urlscan.io logo urlscan.io
SecurityTrails logo

main.d1vtj42co5firr.amplifyapp.com
99.86.195.124  Malicious Activity! Public Scan Open in urlscan Pro

Go To Rescan Add Verdict Report
URL: https://main.d1vtj42co5firr.amplifyapp.com/ 25d old
Submission: On April 18 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 31 HTTP transactions. The main IP is 99.86.195.124, located in United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is main.d1vtj42co5firr.amplifyapp.com. 25d old
TLS certificate: Issued by Amazon RSA 2048 M04 on April 18th 2026. Valid for: 7mo.
This is the only time main.d1vtj42co5firr.amplifyapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

IP Address AS Autonomous System
26 99.86.195.124 16509 (AMAZON-02)
2 77.235.50.164 60781 (LEASEWEB-...)
2 172.66.44.254 13335 (CLOUDFLAR...)
31 4
Apex Domain
Subdomains		 Transfer
26 amplifyapp.com
main.d1vtj42co5firr.amplifyapp.com 25d old
743 KB
2 pages.dev
mj-5ye.pages.dev 3mo old
2 publytics.net
api.publytics.net — Cisco Umbrella Rank: 72109 3yr old
1 KB
0 onrender.com Failed
newpp81.onrender.com Failed 4mo old
31 4
Domain Requested by
26 main.d1vtj42co5firr.amplifyapp.com main.d1vtj42co5firr.amplifyapp.com
2 mj-5ye.pages.dev main.d1vtj42co5firr.amplifyapp.com
2 api.publytics.net main.d1vtj42co5firr.amplifyapp.com
api.publytics.net
0 newpp81.onrender.com Failed main.d1vtj42co5firr.amplifyapp.com
31 4

This site contains no links.

Subject Issuer Validity Valid
*.d1vtj42co5firr.amplifyapp.com
Amazon RSA 2048 M04		 2026-04-18 -
2026-11-01		 7mo crt.sh
*.publytics.net
Sectigo Public Server Authentication CA DV R36		 2026-03-16 -
2026-09-30		 7mo crt.sh
mj-5ye.pages.dev
WE1		 2026-03-28 -
2026-06-26		 3mo crt.sh

This page contains 1 frames:

Primary Page: https://main.d1vtj42co5firr.amplifyapp.com/
Frame ID: CB5F82D55524844E3911EA7407E57119
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ヘルプデスクを取得 -01JP21

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery
  • /jquery(?:-(\d+\.\d+\.\d+))[/.-]
Overall confidence: 100%
Detected patterns
  • api\.publytics\.net/

Page Statistics

31
Requests

97 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

745 kB
Transfer

1406 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
main.d1vtj42co5firr.amplifyapp.com/ 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6017c5e090d75ae3bd73c7de9d02e37e6be4f8ce408ec4f3ed6cd96ec267668c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Linux"

Response headers

age
600
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, s-maxage=31536000
content-encoding
br
content-type
text/html
date
Sat, 18 Apr 2026 03:01:26 GMT
etag
W/"0a2f6771d018d30f524402a2f715242e"
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 a5f6ff609c35b6d0af73e01d70025c12.cloudfront.net (CloudFront)
x-amz-cf-id
Xa1ubpJW8oVVqtGrl5vtjbGyLqa54Rhp_p2_FAz0eHQVxv74xGWqMw==
x-amz-cf-pop
NRT57-P7
x-cache
Hit from cloudfront
01css32bd.css
main.d1vtj42co5firr.amplifyapp.com/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/css/01css32bd.css
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6383979d0bb64e9c81a212659828a57a23329d42ee691330721b6d2b42f56496

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
content-encoding
br
etag
W/"fa681b7980a017274c4cddb4998abf4b"
age
600
via
1.1 a5f6ff609c35b6d0af73e01d70025c12.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
U1bxwVFB8DDJScU_0stE2LS9F-hNvHCpzf4MC_RSQtVshoRsPCFcUQ==
date
Sat, 18 Apr 2026 03:01:26 GMT
content-type
text/css
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
vary
Accept-Encoding
jquery-1.4.4.min.js
main.d1vtj42co5firr.amplifyapp.com/js/ 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/js/jquery-1.4.4.min.js
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
content-encoding
br
etag
W/"73a9c334c5ca71d70d092b42064f6476"
age
600
via
1.1 a5f6ff609c35b6d0af73e01d70025c12.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
qlfTo-m3txJu6wVyoCH-NfbFwWHWqWxk9AY58cNmSxtKvlivxKwzRA==
date
Sat, 18 Apr 2026 03:01:26 GMT
content-type
text/javascript
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
vary
Accept-Encoding
12dgdur.js
main.d1vtj42co5firr.amplifyapp.com/js/ 		164 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/js/12dgdur.js
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dac67b4d40ccdab250479a4fc8644de097b58e90039bb8254537fb60148a85b1

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
content-encoding
br
etag
W/"3c61f42a030a7c4c90031b5353faf4ad"
age
600
via
1.1 a5f6ff609c35b6d0af73e01d70025c12.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
vdmfljM6lJWTrLmYf3ut19-HuvpyU5haWNXmaLLGpKSoY-blmelXNg==
date
Sat, 18 Apr 2026 03:01:26 GMT
content-type
text/javascript
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
vary
Accept-Encoding
11gfdjuef.js
main.d1vtj42co5firr.amplifyapp.com/js/ 		7 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/js/11gfdjuef.js
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ce965395dab2a14b0edb0f3851cb38d0a031d9e0e1bba3d0a09cc06730738b8

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
content-encoding
br
etag
W/"bc3bc8f225db800a86111f9b23e30a1f"
age
600
via
1.1 a5f6ff609c35b6d0af73e01d70025c12.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
0-ufCQvtvdfdXQ4CjDPjvJqzXUoHI51CwoLIlElXH4pVbsQidGwm6Q==
date
Sat, 18 Apr 2026 03:01:26 GMT
content-type
text/javascript
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
vary
Accept-Encoding
09sgsgsfr.js
main.d1vtj42co5firr.amplifyapp.com/js/ 		0
369 B 		Script
General
Check archive.org
Download Go to
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/js/09sgsgsfr.js
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
600
via
1.1 a5f6ff609c35b6d0af73e01d70025c12.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
0
x-amz-cf-id
wNQxE0bTcaGILxJQIAcevWL_EXapwW692k7kaOCaeUW04_1IU5bGDQ==
date
Sat, 18 Apr 2026 03:01:26 GMT
content-type
text/javascript
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
13dugfjdf.js
main.d1vtj42co5firr.amplifyapp.com/js/ 		482 B
862 B 		Script
General
Check archive.org
Download Go to
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/js/13dugfjdf.js
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d4f3bc4e75efb722542d52947ad623b09a164380454f26decceab576e0af59d1

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
etag
"94d312a8f4107a095bae3b1d37be439f"
age
600
via
1.1 a5f6ff609c35b6d0af73e01d70025c12.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
482
x-amz-cf-id
idpaBABTQryk72QzCY0sI5tpa4jkY3vMgo42vXx_0NuidqLe1LJ0bg==
date
Sat, 18 Apr 2026 03:01:26 GMT
content-type
text/javascript
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
script.manual.min.js
api.publytics.net/js/ 		1 KB
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.publytics.net/js/script.manual.min.js
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.235.50.164 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
hb507.bfconsulting.com
Software
nginx /
Resource Hash
f76d6601aec548e26e8b9ae2f45bcae2ae331a409dddfd92f022b63845052175
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
cache-control
max-age=2592000, public
content-encoding
gzip
etag
W/"663648ee-419"
x-content-type-options
nosniff
expires
Mon, 18 May 2026 03:11:27 GMT
alt-svc
h3=":443"; ma=3600
date
Sat, 18 Apr 2026 03:11:27 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Saturday, 18-Apr-2026 03:11:27 GMT
fesbg.png
main.d1vtj42co5firr.amplifyapp.com/images/ 		294 KB
294 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/images/fesbg.png
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3b4a81e6687a2153a530d448edc8ef11e9034c68636c9b98950092cd4313515

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
etag
"165fe97127e1d1414c5070caa56d3a36"
age
600
via
1.1 a5f6ff609c35b6d0af73e01d70025c12.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
300642
x-amz-cf-id
pF10X-sEuwq8sMsyYrgcv2lWGbNRZ-T2OKeIYvUZRap1WS-Ghfp_fw==
date
Sat, 18 Apr 2026 03:01:26 GMT
content-type
image/png
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
bx1.png
main.d1vtj42co5firr.amplifyapp.com/images/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/images/bx1.png
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02b2f65af6dc9b2d3ce4524cc0df3939a2cc8f851ec39439f417faf7729bda35

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
etag
"375f2aedc7a2c955f3a3d6086ab9560b"
age
600
via
1.1 a5f6ff609c35b6d0af73e01d70025c12.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
119079
x-amz-cf-id
DTuUFxh0X8YYedlnq7_IlpxMg5NgzmNPAjNsbajG1UtJz5zu7gyFLg==
date
Sat, 18 Apr 2026 03:01:26 GMT
content-type
image/png
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
web1.png
main.d1vtj42co5firr.amplifyapp.com/images/ 		212 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/images/web1.png
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5f6c03d80b6db2172f34c2f1c6e33fcb3e9a20c9a4d997654fee66cc54b78d0

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
etag
"e2d71b88a50f7f27497626f5b3f3de2e"
age
527
via
1.1 53fd215899ae5ca9c890c763ef3bc7b8.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
217554
x-amz-cf-id
tyz_aya7jzIh5DTMkFDlsorOu6HRRHvaZWBna1KCBkak0zm1th7Swg==
date
Sat, 18 Apr 2026 03:02:39 GMT
content-type
image/png
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
img01df.png
main.d1vtj42co5firr.amplifyapp.com/images/ 		148 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/images/img01df.png
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
etag
"786e451b89111d04cb1fba3d32c398fa"
age
527
via
1.1 53fd215899ae5ca9c890c763ef3bc7b8.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
148
x-amz-cf-id
cQHN2emIOcx2yCFHdwRIZfM1y_smtvSkcSd-B8jKC3Lyny1Mk46UWw==
date
Sat, 18 Apr 2026 03:02:39 GMT
content-type
image/png
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
winlo.png
main.d1vtj42co5firr.amplifyapp.com/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/images/winlo.png
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
250008e9dc0fe4d75cdb46c8ba05ad92f49496361419cc526ebbddaefa2f84d2

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
etag
"20fc730f7b1ae7b900f66dbc7ddc3fc3"
age
527
via
1.1 53fd215899ae5ca9c890c763ef3bc7b8.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
12386
x-amz-cf-id
Iiiv_BbBrO5GdPkQvJtHuo98-GIfW7lIiwgj3_kZdfwoHdTRCxDyvw==
date
Sat, 18 Apr 2026 03:02:39 GMT
content-type
image/png
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
dm.png
main.d1vtj42co5firr.amplifyapp.com/images/ 		347 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/images/dm.png
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1062361de4627c89f8ea0541b529769540a46687daa3f4b5c9e4a84e3de604d5

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
etag
"4a39876d0660cfe5b1f5cb073498c66d"
age
527
via
1.1 53fd215899ae5ca9c890c763ef3bc7b8.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
347
x-amz-cf-id
a0heuxwigRkejHzgGs5JFEVqptRJyWRzmCIMW-kwPH6GTNcUV99D5A==
date
Sat, 18 Apr 2026 03:02:39 GMT
content-type
image/png
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
cs.png
main.d1vtj42co5firr.amplifyapp.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/images/cs.png
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b1e9d0861c6671644ad118df8150e394f8cba36b9536f64898bd35919e5515b4

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
etag
"911f04c21d791a20574a4b287b60d3af"
age
527
via
1.1 53fd215899ae5ca9c890c763ef3bc7b8.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
3152
x-amz-cf-id
dpcGhsS1ZCW4T-SVaYlZPEqjbp8AQanvV_JCDCGwPOuGltOBfg8C3w==
date
Sat, 18 Apr 2026 03:02:39 GMT
content-type
image/png
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
re.gif
main.d1vtj42co5firr.amplifyapp.com/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/images/re.gif
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
etag
"6fcb78e0cd7933a70eea2cf071f82118"
age
527
via
1.1 53fd215899ae5ca9c890c763ef3bc7b8.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
14751
x-amz-cf-id
-EBArpnogFqahN5pIqwvWGkOPzJcDOxahVaRMeuZBc-55ur9pkbdug==
date
Sat, 18 Apr 2026 03:02:39 GMT
content-type
image/gif
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
08dgsg3d.js
main.d1vtj42co5firr.amplifyapp.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/js/08dgsg3d.js
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce9616dc67cea493708d1bb4c1abb8ac969d99c07240f2d807e39f015952f545

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
content-encoding
br
etag
W/"8b7bad9feac78dba055fbf980710f250"
age
599
via
1.1 53fd215899ae5ca9c890c763ef3bc7b8.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Cp0j0wWPq_ssnR_32nPJkv8ukvCyAczpme9B1Ow84cHtFxNOD5iDog==
date
Sat, 18 Apr 2026 03:01:27 GMT
content-type
text/javascript
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
vary
Accept-Encoding
07sdgsg4.js
main.d1vtj42co5firr.amplifyapp.com/js/ 		502 B
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/js/07sdgsg4.js
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
651fac0cdd16e75985e56ad77570f0a978aaedcf21f2a13db9c59d8925f82431

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
etag
"f67e907ae4048d5a9905fd36828a822e"
age
527
via
1.1 53fd215899ae5ca9c890c763ef3bc7b8.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
502
x-amz-cf-id
XyMQOLHlbJcguTUQovXXZ_bePGaZtouyw3RMwUjTqOs4bsuelGRb3g==
date
Sat, 18 Apr 2026 03:02:39 GMT
content-type
text/javascript
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
06hshs.js
main.d1vtj42co5firr.amplifyapp.com/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/js/06hshs.js
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ef9633a9637e4167a4202a9c1f0c3376ad5451346e759371fda0dcbada2d118

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
content-encoding
br
etag
W/"d20a8fff8c987318235cad8b9e08eeff"
age
599
via
1.1 53fd215899ae5ca9c890c763ef3bc7b8.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
MjpmQlB2XKs2FilMe2jOrvPySxPAK5lw-IUSF3K6aGPzv4ZPvFmu7g==
date
Sat, 18 Apr 2026 03:01:27 GMT
content-type
text/javascript
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
vary
Accept-Encoding
05sdghdf.js
main.d1vtj42co5firr.amplifyapp.com/js/ 		1 KB
738 B 		Script
General
Check archive.org
Download Go to
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/js/05sdghdf.js
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed1a100bcf8740c56e4bd57cff82386afe9149ef7f8051610f9ca6fe1952bd3d

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
content-encoding
br
etag
W/"795db086c6ed2eac9332a556e18976f1"
age
599
via
1.1 53fd215899ae5ca9c890c763ef3bc7b8.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
9vVWPIN-Dtars4GVima4wY8jvlFkBHl-SzIqAHms5ohE403Nyty0-g==
date
Sat, 18 Apr 2026 03:01:27 GMT
content-type
text/javascript
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
vary
Accept-Encoding
04shesc1.js
main.d1vtj42co5firr.amplifyapp.com/js/ 		85 B
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/js/04shesc1.js
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9318f4c19c26a4cd08a3ed06fc21fdd6ebe7cda4c12add30b75007d30dad3f7a

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
etag
"f9bbaa8dfa61570c8bf088f2c3985aab"
age
527
via
1.1 53fd215899ae5ca9c890c763ef3bc7b8.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
content-length
85
x-amz-cf-id
z2C32rm8kkKh4mO46DFROiplrY6Sa1WZJdzxfEK_dgzYEM8dGX-omw==
date
Sat, 18 Apr 2026 03:02:39 GMT
content-type
text/javascript
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
03fgsskryeivh.js
main.d1vtj42co5firr.amplifyapp.com/js/ 		1 KB
502 B 		Script
General
Check archive.org
Download Go to
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/js/03fgsskryeivh.js
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbd14f6950ad5739f32d2124d9680cc5638c7d8f0bd2a4c757970b80e6c9449b

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
content-encoding
br
etag
W/"c801c2cb1283b9d7bcec21e799053438"
age
599
via
1.1 53fd215899ae5ca9c890c763ef3bc7b8.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
mk5Vrtes0WCJY9KwFmN1mU1OZf8OR7g92-QqFgOlQ54-i3kKiZ5gOw==
date
Sat, 18 Apr 2026 03:01:27 GMT
content-type
text/javascript
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
vary
Accept-Encoding
02dgdsg3d.js
main.d1vtj42co5firr.amplifyapp.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/js/02dgdsg3d.js
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
479e677c94b37c194a8920892304c006ac89f629c4365574b9c537dc7e5f0dba

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
content-encoding
br
etag
W/"93ada8838724bd58eace4f4c0340a00e"
age
599
via
1.1 53fd215899ae5ca9c890c763ef3bc7b8.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
c6GISDsnv_E6yzjgiTzMc2Ej0Vkuzbhtn9Q0zoaMmT2tVskPhhtNBA==
date
Sat, 18 Apr 2026 03:01:27 GMT
content-type
text/javascript
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
vary
Accept-Encoding
01d1fgshfddfg.js
main.d1vtj42co5firr.amplifyapp.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/js/01d1fgshfddfg.js
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09f80ca10802f98940f23c2a76b9b77223896613dd88255aa615a8b6aac9b0ca

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
content-encoding
br
etag
W/"3f456601d270ab3d5dfcfe10b2137b41"
age
599
via
1.1 53fd215899ae5ca9c890c763ef3bc7b8.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
RFdgwqNPlE1pV8TJ3hBL-ls2KZS75OmtZbzdfxvvESaTsr7-YRTpZQ==
date
Sat, 18 Apr 2026 03:01:27 GMT
content-type
text/javascript
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
vary
Accept-Encoding
events
api.publytics.net/ 		6 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.publytics.net/events
Requested by
Host: api.publytics.net
URL: https://api.publytics.net/js/script.manual.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.235.50.164 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
hb507.bfconsulting.com
Software
nginx /
Resource Hash
18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Content-Type
text/plain
sec-ch-ua-mobile
?0

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
cache-control
no-cache, private
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=3600
date
Sat, 18 Apr 2026 03:11:28 GMT
content-type
application/json
server
nginx
02sghsjp2.mp4
newpp81.onrender.com/ 		0
0
dgdh1.wav
main.d1vtj42co5firr.amplifyapp.com/ 		8 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/dgdh1.wav
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Range
bytes=0-
sec-ch-ua-mobile
?0

Response headers

etag
"0a2f6771d018d30f524402a2f715242e"
via
1.1 53fd215899ae5ca9c890c763ef3bc7b8.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Error from cloudfront
content-length
13701
x-amz-cf-id
sfoy44aeOjtgpyIKAMavPnQiOrzXz9onM5uN7F1XukWFVYvo3FyJCQ==
date
Sat, 18 Apr 2026 03:11:27 GMT
content-type
text/html
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
hel0sgfy.mp4
main.d1vtj42co5firr.amplifyapp.com/ 		8 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/hel0sgfy.mp4
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Range
bytes=0-
sec-ch-ua-mobile
?0

Response headers

etag
"0a2f6771d018d30f524402a2f715242e"
via
1.1 53fd215899ae5ca9c890c763ef3bc7b8.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Error from cloudfront
content-length
13701
x-amz-cf-id
gc4RxnPS6JXtnBv5KDQrhia4fNrlwjFAm6E2EgHyKLbYUYfH_zyVZA==
date
Sat, 18 Apr 2026 03:11:27 GMT
content-type
text/html
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
02sghsjp2.mp4
mj-5ye.pages.dev/ 		289 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://mj-5ye.pages.dev/02sghsjp2.mp4
Requested by
Host: main.d1vtj42co5firr.amplifyapp.com
URL: https://main.d1vtj42co5firr.amplifyapp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.44.254 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Range
bytes=0-
sec-ch-ua-mobile
?0

Response headers

nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag
"097802ed773d773edff79d9a3ba35d0c"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2Fcw0w5nrxWLuUQHRz%2BVxMpjNwON0eh75cBT2JFbm0X1AQDGtTn2FCogyq2MWil7Sp41f2fdf6WkfB8WuVRiaxCGeGdv5hmvcO%2BqSuSfvLdcuYQrnrinQxtjFYKsANkoV1HDp"}]}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
9ee07b74d95600a3-KIX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1701582
server-timing
cfExtPri
date
Sat, 18 Apr 2026 03:11:27 GMT
content-type
video/mp4
server
cloudflare
priority
u=3,i
index.html
main.d1vtj42co5firr.amplifyapp.com/ 		13 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://main.d1vtj42co5firr.amplifyapp.com/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
99.86.195.124 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-195-124.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6017c5e090d75ae3bd73c7de9d02e37e6be4f8ce408ec4f3ed6cd96ec267668c

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile
?0

Response headers

cache-control
public, max-age=0, s-maxage=31536000
content-encoding
br
etag
W/"0a2f6771d018d30f524402a2f715242e"
age
409
via
1.1 53fd215899ae5ca9c890c763ef3bc7b8.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
7FKdt2gFi94LJ4JcYzG4t1l11eW3bfmee25vxTlp6kVBg-OnFjPK2A==
date
Sat, 18 Apr 2026 03:04:38 GMT
content-type
text/html
last-modified
Sat, 18 Apr 2026 02:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
vary
Accept-Encoding
02sghsjp2.mp4
mj-5ye.pages.dev/ 		128 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://mj-5ye.pages.dev/02sghsjp2.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.44.254 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://main.d1vtj42co5firr.amplifyapp.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Range
bytes=296373-
sec-ch-ua-mobile
?0

Response headers

nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag
"097802ed773d773edff79d9a3ba35d0c"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=hQch0AIn56VaDOkOfFfBciEx1vxAA2yABxF596Pl9w2QDzDYhFORlwhbmZRpImHsCBX9Z2v%2BVl%2B6JNdMQA4j6%2BvBVknNhM20c1UI%2FUcO5NZ0wBcEi97rRUsQnv%2BcF9%2ByQ%2FU2"}]}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
9ee07b963a6c00a3-KIX
Content-Range
bytes 296373-1701581/1701582
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
Content-Length
1405209
server-timing
cfExtPri
date
Sat, 18 Apr 2026 03:11:32 GMT
content-type
video/mp4
server
cloudflare
priority
u=3,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
newpp81.onrender.com
URL
https://newpp81.onrender.com/02sghsjp2.mp4

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

12 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| addEvent function| vhdydjwhcnfyhecnfheucncevi function| publytics function| isFullscreen function| checkFull function| toggleFullScreen number| isNS function| mischandler function| mousehandler function| win_onkeydown_handler

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://main.d1vtj42co5firr.amplifyapp.com/hel0sgfy.mp4
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://main.d1vtj42co5firr.amplifyapp.com/dgdh1.wav
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.publytics.net
main.d1vtj42co5firr.amplifyapp.com
mj-5ye.pages.dev
newpp81.onrender.com
newpp81.onrender.com
172.66.44.254
77.235.50.164
99.86.195.124
02b2f65af6dc9b2d3ce4524cc0df3939a2cc8f851ec39439f417faf7729bda35
09f80ca10802f98940f23c2a76b9b77223896613dd88255aa615a8b6aac9b0ca
0ef9633a9637e4167a4202a9c1f0c3376ad5451346e759371fda0dcbada2d118
1062361de4627c89f8ea0541b529769540a46687daa3f4b5c9e4a84e3de604d5
18d10c7d2b4b04aaf04254d1ae5d655a5dc0407cbcdd5a8c3986e985370f36ee
250008e9dc0fe4d75cdb46c8ba05ad92f49496361419cc526ebbddaefa2f84d2
2ce965395dab2a14b0edb0f3851cb38d0a031d9e0e1bba3d0a09cc06730738b8
479e677c94b37c194a8920892304c006ac89f629c4365574b9c537dc7e5f0dba
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
6017c5e090d75ae3bd73c7de9d02e37e6be4f8ce408ec4f3ed6cd96ec267668c
6383979d0bb64e9c81a212659828a57a23329d42ee691330721b6d2b42f56496
651fac0cdd16e75985e56ad77570f0a978aaedcf21f2a13db9c59d8925f82431
7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6
9318f4c19c26a4cd08a3ed06fc21fdd6ebe7cda4c12add30b75007d30dad3f7a
a3b4a81e6687a2153a530d448edc8ef11e9034c68636c9b98950092cd4313515
b1e9d0861c6671644ad118df8150e394f8cba36b9536f64898bd35919e5515b4
c5f6c03d80b6db2172f34c2f1c6e33fcb3e9a20c9a4d997654fee66cc54b78d0
cbd14f6950ad5739f32d2124d9680cc5638c7d8f0bd2a4c757970b80e6c9449b
ce9616dc67cea493708d1bb4c1abb8ac969d99c07240f2d807e39f015952f545
d4f3bc4e75efb722542d52947ad623b09a164380454f26decceab576e0af59d1
dac67b4d40ccdab250479a4fc8644de097b58e90039bb8254537fb60148a85b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed1a100bcf8740c56e4bd57cff82386afe9149ef7f8051610f9ca6fe1952bd3d
f76d6601aec548e26e8b9ae2f45bcae2ae331a409dddfd92f022b63845052175