order-mypcrtestkits.com Open in urlscan Pro
34.118.8.241  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://order-mypcrtestkits.com/ Page URL
2. http://order-mypcrtestkits.com/cloud.php?n=8599 Page URL
3. http://order-mypcrtestkits.com/main/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response order-mypcrtestkits.com/	396 KB 49 KB	256ms 187ms	Document text/html	34.118.8.241 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL http://order-mypcrtestkits.com/ Protocol HTTP/1.1 Server 34.118.8.241 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 241.8.118.34.bc.googleusercontent.com Software nginx / Resource Hash 002c2f8be7fc3cdd0d514b0886c4a54064f8f69d3c69312bb05cacbf8ff61a57 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-encoding gzip content-length 49565 content-type text/html; charset=UTF-8 date Mon, 17 Oct 2022 12:29:07 GMT server nginx vary Accept-Encoding
GET H2	200	jquery.js Show response code.jquery.com/	276 KB 82 KB	115ms 40ms	Script application/javascript	2001:4de0:ac18::1:a:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery.js Requested by Host: order-mypcrtestkits.com URL: http://order-mypcrtestkits.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc Request headers accept-language en-GB,en;q=0.9 Referer http://order-mypcrtestkits.com/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36 Response headers date Mon, 17 Oct 2022 12:29:07 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-4508e" vary Accept-Encoding x-hw 1666009747.dop218.lo4.t,1666009747.cds087.lo4.hn,1666009747.cds239.lo4.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 83875
GET H/1.1	200 OK	m3d.compiled.js Show response order-mypcrtestkits.com/m3dularbh/	3 KB 2 KB	120ms 120ms	Script application/javascript	34.118.8.241 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL http://order-mypcrtestkits.com/m3dularbh/m3d.compiled.js Requested by Host: order-mypcrtestkits.com URL: http://order-mypcrtestkits.com/ Protocol HTTP/1.1 Server 34.118.8.241 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 241.8.118.34.bc.googleusercontent.com Software nginx / Resource Hash 035e6621c40c782cd443742228ef6c1dd0667c13951c4ce5400c510eb48076c9 Request headers accept-language en-GB,en;q=0.9 Referer http://order-mypcrtestkits.com/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36 Response headers date Mon, 17 Oct 2022 12:29:07 GMT content-encoding gzip last-modified Sat, 09 Jul 2022 14:46:26 GMT server nginx etag W/"62c994c2-ca4" transfer-encoding chunked content-type application/javascript cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
POST H/1.1	200 OK	cloud.php Show response order-mypcrtestkits.com/	351 KB 42 KB	142ms 142ms	Document text/html	34.118.8.241 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL http://order-mypcrtestkits.com/cloud.php?n=8599 Protocol HTTP/1.1 Server 34.118.8.241 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 241.8.118.34.bc.googleusercontent.com Software nginx / Resource Hash b182dc8c1584e59ff5b1e2ebe740607a0631fa4650af0298bd81899ee9c62ae2 Request headers Content-Type application/x-www-form-urlencoded Origin http://order-mypcrtestkits.com Referer http://order-mypcrtestkits.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-encoding gzip content-length 42920 content-type text/html; charset=UTF-8 date Mon, 17 Oct 2022 12:29:08 GMT server nginx vary Accept-Encoding
GET H2	200	jquery-2.2.4.min.js Show response code.jquery.com/	84 KB 29 KB	104ms 34ms	Script application/javascript	2001:4de0:ac18::1:a:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-2.2.4.min.js Requested by Host: order-mypcrtestkits.com URL: http://order-mypcrtestkits.com/cloud.php?n=8599 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Request headers Referer http://order-mypcrtestkits.com/ Origin http://order-mypcrtestkits.com accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36 Response headers date Mon, 17 Oct 2022 12:29:08 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-14e4a" vary Accept-Encoding x-hw 1666009748.dop071.lo4.t,1666009748.cds296.lo4.hn,1666009748.cds003.lo4.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 29811
GET H/1.1	200 OK	ajax.php order-mypcrtestkits.com/m3dularbh/	0 130 B	126ms 125ms	XHR text/html	34.118.8.241 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL http://order-mypcrtestkits.com/m3dularbh/ajax.php?n=m3d Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-2.2.4.min.js Protocol HTTP/1.1 Server 34.118.8.241 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 241.8.118.34.bc.googleusercontent.com Software nginx / Resource Hash Request headers Accept */* Referer http://order-mypcrtestkits.com/cloud.php?n=8599 X-Requested-With XMLHttpRequest accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36 Response headers date Mon, 17 Oct 2022 12:29:09 GMT server nginx content-length 0 content-type text/html; charset=UTF-8
POST H/1.1	200 OK	Primary Request / Show response order-mypcrtestkits.com/main/	17 KB 4 KB	127ms 125ms	Document text/html	34.118.8.241 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL http://order-mypcrtestkits.com/main/ Protocol HTTP/1.1 Server 34.118.8.241 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 241.8.118.34.bc.googleusercontent.com Software nginx / Resource Hash b42e4b001a9a32b1b9626740d88541d7a4742db0057a20a160cfe5dd6623fc53 Request headers Content-Type application/x-www-form-urlencoded Origin http://order-mypcrtestkits.com Referer http://order-mypcrtestkits.com/cloud.php?n=8599 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-encoding gzip content-length 3916 content-type text/html; charset=UTF-8 date Mon, 17 Oct 2022 12:29:09 GMT server nginx vary Accept-Encoding
GET H/1.1	200 OK	FrutigerLTW01-55Roman.woff2 order-mypcrtestkits.com/main/fonts/	17 KB 17 KB	125ms 123ms	Font font/woff2	34.118.8.241 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL http://order-mypcrtestkits.com/main/fonts/FrutigerLTW01-55Roman.woff2 Requested by Host: order-mypcrtestkits.com URL: http://order-mypcrtestkits.com/main/ Protocol HTTP/1.1 Server 34.118.8.241 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 241.8.118.34.bc.googleusercontent.com Software nginx / Resource Hash 886f640d4cb31c0114351f25e5eeba98b79e7ae405fcc2ca50aac6ed79ff8995 Request headers Referer http://order-mypcrtestkits.com/main/ Origin http://order-mypcrtestkits.com accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36 Response headers date Mon, 17 Oct 2022 12:29:09 GMT last-modified Sat, 09 Jul 2022 14:46:24 GMT server nginx etag "62c994c0-4384" content-type font/woff2 cache-control max-age=315360000 accept-ranges bytes content-length 17284 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	FrutigerLTW01-65Bold.woff2 order-mypcrtestkits.com/main/fonts/	17 KB 17 KB	180ms 123ms	Font font/woff2	34.118.8.241 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL http://order-mypcrtestkits.com/main/fonts/FrutigerLTW01-65Bold.woff2 Requested by Host: order-mypcrtestkits.com URL: http://order-mypcrtestkits.com/main/ Protocol HTTP/1.1 Server 34.118.8.241 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 241.8.118.34.bc.googleusercontent.com Software nginx / Resource Hash d7a61b8131c25f4f7949162fcf342c8ba52b0257756aaacf23aa948f0403c842 Request headers Referer http://order-mypcrtestkits.com/main/ Origin http://order-mypcrtestkits.com accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36 Response headers date Mon, 17 Oct 2022 12:29:09 GMT last-modified Sat, 09 Jul 2022 14:46:24 GMT server nginx etag "62c994c0-4340" content-type font/woff2 cache-control max-age=315360000 accept-ranges bytes content-length 17216 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	main.0a8983858941.css order-mypcrtestkits.com/main/static/nhsuk/css/	131 KB 18 KB	186ms 131ms	Stylesheet text/css	34.118.8.241 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL http://order-mypcrtestkits.com/main/static/nhsuk/css/main.0a8983858941.css Requested by Host: order-mypcrtestkits.com URL: http://order-mypcrtestkits.com/main/ Protocol HTTP/1.1 Server 34.118.8.241 Warsaw, Poland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 241.8.118.34.bc.googleusercontent.com Software nginx / Resource Hash 473e82fed60b3c3d3a528ccd66946f6fe3de6d58ce358f4a3aee7a17ccc080e3 Request headers accept-language en-GB,en;q=0.9 Referer http://order-mypcrtestkits.com/main/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36 Response headers date Mon, 17 Oct 2022 12:29:09 GMT content-encoding gzip last-modified Sat, 09 Jul 2022 14:46:24 GMT server nginx etag W/"62c994c0-20dd5" transfer-encoding chunked content-type text/css cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	FrutigerLTW01-55Roman.woff2 assets.nhs.uk/fonts/	17 KB 17 KB	238ms 46ms	Font application/octet-stream	96.16.146.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.nhs.uk/fonts/FrutigerLTW01-55Roman.woff2 Requested by Host: order-mypcrtestkits.com URL: http://order-mypcrtestkits.com/main/static/nhsuk/css/main.0a8983858941.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.146.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-146-114.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash 886f640d4cb31c0114351f25e5eeba98b79e7ae405fcc2ca50aac6ed79ff8995 Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Referer http://order-mypcrtestkits.com/ Origin http://order-mypcrtestkits.com accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36 Response headers x-ms-blob-type BlockBlob date Mon, 17 Oct 2022 12:29:10 GMT strict-transport-security max-age=63072000 content-md5 lRIDEWIJgHewKikdW/afDg== content-length 17284 x-ms-lease-status unlocked last-modified Tue, 09 Apr 2019 10:17:13 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 etag 0x8D6BCD488B0257A content-type application/octet-stream access-control-allow-origin * x-ms-request-id 3c6ee1df-501e-0063-0247-ceee60000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=2628288 x-ms-version 2009-09-19 x-datastream-cache-status 1 expires Wed, 16 Nov 2022 22:33:58 GMT
GET DATA	200 OK	truncated /	296 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 453c06b657dfde66cb3a88a952795b75884a028f7397d20c2d4c071bc58c719c Request headers accept-language en-GB,en;q=0.9 Referer http://order-mypcrtestkits.com/ User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	FrutigerLTW01-65Bold.eot assets.nhs.uk/fonts/	17 KB 17 KB	271ms 82ms	Font application/octet-stream	96.16.146.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://assets.nhs.uk/fonts/FrutigerLTW01-65Bold.eot? Requested by Host: order-mypcrtestkits.com URL: http://order-mypcrtestkits.com/main/static/nhsuk/css/main.0a8983858941.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 96.16.146.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-146-114.deploy.static.akamaitechnologies.com Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash f3d208433e88c1fd7d17efa9dcd0bff7d8f2801afd9a08a5d33cfa0314ff42bd Security Headers Name Value Strict-Transport-Security max-age=63072000 Request headers Referer http://order-mypcrtestkits.com/ Origin http://order-mypcrtestkits.com accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type BlockBlob date Mon, 17 Oct 2022 12:29:10 GMT strict-transport-security max-age=63072000 last-modified Tue, 09 Apr 2019 10:17:13 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 content-md5 6BxtUv3r1NV2PGHArNsssg== etag 0x8D6BCD4891A933A content-type application/octet-stream access-control-allow-origin * x-ms-request-id 3c706c8c-501e-0063-4248-ceee60000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 content-length 17209 x-datastream-cache-status 1

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NHS UK (Healthcare)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://order-mypcrtestkits.com/main/ Message: Failed to decode downloaded font: https://assets.nhs.uk/fonts/FrutigerLTW01-65Bold.eot?#iefix
other	warning	URL: http://order-mypcrtestkits.com/main/ Message: OTS parsing error: invalid sfntVersion: 960692224

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nhs.uk
code.jquery.com
order-mypcrtestkits.com
2001:4de0:ac18::1:a:3a
34.118.8.241
96.16.146.114
002c2f8be7fc3cdd0d514b0886c4a54064f8f69d3c69312bb05cacbf8ff61a57
035e6621c40c782cd443742228ef6c1dd0667c13951c4ce5400c510eb48076c9
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
453c06b657dfde66cb3a88a952795b75884a028f7397d20c2d4c071bc58c719c
473e82fed60b3c3d3a528ccd66946f6fe3de6d58ce358f4a3aee7a17ccc080e3
886f640d4cb31c0114351f25e5eeba98b79e7ae405fcc2ca50aac6ed79ff8995
b182dc8c1584e59ff5b1e2ebe740607a0631fa4650af0298bd81899ee9c62ae2
b42e4b001a9a32b1b9626740d88541d7a4742db0057a20a160cfe5dd6623fc53
d7a61b8131c25f4f7949162fcf342c8ba52b0257756aaacf23aa948f0403c842
f3d208433e88c1fd7d17efa9dcd0bff7d8f2801afd9a08a5d33cfa0314ff42bd