uncoeurdelionmessire.com Open in urlscan Pro
104.21.29.74 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://uncoeurdelionmessire.com/
Submission: On August 25 via api (August 25th 2023, 4:05:25 pm UTC) from GB — Scanned from IT

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 23 HTTP transactions. The main IP is 104.21.29.74, located in and belongs to CLOUDFLARENET, US. The main domain is uncoeurdelionmessire.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 17th 2023. Valid for: a year.

This is the only time uncoeurdelionmessire.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
1 4	104.21.29.74 104.21.29.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	76.76.21.241 76.76.21.241	16509 (AMAZON-02) (AMAZON-02)
1	216.58.206.42 216.58.206.42	15169 (GOOGLE) (GOOGLE)
1	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	5

4 104.21.29.74 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

uncoeurdelionmessire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

gun.pcloud.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 76.76.21.241 (Walnut, United States)

ASN16509 (AMAZON-02, US)

verification-pages-45345.vercel.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.42 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	vercel.app verification-pages-45345.vercel.app	145 KB
4	uncoeurdelionmessire.com 1 redirects uncoeurdelionmessire.com	6 KB
3	pcloud.id gun.pcloud.id	62 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 982	12 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 366	31 KB
23	5

	Domain	Requested by
15	verification-pages-45345.vercel.app	uncoeurdelionmessire.com verification-pages-45345.vercel.app
4	uncoeurdelionmessire.com	1 redirects uncoeurdelionmessire.com
3	gun.pcloud.id	uncoeurdelionmessire.com
1	maxcdn.bootstrapcdn.com	verification-pages-45345.vercel.app
1	ajax.googleapis.com	verification-pages-45345.vercel.app
23	5

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-17` - `2024-02-17`	a year	crt.sh
pcloud.id GTS CA 1P5	`2023-07-23` - `2023-10-21`	3 months	crt.sh
*.vercel.app R3	`2023-07-08` - `2023-10-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://uncoeurdelionmessire.com/
Frame ID: E4B2D80844FEEDAF9D68C87544C25BD0
Requests: 4 HTTP requests in this frame

Frame: https://verification-pages-45345.vercel.app/
Frame ID: A28BD74C4DFDD399370BAE7368EBF7B1
Requests: 17 HTTP requests in this frame

Frame: https://uncoeurdelionmessire.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Frame ID: 7184F31E9D5634D7D78626B5E25D1CFE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Term Of Service

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

96 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

255 kB
Transfer

626 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://uncoeurdelionmessire.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://uncoeurdelionmessire.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
uncoeurdelionmessire.com/ 2 KB
1 KB 567ms
353ms Document
text/html 104.21.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uncoeurdelionmessire.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / DLEMP

Resource Hash

f82aa428b205214b599f1568daae100555128fdbe51c726774da3f091135f17a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fc51363ce1c0e29-MXP
content-encoding: br
content-type: text/html
date: Fri, 25 Aug 2023 16:05:18 GMT
last-modified: Thu, 24 Aug 2023 16:47:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZU2I3K1zhTXzDc3CesZ2ySzkj77for8RgUmh%2FB9yIvTOTBLfuX6Mg0wDPBhOHUiVMgPGmeouQAxHc%2BGNFbX3dpff%2BMNlRjs0aTZIh1DkFq16Pp%2B1QU64tEqzyJAlquPk%2Bqj91P0WWZkk90A%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: DLEMP
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.gun.css
gun.pcloud.id/ 118 KB
20 KB 1214ms
39ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gun.pcloud.id/bootstrap.gun.css
Requested by: Host: uncoeurdelionmessire.com
URL: https://uncoeurdelionmessire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://uncoeurdelionmessire.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 16:05:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Apr 2023 12:42:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 52186
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nA35XnU9SuwHECx%2BTS%2Flckq00zGw9S8qI03zGlPVEDMpPM%2BMQf6FgWvhpyDhqBXA5%2BaQo7VP6bKniXJ4E8nvYcw7Df8rrXW5i86YEyFiDILt5RLGXFXu8xDXCuMORA6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7fc5136d7e4c3723-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 01 Sep 2023 01:35:33 GMT

GET
H2 200 jquery.gun.js Show response
gun.pcloud.id/ 85 KB
31 KB 1231ms
57ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gun.pcloud.id/jquery.gun.js
Requested by: Host: uncoeurdelionmessire.com
URL: https://uncoeurdelionmessire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70dae469f94f214b589d53521b903830a08b4fb589d47a4c269a83c79116886a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://uncoeurdelionmessire.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 16:05:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Apr 2023 12:42:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 169599
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBs2GKBoakDpkMFv0SZlaUkzg%2BhbFn8F9LyabwIPVqYT2HVF7selXggwBJOyl%2FjLOeubsK17N9iS3yaaGLm8MPJKF6a5Ucd%2FCVk79LPZSVCs9F5d%2FvQ6nRElC7PgcnLZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7fc5136d7e523723-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 30 Aug 2023 16:58:39 GMT

GET
H2 200 bootstrap.gun.js Show response
gun.pcloud.id/ 36 KB
11 KB 1209ms
35ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gun.pcloud.id/bootstrap.gun.js
Requested by: Host: uncoeurdelionmessire.com
URL: https://uncoeurdelionmessire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://uncoeurdelionmessire.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 16:05:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Apr 2023 12:42:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 162022
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1M2oDvqzvIZp1rVrHaU%2FOrRD6fYyTtp0PtjWBYvSr8giJuGoj7ffQoE1FvRN4CaWpEdv80LrmuxxZpXF5wczjpDmWoANBuc644gFExWmAsR%2Fq7zLSitDYo8gu4nCkqJS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7fc5136d7e543723-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 30 Aug 2023 19:04:57 GMT

GET
H2 200 / Show response
verification-pages-45345.vercel.app/ Frame A28B 2 KB
1 KB 220ms
145ms Document
text/html 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://verification-pages-45345.vercel.app/

Requested by

Host: uncoeurdelionmessire.com
URL: https://uncoeurdelionmessire.com/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Nuxt

Resource Hash

b5f786a0d6970cbc38a6fb767f42da419dbba8c002dd2815a9921f8acae53714

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://uncoeurdelionmessire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language: it-IT,it;q=0.9

Response headers

age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html;charset=utf-8
date: Fri, 25 Aug 2023 16:05:19 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-powered-by: Nuxt
x-vercel-cache: MISS
x-vercel-id: fra1::iad1::55ph2-1692979519797-4f681a482eff

GET
H2

200

invisible.js Show response
uncoeurdelionmessire.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame 7184
Redirect Chain

https://uncoeurdelionmessire.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://uncoeurdelionmessire.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

7 KB
4 KB

25ms
24ms

Script
application/javascript

104.21.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://uncoeurdelionmessire.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

Requested by

Host: uncoeurdelionmessire.com
URL: https://uncoeurdelionmessire.com/

Protocol

Server

104.21.29.74 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb2e4e624020b2355fbe2ec6caf9c0d858d383ee8f998f51272b8b39fadf7eb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 16:05:19 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NI5vTtob9YGhS2f%2Fadd5AKuNtnPX3OvkzyH60KP4TfhWXqnbnGL380PUMa5gg5QKfHITfTAx7YkI0tyNevSJShqBQlDsWsyzsroTETAcd8tEw6D9C681EtSvcxK1KZXszjrM4c1TnowJOzc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7fc5136e8c680e29-MXP
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 25 Aug 2023 16:05:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXMFQ%2BiezIGZ6RArJJsWicgTDO9xV9wlEDfriKWIil1VqloZ6J3L98QlieQLUXmlmZwtd0R1EGBEpFlN15ZAOM9R1Q025%2FzkNe%2FwyLp3hmqsFmCPgXC4wBGtWUnp3ZgVkLi6dHcm1M5p4UE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
cache-control: max-age=300, public
cf-ray: 7fc5136e6c250e29-MXP
alt-svc: h3=":443"; ma=86400

POST
H3 200 7fc51363ce1c0e29 Show response
uncoeurdelionmessire.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 7184 0
599 B 47ms
47ms XHR
text/plain 104.21.29.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uncoeurdelionmessire.com/cdn-cgi/challenge-platform/h/g/cv/result/7fc51363ce1c0e29
Requested by: Host: uncoeurdelionmessire.com
URL: https://uncoeurdelionmessire.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.29.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type: application/json

Response headers

date: Fri, 25 Aug 2023 16:05:20 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBgeYACVuAS2m%2B2%2BXYvmLmNOviHdqKj9GAH1pz7%2F3ehMZ67tfvR9%2B1vFf0vFvNrm0DKLn8kzMNl3S8XjGduEy0gQqdXTdGGg46LiuRP8%2FH4hUq5Nm6Weib7F6GEsvh%2BesX5A0q6z1eQPhEw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7fc51371afb12c6f-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 custom.js Show response
verification-pages-45345.vercel.app/js/ Frame A28B 905 B
1 KB 33ms
30ms Script
application/javascript 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://verification-pages-45345.vercel.app/js/custom.js

Requested by

Host: verification-pages-45345.vercel.app
URL: https://verification-pages-45345.vercel.app/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

9e7d05b89dea7c04d4fb6f9e1c783a723ae914d1663f7171c0bcef7eb224e7cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://verification-pages-45345.vercel.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 16:05:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1::rfkcv-1692979520281-eeb3ef97d0fe
age: 82604
etag: "49288cba16963ad88c4e5a13db5df067"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="custom.js"
accept-ranges: bytes
content-length: 905

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame A28B 87 KB
31 KB 105ms
31ms Script
text/javascript 216.58.206.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: verification-pages-45345.vercel.app
URL: https://verification-pages-45345.vercel.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f10.1e100.net

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://verification-pages-45345.vercel.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 04:08:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Aug 2024 04:08:43 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/ Frame A28B 39 KB
12 KB 69ms
26ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

Requested by

Host: verification-pages-45345.vercel.app
URL: https://verification-pages-45345.vercel.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://verification-pages-45345.vercel.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 16:05:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601, 617, 617
age: 4950243
cdn-cachedat: 2021-08-01 19:19:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 6923066369371d6997c92d232b1a01f3
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7fc513720bcabad0-MXP
cdn-requestpullsuccess: True

GET
H2 200 entry.259bc8eb.js Show response
verification-pages-45345.vercel.app/_nuxt/ Frame A28B 140 KB
56 KB 32ms
32ms Script
application/javascript 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://verification-pages-45345.vercel.app/_nuxt/entry.259bc8eb.js

Requested by

Host: verification-pages-45345.vercel.app
URL: https://verification-pages-45345.vercel.app/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

bf1c5df443467d63eb35c0a7ea8ffc34a0226a6afb2419e18b0a3e5d6451a0a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://verification-pages-45345.vercel.app/
Origin: https://verification-pages-45345.vercel.app
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 16:05:20 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1::pjcb9-1692979520282-96817eff9d08
age: 82603
etag: W/"950784173caff303cd7cfdcfd8ad744a"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
content-disposition: inline; filename="entry.259bc8eb.js"

GET
H2 200 default.09b8e7fa.js
verification-pages-45345.vercel.app/_nuxt/ Frame A28B 0
324 B 52ms
51ms Other
application/javascript 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://verification-pages-45345.vercel.app/_nuxt/default.09b8e7fa.js

Requested by

Host: verification-pages-45345.vercel.app
URL: https://verification-pages-45345.vercel.app/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://verification-pages-45345.vercel.app/
Origin: https://verification-pages-45345.vercel.app
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 16:05:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1::pjcb9-1692979520291-90790af47f44
age: 82602
etag: "b5c7277643a0aaf25c51f8d95b6408bf"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
content-disposition: inline; filename="default.09b8e7fa.js"
accept-ranges: bytes
content-length: 187

GET
H2 200 guest.543b0af1.js
verification-pages-45345.vercel.app/_nuxt/ Frame A28B 0
317 B 52ms
51ms Other
application/javascript 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://verification-pages-45345.vercel.app/_nuxt/guest.543b0af1.js

Requested by

Host: verification-pages-45345.vercel.app
URL: https://verification-pages-45345.vercel.app/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://verification-pages-45345.vercel.app/
Origin: https://verification-pages-45345.vercel.app
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 16:05:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1::rfkcv-1692979520293-56047f2fbd41
age: 75286
etag: "387ad9042a400233ce4f2aca465cae37"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
content-disposition: inline; filename="guest.543b0af1.js"
accept-ranges: bytes
content-length: 187

GET
H2 200 error-404.7b8544b4.css
verification-pages-45345.vercel.app/_nuxt/ Frame A28B 0
1 KB 52ms
51ms Other
text/css 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://verification-pages-45345.vercel.app/_nuxt/error-404.7b8544b4.css

Requested by

Host: verification-pages-45345.vercel.app
URL: https://verification-pages-45345.vercel.app/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://verification-pages-45345.vercel.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 16:05:20 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1::xnf8n-1692979520293-11bf662f25f8
age: 75286
etag: W/"40e811a751162519dde9f2ef0ae3930a"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
content-disposition: inline; filename="error-404.7b8544b4.css"

GET
H2 200 error-404.28bf4a97.js
verification-pages-45345.vercel.app/_nuxt/ Frame A28B 0
3 KB 54ms
53ms Other
application/javascript 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://verification-pages-45345.vercel.app/_nuxt/error-404.28bf4a97.js

Requested by

Host: verification-pages-45345.vercel.app
URL: https://verification-pages-45345.vercel.app/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://verification-pages-45345.vercel.app/
Origin: https://verification-pages-45345.vercel.app
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 16:05:20 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1::2dgmv-1692979520293-fdf748049e22
age: 75286
etag: W/"27dd44a86659255cf131ab59749e107c"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
content-disposition: inline; filename="error-404.28bf4a97.js"

GET
H2 200 error-500.cbe832a1.css
verification-pages-45345.vercel.app/_nuxt/ Frame A28B 0
881 B 52ms
52ms Other
text/css 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://verification-pages-45345.vercel.app/_nuxt/error-500.cbe832a1.css

Requested by

Host: verification-pages-45345.vercel.app
URL: https://verification-pages-45345.vercel.app/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://verification-pages-45345.vercel.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 16:05:20 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1::5kd8l-1692979520293-06e60fa586d6
age: 75286
etag: W/"a289f25c4ffb31c085f8291b3dcb4cf4"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
content-disposition: inline; filename="error-500.cbe832a1.css"

GET
H2 200 error-500.5f425638.js
verification-pages-45345.vercel.app/_nuxt/ Frame A28B 0
1 KB 54ms
54ms Other
application/javascript 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://verification-pages-45345.vercel.app/_nuxt/error-500.5f425638.js

Requested by

Host: verification-pages-45345.vercel.app
URL: https://verification-pages-45345.vercel.app/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://verification-pages-45345.vercel.app/
Origin: https://verification-pages-45345.vercel.app
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 16:05:20 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1::pjcb9-1692979520294-5943b9f248a1
age: 75286
etag: W/"06976fa9367e5c59180263f991285547"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
content-disposition: inline; filename="error-500.5f425638.js"

GET
H2 200 index.57323940.js Show response
verification-pages-45345.vercel.app/_nuxt/ Frame A28B 10 KB
5 KB 38ms
37ms Script
application/javascript 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://verification-pages-45345.vercel.app/_nuxt/index.57323940.js

Requested by

Host: verification-pages-45345.vercel.app
URL: https://verification-pages-45345.vercel.app/_nuxt/entry.259bc8eb.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

9a6dc1cc59bce3f56c7b9866979fa4bd9f0930a41830f5849703f15e924b522b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
Origin: https://verification-pages-45345.vercel.app
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 16:05:20 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1::r7c2q-1692979520433-f772280b047f
age: 82603
etag: W/"0f0bd6eead83db399c020a0c0d74423e"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
content-disposition: inline; filename="index.57323940.js"

GET
H2 200 inF0loCk.5a5d93b7.js Show response
verification-pages-45345.vercel.app/_nuxt/ Frame A28B 104 B
235 B 31ms
30ms Script
application/javascript 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://verification-pages-45345.vercel.app/_nuxt/inF0loCk.5a5d93b7.js

Requested by

Host: verification-pages-45345.vercel.app
URL: https://verification-pages-45345.vercel.app/_nuxt/entry.259bc8eb.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4099fe2c082562adea11db7f7e34f3283387d65e16694aeba1f57eda2b5addf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
Origin: https://verification-pages-45345.vercel.app
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 16:05:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1::98qzz-1692979520437-6e1e46cd1cfa
age: 82602
etag: "6106af31750f3e5d32b9b2ac1d86e63c"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
content-disposition: inline; filename="inF0loCk.5a5d93b7.js"
accept-ranges: bytes
content-length: 104

GET
H2 200 default.09b8e7fa.js Show response
verification-pages-45345.vercel.app/_nuxt/ Frame A28B 187 B
257 B 32ms
32ms Script
application/javascript 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://verification-pages-45345.vercel.app/_nuxt/default.09b8e7fa.js

Requested by

Host: verification-pages-45345.vercel.app
URL: https://verification-pages-45345.vercel.app/_nuxt/entry.259bc8eb.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

58daf5f45d1f4af0bdd5f7ba51c65c39e6ecb6d0a77b29554b19788225d74f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://verification-pages-45345.vercel.app/
Origin: https://verification-pages-45345.vercel.app
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 16:05:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1::rwwtv-1692979520501-7e48f414bdc9
age: 82602
etag: "b5c7277643a0aaf25c51f8d95b6408bf"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
content-disposition: inline; filename="default.09b8e7fa.js"
accept-ranges: bytes
content-length: 187

GET
H2 200 style-info.bd6dbb79.css
verification-pages-45345.vercel.app/_nuxt/ Frame A28B 26 KB
7 KB 32ms
31ms Stylesheet
text/css 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://verification-pages-45345.vercel.app/_nuxt/style-info.bd6dbb79.css

Requested by

Host: verification-pages-45345.vercel.app
URL: https://verification-pages-45345.vercel.app/_nuxt/entry.259bc8eb.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

bd6dbb798426bd1cc96d44e39fc44edfb7afdb129603e9a393a739ee7062bb7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://verification-pages-45345.vercel.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 16:05:20 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1::7mkqh-1692979520554-1436b6593a2d
age: 82602
etag: W/"a5754bae7b3d33a366d48256250f13f5"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
content-disposition: inline; filename="style-info.bd6dbb79.css"

GET
H2 200 interview.b7eab2fc.css
verification-pages-45345.vercel.app/_nuxt/ Frame A28B 7 KB
1 KB 30ms
29ms Stylesheet
text/css 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://verification-pages-45345.vercel.app/_nuxt/interview.b7eab2fc.css

Requested by

Host: verification-pages-45345.vercel.app
URL: https://verification-pages-45345.vercel.app/_nuxt/entry.259bc8eb.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

b7eab2fc15845e24efe5a4c9216fb4b50d32b1ca73fe184434ba33b6e681bc59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://verification-pages-45345.vercel.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 16:05:20 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1::rwwtv-1692979520555-ad75061a85f1
age: 82602
etag: W/"57a8ff4373e04e420f0389a1938b0c27"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
content-disposition: inline; filename="interview.b7eab2fc.css"

GET
H2 200 inF0loCk.png
verification-pages-45345.vercel.app/img/ Frame A28B 65 KB
66 KB 31ms
29ms Image
image/png 76.76.21.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://verification-pages-45345.vercel.app/img/inF0loCk.png

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

76.76.21.241 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

579688068d5233880af95e437cd2761356187ca24b446fc02f2719eff5741382

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://verification-pages-45345.vercel.app/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 25 Aug 2023 16:05:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: Vercel
x-vercel-id: fra1::7mkqh-1692979520561-7483bbb4917c
age: 82602
etag: "c6037b92cca3fc8de6a447ab665a4b48"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="inF0loCk.png"
accept-ranges: bytes
content-length: 67059

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.uncoeurdelionmessire.com/	1970-01-20 23:01:55	Name: cf_clearance Value: iet4s8RfT40yO8.JVN.KEZNDKl7rdVAV21WbJSJdEM0-1692979520-0-1-c999a304.1caa92b1.4b0151d0-0.2.1692979520

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
gun.pcloud.id
maxcdn.bootstrapcdn.com
uncoeurdelionmessire.com
verification-pages-45345.vercel.app
104.18.11.207
104.21.29.74
188.114.96.3
216.58.206.42
76.76.21.241
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
4099fe2c082562adea11db7f7e34f3283387d65e16694aeba1f57eda2b5addf0
579688068d5233880af95e437cd2761356187ca24b446fc02f2719eff5741382
58daf5f45d1f4af0bdd5f7ba51c65c39e6ecb6d0a77b29554b19788225d74f95
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
70dae469f94f214b589d53521b903830a08b4fb589d47a4c269a83c79116886a
9a6dc1cc59bce3f56c7b9866979fa4bd9f0930a41830f5849703f15e924b522b
9e7d05b89dea7c04d4fb6f9e1c783a723ae914d1663f7171c0bcef7eb224e7cf
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
b5f786a0d6970cbc38a6fb767f42da419dbba8c002dd2815a9921f8acae53714
b7eab2fc15845e24efe5a4c9216fb4b50d32b1ca73fe184434ba33b6e681bc59
bd6dbb798426bd1cc96d44e39fc44edfb7afdb129603e9a393a739ee7062bb7c
bf1c5df443467d63eb35c0a7ea8ffc34a0226a6afb2419e18b0a3e5d6451a0a0
cb2e4e624020b2355fbe2ec6caf9c0d858d383ee8f998f51272b8b39fadf7eb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f82aa428b205214b599f1568daae100555128fdbe51c726774da3f091135f17a

uncoeurdelionmessire.com Open in urlscan Pro 104.21.29.74 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

23 Requests

96 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

255 kBTransfer

626 kBSize

1 Cookies

0 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

uncoeurdelionmessire.com Open in urlscan Pro
104.21.29.74 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

96 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

255 kB
Transfer

626 kB
Size

1
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!