoma7a.amplifyapp.com/js/ 1 KB
502 B 14ms
12ms Script
text/javascript 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/js/03fgsskryeivh.js
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbd14f6950ad5739f32d2124d9680cc5638c7d8f0bd2a4c757970b80e6c9449b

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"c801c2cb1283b9d7bcec21e799053438"
age: 259
via: 1.1 f2f4975292b62b8912a072e49f082cbc.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 7LGrJ7t0Of8qvSawxw4w38aEKdGQupLcc80_2C2x5vVj7FLY-vFV0w==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: text/javascript
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1
vary: Accept-Encoding

GET
H3 200 02dgdsg3d.js Show response
main.ds4azd6yoma7a.amplifyapp.com/js/ 3 KB
1 KB 15ms
13ms Script
text/javascript 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/js/02dgdsg3d.js
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 479e677c94b37c194a8920892304c006ac89f629c4365574b9c537dc7e5f0dba

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"93ada8838724bd58eace4f4c0340a00e"
age: 259
via: 1.1 f2f4975292b62b8912a072e49f082cbc.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: QksFO_Mc7bKgdo5rqhmbKey4g0ruljMagbaleZ4hpdVVc-uKEJBsyQ==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: text/javascript
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1
vary: Accept-Encoding

GET
H3 200 01d1fgshfddfg.js Show response
main.ds4azd6yoma7a.amplifyapp.com/js/ 3 KB
1 KB 14ms
13ms Script
text/javascript 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/js/01d1fgshfddfg.js
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09f80ca10802f98940f23c2a76b9b77223896613dd88255aa615a8b6aac9b0ca

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"3f456601d270ab3d5dfcfe10b2137b41"
age: 259
via: 1.1 f2f4975292b62b8912a072e49f082cbc.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: LE3-4KgOUcxg8VFmVC6E52tht42_FiaxB8CfQjdjPP4_zTUvR1PFFg==
date: Fri, 17 Apr 2026 02:05:30 GMT
content-type: text/javascript
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1
vary: Accept-Encoding

GET
H/1.1 200
OK u1z6j742c5 Show response
www.clarity.ms/tag/ 748 B
1 KB 240ms
82ms Script
application/x-javascript 57.155.120.218
Microsoft Corpora...

General

Check archive.org

Download Go to

Full URL: https://www.clarity.ms/tag/u1z6j742c5
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 57.155.120.218 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: nginx /
Resource Hash: d041f359807bdc4a6c5c0b2ea4617f5e28a1d2e17cc143ed322564977a6c15f8

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Cache-Control: no-cache, no-store
Connection: keep-alive
Request-Context: appId=cid-v1:a894a21c-0197-44e5-b203-3cbc01252c82
Expires: -1
Content-Length: 748
Date: Fri, 17 Apr 2026 02:09:49 GMT
Content-Type: application/x-javascript
Server: nginx

GET
H3

404

/ Show response
main.ds4azd6yoma7a.amplifyapp.com/events/
Redirect Chain

https://main.ds4azd6yoma7a.amplifyapp.com/events
https://main.ds4azd6yoma7a.amplifyapp.com/events/

14 KB
5 KB

348ms
348ms

XHR
text/html

18.64.122.52
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/events/
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H3
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2fcab6be2021e3456fefbdb8d6175039c011cbeaa7b2467e6690a8d4a20f5e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644

Response headers

content-encoding: br
etag: W/"44074779a2df7a9c2ca550e60111eff7"
via: 1.1 f2f4975292b62b8912a072e49f082cbc.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Error from cloudfront
x-amz-cf-id: 7BB0SMVV2encdwA9-gIUCGJSW271YMPGQ0yBEqFQYDGFPO6D2mPhKg==
date: Fri, 17 Apr 2026 02:09:49 GMT
content-type: text/html
x-amz-cf-pop: NRT12-P1
server: AmazonS3
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
vary: Accept-Encoding

Redirect headers

location: /events/
via: 1.1 f2f4975292b62b8912a072e49f082cbc.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: c5JbQCN-WXcLNlK63ICbj39X8ERc3Oay-d4csycgZL1JNgz1Y6sVCw==
date: Fri, 17 Apr 2026 02:09:49 GMT
x-amz-cf-pop: NRT12-P1
server: AmazonS3

GET 02sghsjp2.mp4
newpp81.onrender.com/ 0
0

GET
H3 404 dgdh1.wav
main.ds4azd6yoma7a.amplifyapp.com/ 0
0 381ms
380ms Media
text/html 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/dgdh1.wav
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Range: bytes=0-
sec-ch-ua-mobile: ?0

Response headers

etag: "44074779a2df7a9c2ca550e60111eff7"
via: 1.1 f2f4975292b62b8912a072e49f082cbc.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Error from cloudfront
content-length: 13922
x-amz-cf-id: uOr8k4-opwRENapvKAnfZBQetUpWEjwot88WN7q0X3GO0frfLFRGzQ==
date: Fri, 17 Apr 2026 02:09:49 GMT
content-type: text/html
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1

GET
H3 404 hel0sgfy.mp4
main.ds4azd6yoma7a.amplifyapp.com/ 8 KB
0 414ms
414ms Media
text/html 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/hel0sgfy.mp4
Requested by: Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Range: bytes=0-
sec-ch-ua-mobile: ?0

Response headers

etag: "44074779a2df7a9c2ca550e60111eff7"
via: 1.1 f2f4975292b62b8912a072e49f082cbc.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Error from cloudfront
content-length: 13922
x-amz-cf-id: -SNbsTHKArbbHmq_iAAULSys2Sw_1KZYufOEgsPBYHZgUhmNXGYTAA==
date: Fri, 17 Apr 2026 02:09:49 GMT
content-type: text/html
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1

GET
H3 200 02sghsjp2.mp4
mj-5ye.pages.dev/ 296 KB
0 57ms
36ms Media
video/mp4 172.66.44.254
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://mj-5ye.pages.dev/02sghsjp2.mp4

Requested by

Host: main.ds4azd6yoma7a.amplifyapp.com
URL: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.254 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Range: bytes=0-
sec-ch-ua-mobile: ?0

Response headers

nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "097802ed773d773edff79d9a3ba35d0c"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=BPlY%2BbETb0xh8OMjZP5CUvyiY6epQ6tdXdm5vYBMxyKc5Hv4vUNe21Efgx4PleKXpujRDgTyRfgxb1hdP9YpMxG%2BaCfOqWjb6tRJZnNEkaGAzdfrDYEEIBLDlsprDfDTyxlS"}]}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 9ed7e3cbefedeb78-NRT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1701582
server-timing: cfExtPri
date: Fri, 17 Apr 2026 02:09:49 GMT
content-type: video/mp4
server: cloudflare
priority: u=3,i

GET
H2 200 clarity.js Show response
scripts.clarity.ms/0.8.59/ 80 KB
26 KB 36ms
7ms Script
application/javascript 2603:1061:14:187::1
Microsoft Corpora...

General

Check archive.org

Download Go to

Full URL: https://scripts.clarity.ms/0.8.59/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/u1z6j742c5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2603:1061:14:187::1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: 6a00b1393bd74ac062ad19c64062eee1ae9c257e24949b55813a9462a4820e54

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-azure-ref: 20260417T020949Z-1754b6657747cqpphC1TYOzb0n00000007500000000055qc
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DE8F624A5C8803"
x-fd-int-roxy-purgeid: 1
x-ms-request-id: e7fbe050-401e-0078-63c9-cc8d23000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Fri, 17 Apr 2026 02:09:49 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 31 Mar 2026 20:15:45 GMT

POST
H/1.1 204
No Content collect Show response
l.clarity.ms/ 0
297 B 524ms
179ms XHR
text/plain 51.8.207.171
Microsoft Corpora...

General

Check archive.org

Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: scripts.clarity.ms
URL: https://scripts.clarity.ms/0.8.59/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.8.207.171 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Request-Context: appId=cid-v1:a449a586-8786-487f-a449-dc1b282a2628
Access-Control-Allow-Origin: https://main.ds4azd6yoma7a.amplifyapp.com
Date: Fri, 17 Apr 2026 02:09:50 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=725673F28DF645688AB71897CE796932&RedC=c.clarity.ms&MXFR=0F09A01D5B43601211ACB7235F436E1D
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=725673F28DF645688AB71897CE796932&MUID=2516E3F5A4BA62881A9FF4CBA5C2637A

42 B
720 B

31ms
31ms

Image
image/gif

2603:1061:14:189::1
Microsoft Corpora...

General

Check archive.org

Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=725673F28DF645688AB71897CE796932&MUID=2516E3F5A4BA62881A9FF4CBA5C2637A
Protocol: H2
Server: 2603:1061:14:189::1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "27e0696673c0dc1:0"
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 42
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Fri, 17 Apr 2026 02:09:50 GMT
content-type: image/gif
last-modified: Mon, 30 Mar 2026 18:31:18 GMT
x-powered-by: ASP.NET
x-azure-ref: 20260417T020950Z-1665d9f7cc6m572vhC1TYOkvx000000006u0000000006acw

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=725673F28DF645688AB71897CE796932&MUID=2516E3F5A4BA62881A9FF4CBA5C2637A
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AB463C7656BE40C58F7580FA01142EB6 Ref B: TYO01EDGE3414 Ref C: 2026-04-17T02:09:49Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Fri, 17 Apr 2026 02:09:49 GMT
x-powered-by: ASP.NET

GET
H3

404

/
main.ds4azd6yoma7a.amplifyapp.com/index_1/
Redirect Chain

https://main.ds4azd6yoma7a.amplifyapp.com/index_1.html
https://main.ds4azd6yoma7a.amplifyapp.com/index_1/

14 KB
5 KB

359ms
358ms

Other
text/html

18.64.122.52
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/index_1/
Protocol: H3
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2fcab6be2021e3456fefbdb8d6175039c011cbeaa7b2467e6690a8d4a20f5e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644

Response headers

content-encoding: br
etag: W/"44074779a2df7a9c2ca550e60111eff7"
via: 1.1 f2f4975292b62b8912a072e49f082cbc.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Error from cloudfront
x-amz-cf-id: VjJvm_em7wXPULqwjOIvh9VyeWyfA_5lcoGQBCnFur2AI7THXAKlgA==
date: Fri, 17 Apr 2026 02:09:50 GMT
content-type: text/html
x-amz-cf-pop: NRT12-P1
server: AmazonS3
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
vary: Accept-Encoding

Redirect headers

location: /index_1/
via: 1.1 f2f4975292b62b8912a072e49f082cbc.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: 88PHF62yfLeNRv1Q1NxZZ8ByfN6uX8gpHfJePgCZt_C5P-BGqktkCw==
date: Fri, 17 Apr 2026 02:09:50 GMT
x-amz-cf-pop: NRT12-P1
server: AmazonS3

GET
H3 200 index.html
main.ds4azd6yoma7a.amplifyapp.com/ 14 KB
5 KB 6ms
6ms Other
text/html 18.64.122.52
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.ds4azd6yoma7a.amplifyapp.com/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.64.122.52 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-18-64-122-52.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2fcab6be2021e3456fefbdb8d6175039c011cbeaa7b2467e6690a8d4a20f5e2

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/?gad_source=5&gad_campaignid=23762316644
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"44074779a2df7a9c2ca550e60111eff7"
age: 251
via: 1.1 f2f4975292b62b8912a072e49f082cbc.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: RC9vKgK5okxgxEc9P8PDgqidggTvnFVYDsAS8OG46v732XCGuL0Oeg==
date: Fri, 17 Apr 2026 02:05:39 GMT
content-type: text/html
last-modified: Fri, 17 Apr 2026 02:05:05 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-P1
vary: Accept-Encoding

POST
H/1.1 204
No Content collect Show response
l.clarity.ms/ 0
297 B 172ms
171ms XHR
text/plain 51.8.207.171
Microsoft Corpora...

General

Check archive.org

Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: scripts.clarity.ms
URL: https://scripts.clarity.ms/0.8.59/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.8.207.171 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Request-Context: appId=cid-v1:a449a586-8786-487f-a449-dc1b282a2628
Access-Control-Allow-Origin: https://main.ds4azd6yoma7a.amplifyapp.com
Date: Fri, 17 Apr 2026 02:09:50 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H3 206
Partial Content 02sghsjp2.mp4
mj-5ye.pages.dev/ 256 KB
0 9ms
9ms Media
video/mp4 172.66.44.254
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://mj-5ye.pages.dev/02sghsjp2.mp4

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.254 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://main.ds4azd6yoma7a.amplifyapp.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Range: bytes=303000-
sec-ch-ua-mobile: ?0

Response headers

nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "097802ed773d773edff79d9a3ba35d0c"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=jExZSiSlo941kANR%2BduubFweUKvj%2FWn19Wrk%2B348qUQUJmvRQnLWwzqju1AQq%2FkEOETSMfHPhPGjYa3%2BsolqV1qTUJREmLYjdGKCN5yOWjDh3RHu7EeuI%2BfBi%2Bz3x6a8DOgN"}]}
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-ray: 9ed7e3f0db52eb78-NRT
Content-Range: bytes 303000-1701581/1701582
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
Content-Length: 1398582
server-timing: cfExtPri
date: Fri, 17 Apr 2026 02:09:55 GMT
content-type: video/mp4
server: cloudflare
priority: u=3,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: newpp81.onrender.com
URL: https://newpp81.onrender.com/02sghsjp2.mp4

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

14 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-21 22:12:07	Name: CLID Value: 2d1dfe7c0da745aabe99847403d17d10.20260417.20270417
.ds4azd6yoma7a.amplifyapp.com/	1970-01-21 22:12:07	Name: _clck Value: 16h6tut%5E2%5Eg5a%5E0%5E2298
.bing.com/	1970-01-21 22:48:07	Name: MUID Value: 2516E3F5A4BA62881A9FF4CBA5C2637A
.c.bing.com/	1970-01-21 13:36:36	Name: MR Value: 0
.c.bing.com/	1970-01-21 22:48:07	Name: SRM_B Value: 2516E3F5A4BA62881A9FF4CBA5C2637A
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 22:48:07	Name: MUID Value: 2516E3F5A4BA62881A9FF4CBA5C2637A
.c.clarity.ms/	1970-01-21 13:36:36	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 13:26:32	Name: ANONCHK Value: 0
.ds4azd6yoma7a.amplifyapp.com/	1970-01-21 13:27:58	Name: _clsk Value: bcg035%5E1776391790288%5E1%5E1%5El.clarity.ms%2Fcollect

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://main.ds4azd6yoma7a.amplifyapp.com/dgdh1.wav Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://main.ds4azd6yoma7a.amplifyapp.com/hel0sgfy.mp4 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://main.ds4azd6yoma7a.amplifyapp.com/events/ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://main.ds4azd6yoma7a.amplifyapp.com/index_1/ Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
l.clarity.ms
main.ds4azd6yoma7a.amplifyapp.com
mj-5ye.pages.dev
newpp81.onrender.com
scripts.clarity.ms
www.clarity.ms
newpp81.onrender.com
172.66.44.254
18.64.122.52
2603:1061:14:187::1
2603:1061:14:189::1
2620:1ec:33:2::10
51.8.207.171
57.155.120.218
02b2f65af6dc9b2d3ce4524cc0df3939a2cc8f851ec39439f417faf7729bda35
09f80ca10802f98940f23c2a76b9b77223896613dd88255aa615a8b6aac9b0ca
0ef9633a9637e4167a4202a9c1f0c3376ad5451346e759371fda0dcbada2d118
1062361de4627c89f8ea0541b529769540a46687daa3f4b5c9e4a84e3de604d5
20b06790b46a305c70cdd9837e24abaa5511aed95df8fa54ad0c9ff117c6042d
250008e9dc0fe4d75cdb46c8ba05ad92f49496361419cc526ebbddaefa2f84d2
2ce965395dab2a14b0edb0f3851cb38d0a031d9e0e1bba3d0a09cc06730738b8
479e677c94b37c194a8920892304c006ac89f629c4365574b9c537dc7e5f0dba
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
651fac0cdd16e75985e56ad77570f0a978aaedcf21f2a13db9c59d8925f82431
6a00b1393bd74ac062ad19c64062eee1ae9c257e24949b55813a9462a4820e54
7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6
7a738278d81398475643b61e8337eebe912009c7d5d39854141ce5fb55cfbdec
9318f4c19c26a4cd08a3ed06fc21fdd6ebe7cda4c12add30b75007d30dad3f7a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a2fcab6be2021e3456fefbdb8d6175039c011cbeaa7b2467e6690a8d4a20f5e2
a3b4a81e6687a2153a530d448edc8ef11e9034c68636c9b98950092cd4313515
b1e9d0861c6671644ad118df8150e394f8cba36b9536f64898bd35919e5515b4
cbd14f6950ad5739f32d2124d9680cc5638c7d8f0bd2a4c757970b80e6c9449b
ce9616dc67cea493708d1bb4c1abb8ac969d99c07240f2d807e39f015952f545
d041f359807bdc4a6c5c0b2ea4617f5e28a1d2e17cc143ed322564977a6c15f8
d4f3bc4e75efb722542d52947ad623b09a164380454f26decceab576e0af59d1
dac67b4d40ccdab250479a4fc8644de097b58e90039bb8254537fb60148a85b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed1a100bcf8740c56e4bd57cff82386afe9149ef7f8051610f9ca6fe1952bd3d
f76d6601aec548e26e8b9ae2f45bcae2ae331a409dddfd92f022b63845052175

main.ds4azd6yoma7a.amplifyapp.com 18.64.122.52 Malicious Activity! Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

37 Requests

89 %HTTPS

43 %IPv6

5 Domains

8 Subdomains

7 IPs

3 Countries

628 kBTransfer

1487 kBSize

10 Cookies

0 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

main.ds4azd6yoma7a.amplifyapp.com
18.64.122.52 Malicious Activity! Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

37
Requests

89 %
HTTPS

43 %
IPv6

5
Domains

8
Subdomains

7
IPs

3
Countries

628 kB
Transfer

1487 kB
Size

10
Cookies

37 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!