main.d1xlxsasw211rr.amplifyapp.com
99.86.195.102 Malicious Activity! Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

Submitted URL:
https://nippona.store/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S... 1mo old
Effective URL:
https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S... 1mo old
Submission: On April 18 via manual (April 18th 2026, 5:17:24 am UTC) from JP — Scanned from JP

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 37 HTTP transactions. The main IP is 99.86.195.102, located in United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is main.d1xlxsasw211rr.amplifyapp.com. 1mo old
TLS certificate: Issued by Amazon RSA 2048 M04 on April 18th 2026. Valid for: 7mo.

This is the only time main.d1xlxsasw211rr.amplifyapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.189.58 172.67.189.58	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2 31	99.86.195.102 99.86.195.102	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	57.155.120.218 57.155.120.218	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	172.66.44.254 172.66.44.254	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2603:1061:14:... 2603:1061:14:187::1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1 2	2603:1061:14:... 2603:1061:14:189::1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1 1	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	172.175.234.12 172.175.234.12	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
37	7

1 172.67.189.58 (Ascension Island) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

nippona.store 1mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

31 99.86.195.102 (United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-99-86-195-102.nrt57.r.cloudfront.net

main.d1xlxsasw211rr.amplifyapp.com 1mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 57.155.120.218 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

www.clarity.ms 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 172.66.44.254 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

mj-5ye.pages.dev 4mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2603:1061:14:187::1 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

scripts.clarity.ms 10mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2603:1061:14:189::1 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

c.clarity.ms 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2620:1ec:33::10 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

c.bing.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 172.175.234.12 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

n.clarity.ms 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
31	amplifyapp.com 2 redirects main.d1xlxsasw211rr.amplifyapp.com 1mo old	600 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 424 8yr old scripts.clarity.ms — Cisco Umbrella Rank: 581 10mo old c.clarity.ms — Cisco Umbrella Rank: 748 5yr old n.clarity.ms — Cisco Umbrella Rank: 5406 5yr old	29 KB
2	pages.dev mj-5ye.pages.dev 4mo old
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 197 13yr old	772 B
1	nippona.store 1 redirects nippona.store 1mo old	678 B
0	onrender.com Failed newpp81.onrender.com Failed 4mo old
37	6

	Domain	Requested by
31	main.d1xlxsasw211rr.amplifyapp.com	2 redirects main.d1xlxsasw211rr.amplifyapp.com
2	n.clarity.ms	scripts.clarity.ms
2	c.clarity.ms	1 redirects
2	mj-5ye.pages.dev	main.d1xlxsasw211rr.amplifyapp.com
1	c.bing.com	1 redirects
1	scripts.clarity.ms	www.clarity.ms
1	www.clarity.ms	main.d1xlxsasw211rr.amplifyapp.com
1	nippona.store	1 redirects
0	newpp81.onrender.com Failed	main.d1xlxsasw211rr.amplifyapp.com
37	9

This site contains no links.

Subject Issuer	Validity	Valid
*.d1xlxsasw211rr.amplifyapp.com Amazon RSA 2048 M04	`2026-04-18` - `2026-11-01`	7mo	crt.sh
a.tag.clarity.ms Microsoft TLS G2 RSA CA OCSP 04	`2026-03-04` - `2026-08-31`	6mo	crt.sh
mj-5ye.pages.dev WE1	`2026-03-28` - `2026-06-26`	3mo	crt.sh
scripts.clarity.ms Microsoft TLS G2 RSA CA OCSP 02	`2026-04-07` - `2026-10-04`	6mo	crt.sh
a.clarity.ms Microsoft TLS G2 RSA CA OCSP 02	`2026-03-04` - `2026-08-31`	6mo	crt.sh

This page contains 1 frames:

Primary Page: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Frame ID: A5EC391F054CDE0EF9E3E5429E0CCD27
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ヘルプデスクを取得 -01JP21

Page URL History Show full URLs

https://nippona.store/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5B... HTTP 301
https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5B... Page URL

Detected technologies

jQuery (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

jquery
/jquery(?:-(\d+\.\d+\.\d+))[/.-]

Page Statistics

37
Requests

89 %
HTTPS

38 %
IPv6

6
Domains

9
Subdomains

7
IPs

3
Countries

628 kB
Transfer

1349 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nippona.store/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE HTTP 301
https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://main.d1xlxsasw211rr.amplifyapp.com/events HTTP 301
https://main.d1xlxsasw211rr.amplifyapp.com/events/

Request Chain 30

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=576D4024858D421F87D5E24B9FB0946B&RedC=c.clarity.ms&MXFR=0A19386CD50465463D412F53D1046B04 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=576D4024858D421F87D5E24B9FB0946B&MUID=1908B417D6C3686E2108A328D7516913

Request Chain 31

https://main.d1xlxsasw211rr.amplifyapp.com/index_1.html HTTP 301
https://main.d1xlxsasw211rr.amplifyapp.com/index_1/

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
main.d1xlxsasw211rr.amplifyapp.com/
Redirect Chain

https://nippona.store/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE

14 KB
5 KB

271ms
66ms

Document
text/html

99.86.195.102
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f51a14b4b1f30e01a4935cdd731a2dbd57578b69a55d441dc71e58a636df224

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"

Response headers

age: 582
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
content-type: text/html
date: Sat, 18 Apr 2026 05:07:43 GMT
etag: W/"3e0b6f042ee5344937cbd3c3c53858c4"
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f097db155e5651329f907893495c4e30.cloudfront.net (CloudFront)
x-amz-cf-id: BQhyVPz2mAerbQ8BEXQGdGigcUdUWeP1fm2f-hAoXpMZ9maDTnZNsw==
x-amz-cf-pop: NRT57-P7
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store
cf-cache-status: DYNAMIC
cf-ray: 9ee133f48a66d3d6-KIX
content-type: text/html; charset=UTF-8
date: Sat, 18 Apr 2026 05:17:24 GMT
location: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
priority: u=0,i
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=VzDMAuOrz30ucAHK8agl6CFvuq9VV0DCdDGx1m5iMFVJTmqKH8%2FOIXdIH9eYRqG%2FK42VrG3rdgRBRpJvURTCjZfU%2FN2LsLFTgPCviIyZaqAI1lLb8RyeWsI17sjlNqwS"}]}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC" cfEdge;dur=12,cfOrigin;dur=314 cfExtPri
x-ray: wne72913:0.130/wn72913:0.140/wa72913:D=130196

GET
H2 200 script.manual.min.js Show response
main.d1xlxsasw211rr.amplifyapp.com/js/ 1 KB
937 B 153ms
149ms Script
text/javascript 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/js/script.manual.min.js
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f76d6601aec548e26e8b9ae2f45bcae2ae331a409dddfd92f022b63845052175

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"124795936209aa9084c20facbd6a9df5"
age: 581
via: 1.1 f097db155e5651329f907893495c4e30.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: wLVi4fY1TD6aIwaDA7q3X8LhBlx_R-Ps0ZFig96wMaHTjpFHZr3ZBA==
date: Sat, 18 Apr 2026 05:07:44 GMT
content-type: text/javascript
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7
vary: Accept-Encoding

GET
H2 200 01css32bd.css
main.d1xlxsasw211rr.amplifyapp.com/css/ 18 KB
4 KB 71ms
69ms Stylesheet
text/css 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/css/01css32bd.css
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7a738278d81398475643b61e8337eebe912009c7d5d39854141ce5fb55cfbdec

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"829b989d370a66562d2800df22c13a2a"
age: 581
via: 1.1 f097db155e5651329f907893495c4e30.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ewIjLCzIDCBY4PXkP2yNpVhywV1iXdMuTUoUnotULVzmid50_vS7tA==
date: Sat, 18 Apr 2026 05:07:44 GMT
content-type: text/css
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7
vary: Accept-Encoding

GET
H2 200 jquery-1.4.4.min.js Show response
main.d1xlxsasw211rr.amplifyapp.com/js/ 77 KB
26 KB 83ms
81ms Script
text/javascript 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/js/jquery-1.4.4.min.js
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"73a9c334c5ca71d70d092b42064f6476"
age: 581
via: 1.1 f097db155e5651329f907893495c4e30.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 3gzAldSScpAPFtg-surVgd2SakzNczfflIZ4NEzO5OXw-hfHrgz1YQ==
date: Sat, 18 Apr 2026 05:07:44 GMT
content-type: text/javascript
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7
vary: Accept-Encoding

GET
H2 200 12dgdur.js Show response
main.d1xlxsasw211rr.amplifyapp.com/js/ 164 KB
35 KB 135ms
133ms Script
text/javascript 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/js/12dgdur.js
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dac67b4d40ccdab250479a4fc8644de097b58e90039bb8254537fb60148a85b1

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"3c61f42a030a7c4c90031b5353faf4ad"
age: 581
via: 1.1 f097db155e5651329f907893495c4e30.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: trJ0P-XB79Fw1fIDEUa6GgBdOWgXJvDyUXgiLPLscIuhlP_sOmLyhg==
date: Sat, 18 Apr 2026 05:07:44 GMT
content-type: text/javascript
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7
vary: Accept-Encoding

GET
H2 200 11gfdjuef.js Show response
main.d1xlxsasw211rr.amplifyapp.com/js/ 7 KB
1 KB 148ms
146ms Script
text/javascript 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/js/11gfdjuef.js
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ce965395dab2a14b0edb0f3851cb38d0a031d9e0e1bba3d0a09cc06730738b8

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"bc3bc8f225db800a86111f9b23e30a1f"
age: 581
via: 1.1 f097db155e5651329f907893495c4e30.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: GI7fXTEURRhBKjdkVrZUd-_YuFAxhkA-gN0-yqNtBwGcW0ai0gIDIA==
date: Sat, 18 Apr 2026 05:07:44 GMT
content-type: text/javascript
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7
vary: Accept-Encoding

GET
H2 200 09sgsgsfr.js Show response
main.d1xlxsasw211rr.amplifyapp.com/js/ 0
370 B 152ms
150ms Script
text/javascript 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/js/09sgsgsfr.js
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 549
via: 1.1 f097db155e5651329f907893495c4e30.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 0
x-amz-cf-id: XWPFwEM8EO2gVpN3eWbCpbsp24dRDiAlKfjWdnyQJBkl6uRPERR_2Q==
date: Sat, 18 Apr 2026 05:08:15 GMT
content-type: text/javascript
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7

GET
H2 200 13dugfjdf.js Show response
main.d1xlxsasw211rr.amplifyapp.com/js/ 482 B
863 B 152ms
150ms Script
text/javascript 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/js/13dugfjdf.js
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4f3bc4e75efb722542d52947ad623b09a164380454f26decceab576e0af59d1

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "94d312a8f4107a095bae3b1d37be439f"
age: 549
via: 1.1 f097db155e5651329f907893495c4e30.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 482
x-amz-cf-id: JTJpb5h7tGE3wfbDob6I1WQtOUI-lXWUmzAurNiA9cIcrlc1sEqkkg==
date: Sat, 18 Apr 2026 05:08:16 GMT
content-type: text/javascript
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7

GET
H2 200 fesbg.png
main.d1xlxsasw211rr.amplifyapp.com/images/ 294 KB
294 KB 162ms
161ms Image
image/png 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/images/fesbg.png
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a3b4a81e6687a2153a530d448edc8ef11e9034c68636c9b98950092cd4313515

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "165fe97127e1d1414c5070caa56d3a36"
age: 549
via: 1.1 f097db155e5651329f907893495c4e30.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 300642
x-amz-cf-id: nu3fVGGAQ-JaeOwKWkp7ObN8LsOSZW9IAKGgaacYUlbUdUXHjuHrQg==
date: Sat, 18 Apr 2026 05:08:16 GMT
content-type: image/png
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7

GET
H2 200 bx1.png
main.d1xlxsasw211rr.amplifyapp.com/images/ 116 KB
117 KB 303ms
302ms Image
image/png 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/images/bx1.png
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 02b2f65af6dc9b2d3ce4524cc0df3939a2cc8f851ec39439f417faf7729bda35

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "375f2aedc7a2c955f3a3d6086ab9560b"
age: 549
via: 1.1 f097db155e5651329f907893495c4e30.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 119079
x-amz-cf-id: qbvQGgC-kxD_KDIJxIDZ6gkhmTHDEYanm4L6pCycwIcPlSqHb8dPYQ==
date: Sat, 18 Apr 2026 05:08:16 GMT
content-type: image/png
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7

GET
H3 200 web1.png
main.d1xlxsasw211rr.amplifyapp.com/images/ 58 KB
58 KB 70ms
68ms Image
image/png 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/images/web1.png
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20b06790b46a305c70cdd9837e24abaa5511aed95df8fa54ad0c9ff117c6042d

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "3c4478d9526bbac9186ed7b1f68a228d"
age: 548
via: 1.1 dad4633d6e81b039f26ce216fdf872ac.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 59561
x-amz-cf-id: JM2L2Uz9KUuKPvutclfzQaU-9XSgYdRNVjCIbzZ90yNtPRCH2fIK9g==
date: Sat, 18 Apr 2026 05:08:16 GMT
content-type: image/png
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7

GET
H3 200 img01df.png
main.d1xlxsasw211rr.amplifyapp.com/images/ 148 B
450 B 70ms
68ms Image
image/png 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/images/img01df.png
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "786e451b89111d04cb1fba3d32c398fa"
age: 549
via: 1.1 dad4633d6e81b039f26ce216fdf872ac.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 148
x-amz-cf-id: gk98ShlwfL8hnAQi3XKGlydFQbEpCTXiJMIMWHPa5nFD9rQiAUonfQ==
date: Sat, 18 Apr 2026 05:08:16 GMT
content-type: image/png
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7

GET
H3 200 winlo.png
main.d1xlxsasw211rr.amplifyapp.com/images/ 12 KB
12 KB 74ms
68ms Image
image/png 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/images/winlo.png
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 250008e9dc0fe4d75cdb46c8ba05ad92f49496361419cc526ebbddaefa2f84d2

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "20fc730f7b1ae7b900f66dbc7ddc3fc3"
age: 549
via: 1.1 dad4633d6e81b039f26ce216fdf872ac.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 12386
x-amz-cf-id: h_p7op_IODTu85_vPWkCY08_DMZgtpceOeFx6S4f8Z9gtGxlymtEMA==
date: Sat, 18 Apr 2026 05:08:16 GMT
content-type: image/png
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7

GET
H3 200 dm.png
main.d1xlxsasw211rr.amplifyapp.com/images/ 347 B
650 B 88ms
79ms Image
image/png 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/images/dm.png
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1062361de4627c89f8ea0541b529769540a46687daa3f4b5c9e4a84e3de604d5

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "4a39876d0660cfe5b1f5cb073498c66d"
age: 549
via: 1.1 dad4633d6e81b039f26ce216fdf872ac.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 347
x-amz-cf-id: l_QuSCtWmt9QeIUjYfB4YzJZEPeJAPN-osA_e6T79paZbSyMnFLp6g==
date: Sat, 18 Apr 2026 05:08:16 GMT
content-type: image/png
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7

GET
H3 200 cs.png
main.d1xlxsasw211rr.amplifyapp.com/images/ 3 KB
3 KB 81ms
72ms Image
image/png 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/images/cs.png
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1e9d0861c6671644ad118df8150e394f8cba36b9536f64898bd35919e5515b4

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "911f04c21d791a20574a4b287b60d3af"
age: 549
via: 1.1 dad4633d6e81b039f26ce216fdf872ac.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 3152
x-amz-cf-id: PtMw0CA8ya4ROGBMEo70eac5rE-MQtCss46kj1VgGbzEIimyP1kwkQ==
date: Sat, 18 Apr 2026 05:08:16 GMT
content-type: image/png
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7

GET
H3 200 re.gif
main.d1xlxsasw211rr.amplifyapp.com/images/ 14 KB
15 KB 79ms
71ms Image
image/gif 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to Show image

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/images/re.gif
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "6fcb78e0cd7933a70eea2cf071f82118"
age: 549
via: 1.1 dad4633d6e81b039f26ce216fdf872ac.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 14751
x-amz-cf-id: YjNH6STUx86zKvdJyTZfgp19CbgdcoZcP7AYl00VbU-tox7TNGdwJA==
date: Sat, 18 Apr 2026 05:08:16 GMT
content-type: image/gif
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7

GET
H3 200 08dgsg3d.js Show response
main.d1xlxsasw211rr.amplifyapp.com/js/ 3 KB
1 KB 77ms
71ms Script
text/javascript 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/js/08dgsg3d.js
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce9616dc67cea493708d1bb4c1abb8ac969d99c07240f2d807e39f015952f545

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"8b7bad9feac78dba055fbf980710f250"
age: 581
via: 1.1 dad4633d6e81b039f26ce216fdf872ac.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: C_7I8O5epipEu6gI16dWTZE1oZX43_4XoWLJeHUUBWzxYCScw1HMTA==
date: Sat, 18 Apr 2026 05:07:44 GMT
content-type: text/javascript
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7
vary: Accept-Encoding

GET
H3 200 07sdgsg4.js Show response
main.d1xlxsasw211rr.amplifyapp.com/js/ 502 B
816 B 74ms
68ms Script
text/javascript 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/js/07sdgsg4.js
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 651fac0cdd16e75985e56ad77570f0a978aaedcf21f2a13db9c59d8925f82431

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "f67e907ae4048d5a9905fd36828a822e"
age: 549
via: 1.1 dad4633d6e81b039f26ce216fdf872ac.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 502
x-amz-cf-id: qQY_Ervt33MG96fcFql1EjgQt7yiuRsHYxjwjGkRcji9bRuJnhErDg==
date: Sat, 18 Apr 2026 05:08:16 GMT
content-type: text/javascript
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7

GET
H3 200 06hshs.js Show response
main.d1xlxsasw211rr.amplifyapp.com/js/ 15 KB
5 KB 80ms
70ms Script
text/javascript 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/js/06hshs.js
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ef9633a9637e4167a4202a9c1f0c3376ad5451346e759371fda0dcbada2d118

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"d20a8fff8c987318235cad8b9e08eeff"
age: 581
via: 1.1 dad4633d6e81b039f26ce216fdf872ac.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ya4MXR-QcnaIyudojTYi3yjGgUpWMio4atpPsKIUe5SRCm4O3a3vJA==
date: Sat, 18 Apr 2026 05:07:44 GMT
content-type: text/javascript
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7
vary: Accept-Encoding

GET
H3 200 05sdghdf.js Show response
main.d1xlxsasw211rr.amplifyapp.com/js/ 1 KB
738 B 79ms
69ms Script
text/javascript 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/js/05sdghdf.js
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed1a100bcf8740c56e4bd57cff82386afe9149ef7f8051610f9ca6fe1952bd3d

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"795db086c6ed2eac9332a556e18976f1"
age: 581
via: 1.1 dad4633d6e81b039f26ce216fdf872ac.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ri3B0-0FFOObaikTBMZwg2Ydiu_9FhicL2MuMWqDsEzc8ApK3I7-yA==
date: Sat, 18 Apr 2026 05:07:44 GMT
content-type: text/javascript
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7
vary: Accept-Encoding

GET
H3 200 04shesc1.js Show response
main.d1xlxsasw211rr.amplifyapp.com/js/ 85 B
401 B 80ms
70ms Script
text/javascript 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/js/04shesc1.js
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9318f4c19c26a4cd08a3ed06fc21fdd6ebe7cda4c12add30b75007d30dad3f7a

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
etag: "f9bbaa8dfa61570c8bf088f2c3985aab"
age: 549
via: 1.1 dad4633d6e81b039f26ce216fdf872ac.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
content-length: 85
x-amz-cf-id: OaqtlzzFx2DLEunYYnX4O4KQGUxHubOV1WsqAtKWfpXk80S9jPtAnw==
date: Sat, 18 Apr 2026 05:08:16 GMT
content-type: text/javascript
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7

GET
H3 200 03fgsskryeivh.js Show response
main.d1xlxsasw211rr.amplifyapp.com/js/ 1 KB
502 B 87ms
77ms Script
text/javascript 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/js/03fgsskryeivh.js
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbd14f6950ad5739f32d2124d9680cc5638c7d8f0bd2a4c757970b80e6c9449b

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"c801c2cb1283b9d7bcec21e799053438"
age: 581
via: 1.1 dad4633d6e81b039f26ce216fdf872ac.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: nS2A_eg9nJNXMNx7_HDtZl3Z9jMCDxAnIxnH-b45WgRL0nIGJi6-hg==
date: Sat, 18 Apr 2026 05:07:44 GMT
content-type: text/javascript
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7
vary: Accept-Encoding

GET
H3 200 02dgdsg3d.js Show response
main.d1xlxsasw211rr.amplifyapp.com/js/ 3 KB
1 KB 87ms
78ms Script
text/javascript 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/js/02dgdsg3d.js
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 479e677c94b37c194a8920892304c006ac89f629c4365574b9c537dc7e5f0dba

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"93ada8838724bd58eace4f4c0340a00e"
age: 581
via: 1.1 dad4633d6e81b039f26ce216fdf872ac.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: pQyN3uyAhc5FoWtZRspK0b1Ti_0BsLddYEjWeOe1am0JvVdeoURwtg==
date: Sat, 18 Apr 2026 05:07:44 GMT
content-type: text/javascript
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7
vary: Accept-Encoding

GET
H3 200 01d1fgshfddfg.js Show response
main.d1xlxsasw211rr.amplifyapp.com/js/ 3 KB
1 KB 87ms
77ms Script
text/javascript 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/js/01d1fgshfddfg.js
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09f80ca10802f98940f23c2a76b9b77223896613dd88255aa615a8b6aac9b0ca

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"3f456601d270ab3d5dfcfe10b2137b41"
age: 581
via: 1.1 dad4633d6e81b039f26ce216fdf872ac.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: G4c27ubsLiThoR105RMs6Y5QGo8YPvAweH8c-eIqSPhwSIg8CbV5KA==
date: Sat, 18 Apr 2026 05:07:44 GMT
content-type: text/javascript
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7
vary: Accept-Encoding

GET
H/1.1 200
OK u97fhg2qmg Show response
www.clarity.ms/tag/ 748 B
1 KB 373ms
126ms Script
application/x-javascript 57.155.120.218
Microsoft Corpora...

General

Check archive.org

Download Go to

Full URL: https://www.clarity.ms/tag/u97fhg2qmg
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 57.155.120.218 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: nginx /
Resource Hash: d0a19ea052e30c00cd49361a0191e0b02ba3bbbefd9f68d9ae81646e8c3a5340

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Cache-Control: no-cache, no-store
Connection: keep-alive
Request-Context: appId=cid-v1:a894a21c-0197-44e5-b203-3cbc01252c82
Expires: -1
Content-Length: 748
Date: Sat, 18 Apr 2026 05:17:25 GMT
Content-Type: application/x-javascript
Server: nginx

GET
H3

404

/ Show response
main.d1xlxsasw211rr.amplifyapp.com/events/
Redirect Chain

https://main.d1xlxsasw211rr.amplifyapp.com/events
https://main.d1xlxsasw211rr.amplifyapp.com/events/

14 KB
5 KB

263ms
263ms

XHR
text/html

99.86.195.102
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/events/
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H3
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f51a14b4b1f30e01a4935cdd731a2dbd57578b69a55d441dc71e58a636df224

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE

Response headers

content-encoding: br
etag: W/"3e0b6f042ee5344937cbd3c3c53858c4"
via: 1.1 dad4633d6e81b039f26ce216fdf872ac.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Error from cloudfront
x-amz-cf-id: 5D0ZqqpD-PvdhyCc-OmA2_RHzW-Xox6zDlPyoVeWw5wPN451Yw-CNQ==
date: Sat, 18 Apr 2026 05:17:25 GMT
content-type: text/html
x-amz-cf-pop: NRT57-P7
server: AmazonS3
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
vary: Accept-Encoding

Redirect headers

location: /events/
via: 1.1 dad4633d6e81b039f26ce216fdf872ac.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: pjMk1MGGgEyAV5WjswhqSFZrhx9HTzWoCzEcBlz8dW1RPDwPImritQ==
date: Sat, 18 Apr 2026 05:17:25 GMT
x-amz-cf-pop: NRT57-P7
server: AmazonS3

GET 02sghsjp2.mp4
newpp81.onrender.com/ 0
0

GET
H3 404 dgdh1.wav
main.d1xlxsasw211rr.amplifyapp.com/ 0
0 265ms
264ms Media
text/html 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/dgdh1.wav
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Range: bytes=0-
sec-ch-ua-mobile: ?0

Response headers

etag: "3e0b6f042ee5344937cbd3c3c53858c4"
via: 1.1 dad4633d6e81b039f26ce216fdf872ac.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Error from cloudfront
content-length: 13917
x-amz-cf-id: 4QDOYbyp77pF0g8aloIuTC64y96icgNwe9nT8hh5q6JwS-klyJQXwA==
date: Sat, 18 Apr 2026 05:17:25 GMT
content-type: text/html
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7

GET
H3 404 hel0sgfy.mp4
main.d1xlxsasw211rr.amplifyapp.com/ 6 KB
0 264ms
263ms Media
text/html 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/hel0sgfy.mp4
Requested by: Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Range: bytes=0-
sec-ch-ua-mobile: ?0

Response headers

etag: "3e0b6f042ee5344937cbd3c3c53858c4"
via: 1.1 dad4633d6e81b039f26ce216fdf872ac.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Error from cloudfront
content-length: 13917
x-amz-cf-id: oCiyaGBzf_AvLP7oIE5XgLFTzFEtCFFXCXIPGBMllaxEjgmWpSJrnA==
date: Sat, 18 Apr 2026 05:17:25 GMT
content-type: text/html
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7

GET
H3 200 02sghsjp2.mp4
mj-5ye.pages.dev/ 288 KB
0 136ms
72ms Media
video/mp4 172.66.44.254
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://mj-5ye.pages.dev/02sghsjp2.mp4

Requested by

Host: main.d1xlxsasw211rr.amplifyapp.com
URL: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.254 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Range: bytes=0-
sec-ch-ua-mobile: ?0

Response headers

nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "097802ed773d773edff79d9a3ba35d0c"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=UFBSeLrjJunglQxFZjhCJVwlZ8JpHQspRYoQySkN2RpUBWQrgy9%2Fr72Tlh7JMnhk3nl11LkBIVrvS7RRwmTlfIsNP4njr5Cb2cPBfTZbO8wjZnCy%2B9uvjTkLmgNgJSZtPnxZ"}]}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 9ee133fb3d3bd3ed-KIX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1701582
server-timing: cfExtPri
date: Sat, 18 Apr 2026 05:17:25 GMT
content-type: video/mp4
server: cloudflare
priority: u=3,i

GET
H2 200 clarity.js Show response
scripts.clarity.ms/0.8.59/ 80 KB
26 KB 281ms
88ms Script
application/javascript 2603:1061:14:187::1
Microsoft Corpora...

General

Check archive.org

Download Go to

Full URL: https://scripts.clarity.ms/0.8.59/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/u97fhg2qmg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2603:1061:14:187::1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: 6a00b1393bd74ac062ad19c64062eee1ae9c257e24949b55813a9462a4820e54

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

x-azure-ref: 20260418T051726Z-1754b6657745cw29hC1TYOgw9c0000000c40000000005tec
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DE8F624A5C8803"
x-fd-int-roxy-purgeid: 1
x-ms-request-id: e7fbe050-401e-0078-63c9-cc8d23000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Sat, 18 Apr 2026 05:17:26 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 31 Mar 2026 20:15:45 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=576D4024858D421F87D5E24B9FB0946B&RedC=c.clarity.ms&MXFR=0A19386CD50465463D412F53D1046B04
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=576D4024858D421F87D5E24B9FB0946B&MUID=1908B417D6C3686E2108A328D7516913

42 B
718 B

89ms
89ms

Image
image/gif

2603:1061:14:189::1
Microsoft Corpora...

General

Check archive.org

Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=576D4024858D421F87D5E24B9FB0946B&MUID=1908B417D6C3686E2108A328D7516913
Protocol: H2
Server: 2603:1061:14:189::1 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "27e0696673c0dc1:0"
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 42
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Sat, 18 Apr 2026 05:17:26 GMT
content-type: image/gif
last-modified: Mon, 30 Mar 2026 18:31:18 GMT
x-powered-by: ASP.NET
x-azure-ref: 20260418T051726Z-1665d9f7cc6gmz2fhC1TYO2rtw0000000c300000000049km

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=576D4024858D421F87D5E24B9FB0946B&MUID=1908B417D6C3686E2108A328D7516913
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8DAC3F589B8E463AB52A1B2E0782E6F3 Ref B: OSA251071015029 Ref C: 2026-04-18T05:17:26Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Sat, 18 Apr 2026 05:17:26 GMT
x-powered-by: ASP.NET

GET
H3

404

/
main.d1xlxsasw211rr.amplifyapp.com/index_1/
Redirect Chain

https://main.d1xlxsasw211rr.amplifyapp.com/index_1.html
https://main.d1xlxsasw211rr.amplifyapp.com/index_1/

14 KB
5 KB

263ms
263ms

Other
text/html

99.86.195.102
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/index_1/
Protocol: H3
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f51a14b4b1f30e01a4935cdd731a2dbd57578b69a55d441dc71e58a636df224

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE

Response headers

content-encoding: br
etag: W/"3e0b6f042ee5344937cbd3c3c53858c4"
via: 1.1 dad4633d6e81b039f26ce216fdf872ac.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Error from cloudfront
x-amz-cf-id: 1b2SXAlpSpa_4SwcODpPyiYGRaUW-PqI9U3osVq32s1hfDQX99PgYw==
date: Sat, 18 Apr 2026 05:17:26 GMT
content-type: text/html
x-amz-cf-pop: NRT57-P7
server: AmazonS3
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
vary: Accept-Encoding

Redirect headers

location: /index_1/
via: 1.1 dad4633d6e81b039f26ce216fdf872ac.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: 39-9Lmq6KZHTQ6vl12L4sQNu2mWF-Ym1dBie-a2Sfx-gVKEvRO1hNg==
date: Sat, 18 Apr 2026 05:17:26 GMT
x-amz-cf-pop: NRT57-P7
server: AmazonS3

POST
H/1.1 204
No Content collect Show response
n.clarity.ms/ 0
298 B 672ms
224ms XHR
text/plain 172.175.234.12
Microsoft Corpora...

General

Check archive.org

Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: scripts.clarity.ms
URL: https://scripts.clarity.ms/0.8.59/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 172.175.234.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Request-Context: appId=cid-v1:a449a586-8786-487f-a449-dc1b282a2628
Access-Control-Allow-Origin: https://main.d1xlxsasw211rr.amplifyapp.com
Date: Sat, 18 Apr 2026 05:17:26 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H3 200 index.html
main.d1xlxsasw211rr.amplifyapp.com/ 14 KB
4 KB 67ms
67ms Other
text/html 99.86.195.102
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://main.d1xlxsasw211rr.amplifyapp.com/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 99.86.195.102 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-99-86-195-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f51a14b4b1f30e01a4935cdd731a2dbd57578b69a55d441dc71e58a636df224

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/?gad_source=5&gad_campaignid=23766247148&gclid=EAIaIQobChMIp_r9_ND2kwMVvZi5BR1FRyohEAEYASAAEgL1S_D_BwE
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=0, s-maxage=31536000
content-encoding: br
etag: W/"3e0b6f042ee5344937cbd3c3c53858c4"
age: 580
via: 1.1 dad4633d6e81b039f26ce216fdf872ac.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: YmayeHSdgv2N_D-g-CBhmm8nm8_gFQN-k1-JZ6DeeBjTG10catjtIQ==
date: Sat, 18 Apr 2026 05:07:46 GMT
content-type: text/html
last-modified: Sat, 18 Apr 2026 05:06:52 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P7
vary: Accept-Encoding

POST
H/1.1 204
No Content collect Show response
n.clarity.ms/ 0
298 B 223ms
222ms XHR
text/plain 172.175.234.12
Microsoft Corpora...

General

Check archive.org

Download Go to

Full URL: https://n.clarity.ms/collect
Requested by: Host: scripts.clarity.ms
URL: https://scripts.clarity.ms/0.8.59/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 172.175.234.12 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Request-Context: appId=cid-v1:a449a586-8786-487f-a449-dc1b282a2628
Access-Control-Allow-Origin: https://main.d1xlxsasw211rr.amplifyapp.com
Date: Sat, 18 Apr 2026 05:17:27 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H3 206
Partial Content 02sghsjp2.mp4
mj-5ye.pages.dev/ 128 KB
0 61ms
60ms Media
video/mp4 172.66.44.254
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://mj-5ye.pages.dev/02sghsjp2.mp4

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.44.254 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua-platform: "Windows"
Referer: https://main.d1xlxsasw211rr.amplifyapp.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
Range: bytes=295030-
sec-ch-ua-mobile: ?0

Response headers

nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "097802ed773d773edff79d9a3ba35d0c"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=mD9USoLSWHUFWwRIr5tnvlzim7V4sy7sg68pPHMTz0nLW5EI6jE4NLKBzGBXgq%2Fyg%2BMMlMc7ePnU0k3EJyuMKtwW0R2G%2F092BJh4nhe0ynJShoQ4LPDSptQBDV%2Fq4xoOfa%2FN"}]}
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-ray: 9ee13420ed8ed3ed-KIX
Content-Range: bytes 295030-1701581/1701582
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
Content-Length: 1406552
server-timing: cfExtPri
date: Sat, 18 Apr 2026 05:17:31 GMT
content-type: video/mp4
server: cloudflare
priority: u=3,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: newpp81.onrender.com
URL: https://newpp81.onrender.com/02sghsjp2.mp4

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

14 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-21 22:13:45	Name: CLID Value: dada98b870464c309272404ba931703f.20260418.20270418
.d1xlxsasw211rr.amplifyapp.com/	1970-01-21 22:13:45	Name: _clck Value: 81gjiw%5E2%5Eg5b%5E0%5E2299
.bing.com/	1970-01-21 22:49:45	Name: MUID Value: 1908B417D6C3686E2108A328D7516913
.c.bing.com/	1970-01-21 13:38:14	Name: MR Value: 0
.c.bing.com/	1970-01-21 22:49:45	Name: SRM_B Value: 1908B417D6C3686E2108A328D7516913
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 22:49:45	Name: MUID Value: 1908B417D6C3686E2108A328D7516913
.c.clarity.ms/	1970-01-21 13:38:14	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 13:28:10	Name: ANONCHK Value: 0
.d1xlxsasw211rr.amplifyapp.com/	1970-01-21 13:29:35	Name: _clsk Value: i4ph1n%5E1776489446883%5E1%5E1%5En.clarity.ms%2Fcollect

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://main.d1xlxsasw211rr.amplifyapp.com/hel0sgfy.mp4 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://main.d1xlxsasw211rr.amplifyapp.com/dgdh1.wav Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://main.d1xlxsasw211rr.amplifyapp.com/events/ Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://main.d1xlxsasw211rr.amplifyapp.com/index_1/ Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
main.d1xlxsasw211rr.amplifyapp.com
mj-5ye.pages.dev
n.clarity.ms
newpp81.onrender.com
nippona.store
scripts.clarity.ms
www.clarity.ms
newpp81.onrender.com
172.175.234.12
172.66.44.254
172.67.189.58
2603:1061:14:187::1
2603:1061:14:189::1
2620:1ec:33::10
57.155.120.218
99.86.195.102
02b2f65af6dc9b2d3ce4524cc0df3939a2cc8f851ec39439f417faf7729bda35
09f80ca10802f98940f23c2a76b9b77223896613dd88255aa615a8b6aac9b0ca
0ef9633a9637e4167a4202a9c1f0c3376ad5451346e759371fda0dcbada2d118
1062361de4627c89f8ea0541b529769540a46687daa3f4b5c9e4a84e3de604d5
20b06790b46a305c70cdd9837e24abaa5511aed95df8fa54ad0c9ff117c6042d
250008e9dc0fe4d75cdb46c8ba05ad92f49496361419cc526ebbddaefa2f84d2
2ce965395dab2a14b0edb0f3851cb38d0a031d9e0e1bba3d0a09cc06730738b8
2f51a14b4b1f30e01a4935cdd731a2dbd57578b69a55d441dc71e58a636df224
479e677c94b37c194a8920892304c006ac89f629c4365574b9c537dc7e5f0dba
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
651fac0cdd16e75985e56ad77570f0a978aaedcf21f2a13db9c59d8925f82431
6a00b1393bd74ac062ad19c64062eee1ae9c257e24949b55813a9462a4820e54
7064eadfcd3291fcb65d7cd1ca36820581f5b54826d68024dfc29dc203907ad6
7a738278d81398475643b61e8337eebe912009c7d5d39854141ce5fb55cfbdec
9318f4c19c26a4cd08a3ed06fc21fdd6ebe7cda4c12add30b75007d30dad3f7a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a3b4a81e6687a2153a530d448edc8ef11e9034c68636c9b98950092cd4313515
b1e9d0861c6671644ad118df8150e394f8cba36b9536f64898bd35919e5515b4
cbd14f6950ad5739f32d2124d9680cc5638c7d8f0bd2a4c757970b80e6c9449b
ce9616dc67cea493708d1bb4c1abb8ac969d99c07240f2d807e39f015952f545
d0a19ea052e30c00cd49361a0191e0b02ba3bbbefd9f68d9ae81646e8c3a5340
d4f3bc4e75efb722542d52947ad623b09a164380454f26decceab576e0af59d1
dac67b4d40ccdab250479a4fc8644de097b58e90039bb8254537fb60148a85b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed1a100bcf8740c56e4bd57cff82386afe9149ef7f8051610f9ca6fe1952bd3d
f76d6601aec548e26e8b9ae2f45bcae2ae331a409dddfd92f022b63845052175

main.d1xlxsasw211rr.amplifyapp.com 99.86.195.102 Malicious Activity! Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

89 %HTTPS

38 %IPv6

6 Domains

9 Subdomains

7 IPs

3 Countries

628 kBTransfer

1349 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

main.d1xlxsasw211rr.amplifyapp.com
99.86.195.102 Malicious Activity! Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

37
Requests

89 %
HTTPS

38 %
IPv6

6
Domains

9
Subdomains

7
IPs

3
Countries

628 kB
Transfer

1349 kB
Size

10
Cookies

37 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!