storage.googleapis.com Open in urlscan Pro
2607:f8b0:4006:821::2010 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://protect-us.mimecast.com/s/35b2C4xJ9xi33MZgfOXLPS?domain=linkprotect.cudasvc.com
Effective URL:
https://storage.googleapis.com/wm-sec-up-2.appspot.com/index.html?email=
Submission: On March 21 via manual (March 21st 2022, 1:24:54 am UTC) from IN — Scanned from US

Summary HTTP 73 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 7 domains to perform 73 HTTP transactions. The main IP is 2607:f8b0:4006:821::2010, located in Queens, United States and belongs to GOOGLE, US. The main domain is storage.googleapis.com. The Cisco Umbrella rank of the primary domain is 425.
TLS certificate: Issued by GTS CA 1C3 on February 28th 2022. Valid for: 3 months.

This is the only time storage.googleapis.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
2 2	205.139.111.113 205.139.111.113	30031 (MIMECAST-) (MIMECAST-)
1 1	34.225.255.234 34.225.255.234	14618 (AMAZON-AES) (AMAZON-AES)
1 1	20.118.48.0 20.118.48.0	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:4006:821::2010	15169 (GOOGLE) (GOOGLE)
12	20.40.202.35 20.40.202.35	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.14.25.244 52.14.25.244	16509 (AMAZON-02) (AMAZON-02)
1 2	99.84.42.116 99.84.42.116	16509 (AMAZON-02) (AMAZON-02)
73	5

2 205.139.111.113 (United States) 2 redirects

ASN30031 (MIMECAST-, US)
PTR: us-api.mimecast.com

protect-us.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.255.234 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-255-234.compute-1.amazonaws.com

linkprotect.cudasvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.118.48.0 (Des Moines, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lexus360.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2010 (Queens, United States)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 20.40.202.35 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

moneylogss.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.14.25.244 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-14-25-244.us-east-2.compute.amazonaws.com

daybag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.42.116 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-42-116.ewr52.r.cloudfront.net

logo.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	azurewebsites.net 1 redirects lexus360.azurewebsites.net moneylogss.azurewebsites.net	172 KB
2	clearbit.com 1 redirects logo.clearbit.com — Cisco Umbrella Rank: 24264	8 KB
2	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 425	14 KB
2	mimecast.com 2 redirects protect-us.mimecast.com — Cisco Umbrella Rank: 8294	2 KB
1	daybag.com daybag.com
1	cudasvc.com 1 redirects linkprotect.cudasvc.com — Cisco Umbrella Rank: 8854	672 B
0	googletagmanager.com Failed www.googletagmanager.com Failed
73	7

	Domain	Requested by
12	moneylogss.azurewebsites.net	storage.googleapis.com moneylogss.azurewebsites.net
2	logo.clearbit.com	1 redirects storage.googleapis.com
2	storage.googleapis.com	storage.googleapis.com
2	protect-us.mimecast.com	2 redirects
1	daybag.com	storage.googleapis.com
1	lexus360.azurewebsites.net	1 redirects
1	linkprotect.cudasvc.com	1 redirects
0	www.googletagmanager.com Failed	moneylogss.azurewebsites.net
73	8

This site contains no links.

Subject Issuer	Validity	Valid
*.storage.googleapis.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.azurewebsites.net Microsoft RSA TLS CA 02	`2021-07-07` - `2022-07-07`	a year	crt.sh
daybag.com R3	`2022-02-17` - `2022-05-18`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://storage.googleapis.com/wm-sec-up-2.appspot.com/index.html?email=
Frame ID: 94A82257896FA324F17E27A56A84455C
Requests: 12 HTTP requests in this frame

Frame: https://daybag.com/
Frame ID: CE0102C491806D75749BC166159EC38A
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webmail Portal Access

Page URL History Show full URLs

https://protect-us.mimecast.com/s/35b2C4xJ9xi33MZgfOXLPS?domain=linkprotect.cudasvc.com HTTP 307
https://protect-us.mimecast.com/redirect/eNqtVG1P20gQ_iuRJfopMftir73oencUykFbEDTtAbqcon0ZJwa_1btOGir--40depR... HTTP 307
https://linkprotect.cudasvc.com/url?a=https%3a%2f%2flexus360.azurewebsites.net%2fad..php%23bcouch%40daybag.c... HTTP 302
https://lexus360.azurewebsites.net/ad..php HTTP 302
https://storage.googleapis.com/wm-sec-up-2.appspot.com/index.html?email= Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

21 %
HTTPS

14 %
IPv6

7
Domains

8
Subdomains

5
IPs

1
Countries

193 kB
Transfer

693 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protect-us.mimecast.com/s/35b2C4xJ9xi33MZgfOXLPS?domain=linkprotect.cudasvc.com HTTP 307
https://protect-us.mimecast.com/redirect/eNqtVG1P20gQ_iuRJfopMftir73oencUykFbEDTtAbqcon0ZJwa_1btOGir--40depRrq-uHSpHi2Xl_5pn5FLSm8cFe4FR1ozahU00Lv2etqm6LvPJQNgX4ugpNXQbjoKhNsEfHQQsG8sb7vASURZQwJlkcEUJQh9HYOFDeK7PMq6zG4J9mD3IJlXezYO8vfMnyAs5UCSjOAo8ZXZk7l2MyKItZMJ4FbqnooDXC2kgomUUpSCtopLliMbfCMsFYprWU1ogk_uzFYjH46cQKqUiWpkBik0qqdUYjKkgSxZJnGeOUUJkASJUZyyICGSdWiwjQSEs7xCttPAQjSQJRpnkSKR2zCEOwhEvFsaxEScYH47au_fRnF4Awv9s0W6BKcE4tYLbbZiZlbOJ8pzVsDV1-1xvJhNyP_wuwru0mXPryKbBZFHFtLcSK0wyoVtRASmKSmURmGU_BWo2gfwWsjZkUVLEM21AgpM2UTiSJU5GBSZPEEJUyrWTKBHYoSMQjHWeJ5ZJLbYV6CqyOrdIMURIkk5GNpBY2IhFT-J8w_S1gf04BXwLr4aOf7SJCxRMsezD_vkfu2xxZ32_KSYVSk9tgL0qR79oh30mMTwqXIzh4P92P030cKlqpweFgCeb2_ds32wckOL7tG4OiK5VbohQLSKiGxCaJNEmsI0WsYUiemIi470wbmiJhepfKtuiR--8uqev0DVpcdAoNfF7BaArtCtrRZe6XSyjsiI9Otyxyo8loW9KoArBgR74etVCAcjB6YNooq9vRD10HX_rTuqsQmKBzHtpSBj085itY-pPzeBkQ1rzJvzgM1WfOTvt049F0SD5MBUqVF4Pu_ysaHGyNHtWW69822k4XXD9QSrmQJCUp3QL9WOS_NX0_1WNt3xvOD1aERnkzGERxSHkSMhbSNBkUy9r5QdV_gJ3oTdhvRqE20IYVoO5-O4mz2uJtDgglKOcNfj4Jho-lW_Q9B78wwhjhFDcuInEUCnYkaXzw8vBQHAr6Un67l1_7CFuGeNyA4CEIZ7wPwiOB-q4tULP0vnF7s93ZLsa4bdra4x6FprPKrczQ8S4a_qaeD4Y7XO2wDH8FfOwcFyRUd10La9Au9-D6HlGpbBg2y2aHcW3qzix3ImLVRqtFH--Zef5yTMevbqA4WBN4fXWVXB_ddYvcVR9PXvjk1flqtY7L4lQ0R38cl7f-aH19dH2mN3-evF6VL-TJOnNTpw7Oi-xinZ65Nx_E5dXy8O6yurxeK3bavaA3V_klf2uKk256-m5_PH7mN039nPZE6jd-MTcTmHeO0Lnk85WVfELJ_HEH5lu0UE3Z_GFXJjiqCWVxwhHFOMZQi26Yz6vzaDU_vjg7P-4uL0r2bvIB_PEC9QY96xJasx310xWDxfbQPOA96VzYnzujnB_W9f4fyfF8_w HTTP 307
https://linkprotect.cudasvc.com/url?a=https%3a%2f%2flexus360.azurewebsites.net%2fad..php%23bcouch%40daybag.com&c=E,1,JjelCw0eKXX7YFzugisnxIBt7JPvvw5mlM6pFGHmktFwYFYNbyVIKvmB9IwfsSsaCPlfQw8NsLq6WXhDzWnWYwa2MuB1jXiW3RclIuSMTA,,&typo=1 HTTP 302
https://lexus360.azurewebsites.net/ad..php HTTP 302
https://storage.googleapis.com/wm-sec-up-2.appspot.com/index.html?email= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://logo.clearbit.com/https://daybag.com HTTP 301
https://logo.clearbit.com/https:/daybag.com

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.html Show response
storage.googleapis.com/wm-sec-up-2.appspot.com/
Redirect Chain

https://protect-us.mimecast.com/s/35b2C4xJ9xi33MZgfOXLPS?domain=linkprotect.cudasvc.com
https://protect-us.mimecast.com/redirect/eNqtVG1P20gQ_iuRJfopMftir73oencUykFbEDTtAbqcon0ZJwa_1btOGir--40depRrq-uHSpHi2Xl_5pn5FLSm8cFe4FR1ozahU00Lv2etqm6LvPJQNgX4ugpNXQbjoKhNsEfHQQsG8sb7vASURZQwJlkc...
https://linkprotect.cudasvc.com/url?a=https%3a%2f%2flexus360.azurewebsites.net%2fad..php%23bcouch%40daybag.com&c=E,1,JjelCw0eKXX7YFzugisnxIBt7JPvvw5mlM6pFGHmktFwYFYNbyVIKvmB9IwfsSsaCPlfQw8NsLq6WXhD...
https://lexus360.azurewebsites.net/ad..php
https://storage.googleapis.com/wm-sec-up-2.appspot.com/index.html?email=

13 KB
14 KB

412ms
360ms

Document
text/html

2607:f8b0:4006:821::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/wm-sec-up-2.appspot.com/index.html?email=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::2010 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: acd97e21e22319e600a577453dfc9e68ffcaa09b70942de914f11d038cbddbca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9

Response headers

x-guploader-uploadid: ADPycdsXp0mp3a6uVPvSDDHkFogmqkQWxz7SuB_zevzWarG9c7aWCGdX5QU1tbwtpChDhaQCACF2hwFmyMXH37NtbgEB5l5U_g
expires: Mon, 21 Mar 2022 02:24:49 GMT
date: Mon, 21 Mar 2022 01:24:49 GMT
cache-control: public, max-age=3600
last-modified: Tue, 01 Feb 2022 17:45:01 GMT
etag: "5b28f9ed1b78b2b36092239d6fd65455"
x-goog-generation: 1643737501335997
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 13474
content-type: text/html
x-goog-hash: crc32c=RSt+ng== md5=Wyj57Rt4srNgkiOdb9ZUVQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 13474
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

Content-Type: text/html; charset=UTF-8
Location: https://storage.googleapis.com/wm-sec-up-2.appspot.com/index.html?email=
Server: nginx/1.14.2
X-Powered-By: PHP/8.0.13
Date: Mon, 21 Mar 2022 01:24:48 GMT
Content-Length: 0

GET
H/1.1 200
OK bootstrap.css
moneylogss.azurewebsites.net/work/jenis_files/ 157 KB
24 KB 256ms
70ms Stylesheet
text/css 20.40.202.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moneylogss.azurewebsites.net/work/jenis_files/bootstrap.css
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/wm-sec-up-2.appspot.com/index.html?email=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.35 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://storage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 01:24:49 GMT
Content-Encoding: gzip
ETag: "80f8a9139217d81:0"
Last-Modified: Tue, 01 Feb 2022 17:35:17 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 23853

GET
H/1.1 200
OK jquery.htm Show response
moneylogss.azurewebsites.net/work/jenis_files/ 0
0 265ms
72ms Script
text/html 20.40.202.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moneylogss.azurewebsites.net/work/jenis_files/jquery.htm
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/wm-sec-up-2.appspot.com/index.html?email=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.35 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://storage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK bootstrap.js Show response
moneylogss.azurewebsites.net/work/jenis_files/ 50 KB
19 KB 281ms
87ms Script
application/x-javascript 20.40.202.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moneylogss.azurewebsites.net/work/jenis_files/bootstrap.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/wm-sec-up-2.appspot.com/index.html?email=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.35 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://storage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 01:24:49 GMT
Content-Encoding: gzip
ETag: "2177b149217d81:0"
Last-Modified: Tue, 01 Feb 2022 17:35:18 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 19310

GET
H/1.1 200
OK jenis.png
moneylogss.azurewebsites.net/work/jenis_files/ 10 KB
11 KB 170ms
54ms Image
image/png 20.40.202.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://moneylogss.azurewebsites.net/work/jenis_files/jenis.png
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/wm-sec-up-2.appspot.com/index.html?email=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.35 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5cb3a53b3457072ed386188a4680e605eba18ff3bea01fcac6bb9f9ac665a604

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://storage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 01:24:49 GMT
Last-Modified: Tue, 01 Feb 2022 17:35:19 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "1c60e6149217d81:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10440

GET jquery-3.js
moneylogss.azurewebsites.net/work/jenis_files/ 0
0

GET popper.js
moneylogss.azurewebsites.net/work/jenis_files/ 0
0

GET bootstrap_002.js
moneylogss.azurewebsites.net/work/jenis_files/ 0
0

GET
H/1.1 200
OK jquery.js Show response
moneylogss.azurewebsites.net/work/jenis_files/ 84 KB
38 KB 72ms
71ms Script
application/x-javascript 20.40.202.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moneylogss.azurewebsites.net/work/jenis_files/jquery.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/wm-sec-up-2.appspot.com/index.html?email=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.35 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://storage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 01:24:49 GMT
Content-Encoding: gzip
ETag: "48c3ac159217d81:0"
Last-Modified: Tue, 01 Feb 2022 17:35:20 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 38304

GET
H/1.1 200
OK jquery_002.js Show response
moneylogss.azurewebsites.net/work/jenis_files/ 2 KB
2 KB 58ms
57ms Script
application/x-javascript 20.40.202.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moneylogss.azurewebsites.net/work/jenis_files/jquery_002.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/wm-sec-up-2.appspot.com/index.html?email=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.35 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://storage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 01:24:49 GMT
Content-Encoding: gzip
ETag: "c126af159217d81:0"
Last-Modified: Tue, 01 Feb 2022 17:35:20 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 1164

GET
H/1.1 200
OK a.htm Show response
moneylogss.azurewebsites.net/work/jenis_files/ Frame CE01 61 KB
13 KB 112ms
54ms Document
text/html 20.40.202.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moneylogss.azurewebsites.net/work/jenis_files/a.htm
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/wm-sec-up-2.appspot.com/index.html?email=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.35 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7c1d0632de1e85ef601d9a293d2190ad2598c9471c4840c7cdb75c694d9686e8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://storage.googleapis.com/

Response headers

Content-Length: 12359
Content-Type: text/html
Date: Mon, 21 Mar 2022 01:24:49 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "80f8a9139217d81:0"
Last-Modified: Tue, 01 Feb 2022 17:35:17 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET

GET
H2 403 bg-image.jpg
storage.googleapis.com/img/ 268 B
268 B 81ms
81ms Image
application/xml 2607:f8b0:4006:821::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://storage.googleapis.com/img/bg-image.jpg
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/wm-sec-up-2.appspot.com/index.html?email=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::2010 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 54e9d4c10fc4ba8795da651f2c642bf435012457226c6e23dee845e429649423

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://storage.googleapis.com/wm-sec-up-2.appspot.com/index.html?email=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 01:24:50 GMT
server: UploadServer
x-guploader-uploadid: ADPycdv5roDrJo_wTA1FaZfJmL-rLe6yLc5fzcVd_gKeX-FcBZTzJO3bnVkJMKcUQoxcGHCw9adidHR594ZGEtXBUbN4-5-_Yw
content-type: application/xml; charset=UTF-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 268
expires: Mon, 21 Mar 2022 01:24:50 GMT

GET
H/1.1 200
OK main.js Show response
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 50 KB
22 KB 70ms
70ms Script
application/x-javascript 20.40.202.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/main.js
Requested by: Host: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.35 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 06c8a989a9848ff3181bf09834e0618ad6775fa16024a90f21874d79e174f4c3

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://moneylogss.azurewebsites.net/work/jenis_files/a.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 01:24:49 GMT
Content-Encoding: gzip
ETag: "4e9120279217d81:0"
Last-Modified: Tue, 01 Feb 2022 17:35:49 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 21832

GET analytics_002.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET 308148419372920.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET fbevents.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET prum.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET js_002
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET ecommerce.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET conversion_async.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET core.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET analytics.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET hotjar-337764.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET gtm.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET
H/1.1 200
OK master.css
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 179 KB
30 KB 73ms
56ms Stylesheet
text/css 20.40.202.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/master.css
Requested by: Host: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.35 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 783c061da2fdfe3c52555cf8db623d56548c74c69f11c27feefa731896169192

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://moneylogss.azurewebsites.net/work/jenis_files/a.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 01:24:49 GMT
Content-Encoding: gzip
ETag: "05f55279217d81:0"
Last-Modified: Tue, 01 Feb 2022 17:35:50 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 29952

GET ddo5ohu.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET modernizr-2.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET
H/1.1 200
OK style.css
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 79 KB
11 KB 130ms
61ms Stylesheet
text/css 20.40.202.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/style.css
Requested by: Host: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.35 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://moneylogss.azurewebsites.net/work/jenis_files/a.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 01:24:49 GMT
Content-Encoding: gzip
ETag: "0e6e82a9217d81:0"
Last-Modified: Tue, 01 Feb 2022 17:35:56 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 10454

GET
H/1.1 200
OK jquery.css
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 533 B
1 KB 126ms
53ms Stylesheet
text/css 20.40.202.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/jquery.css
Requested by: Host: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.35 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: bbcfed2a93dcef85f23e4618f1f53b979531ad7e256ba63dd0b4fe5fa4328033

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://moneylogss.azurewebsites.net/work/jenis_files/a.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 01:24:49 GMT
Content-Encoding: gzip
ETag: "184af259217d81:0"
Last-Modified: Tue, 01 Feb 2022 17:35:47 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 440

GET
H/1.1 200
OK slick.css
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 1 KB
1 KB 166ms
57ms Stylesheet
text/css 20.40.202.35
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/slick.css
Requested by: Host: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.35 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fb3ed351cd5c0f1f30f88778ee1f9b056598e6d25ac4fdcab1eebcd8be521cd9

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://moneylogss.azurewebsites.net/work/jenis_files/a.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 21 Mar 2022 01:24:49 GMT
Content-Encoding: gzip
ETag: "8230e02a9217d81:0"
Last-Modified: Tue, 01 Feb 2022 17:35:55 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 650

GET slick-theme.css
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET default.css
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET jquery.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET jquery-migrate.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET modules.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET a
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET onsite-analytics.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET profiling.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET sentry.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET vendorssignupForms.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET signupForms.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET 0.css
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET styles.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET vendorsRender.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET Render.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET vendorslazyLoadedRichText.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET lazyLoadedRichText.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET vendorscleave.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET Jenis-Endless-Summer-Ice-Cream-Collection-1800x1200.jpeg
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET ECOM_1_IMG_5393_Dark_Chocolate_Spoon_2_505__00461.jpg
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET Brambleberry_Spoonhead_2016-505__20076.jpg
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET ECOM_Salty_Caramel_Spoon_Head__00305.jpg
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET ECOM_2_IMG_5397_Brown_Butter_Almond_Brittle_Spoon__29928.webp
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET ECOM_Salted_Peanut_Butter_With_Chocolate_Flecks_Spoon_Head_.webp
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET Pick-your-own-mix.webp
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET The-best-ice-cream-in-the-world-1800x600.jpeg
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET Jenis-Local-Delivery-900x900.jpeg
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET Ecom_Collection_EndOfSummer_ColorBG__43353.webp
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET TopSellers2020_Main-505px__12004.webp
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET Newbornbabycollection-main-2020Edit-505px__20776.webp
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET StreetTreatPartyPack-505px_1__54328.jpg
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET BirthdayCollection2021blue-505px-505__06302.jpg
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET HoustonHeights-Shop-12-900x900.jpg
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET All-it-takes-is-one-bite-1800x600.jpg
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET BlackoutChocolateCake-BostonCreamPie-ShopsPints-3-900x900.jpg
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET oct.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET 228142862.js
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET a.gif
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET aea5bf6a-c090-425d-851f-d4656ba0e48a.png
moneylogss.azurewebsites.net/work/jenis_files/a_data/ Frame CE01 0
0

GET gtm.js
www.googletagmanager.com/ Frame CE01 0
0

GET
H/1.1 200
OK /
daybag.com/ Frame CE01 0
0 131ms
39ms Document
text/html 52.14.25.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://daybag.com/

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/wm-sec-up-2.appspot.com/index.html?email=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.14.25.244 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-14-25-244.us-east-2.compute.amazonaws.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-US,en;q=0.9
Referer: https://storage.googleapis.com/

Response headers

Date: Mon, 21 Mar 2022 01:24:50 GMT
Server: Apache
X-Drupal-Cache: HIT
Content-Language: en
X-Frame-Options: SAMEORIGIN
X-Generator: Drupal 7 (https://www.drupal.org)
Link: <https://daybag.com/>; rel="canonical",<https://daybag.com/>; rel="shortlink"
Cache-Control: public, max-age=3600
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Vary: Cookie,Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Etag: "1647821171-1"
Last-Modified: Mon, 21 Mar 2022 00:06:11 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

GET
H2

200

daybag.com
logo.clearbit.com/https:/
Redirect Chain

https://logo.clearbit.com/https://daybag.com
https://logo.clearbit.com/https:/daybag.com

7 KB
8 KB

232ms
232ms

Image
image/png

99.84.42.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logo.clearbit.com/https:/daybag.com

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/wm-sec-up-2.appspot.com/index.html?email=

Protocol

Server

99.84.42.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-42-116.ewr52.r.cloudfront.net

Software

envoy /

Resource Hash

52d24bfa11040af721e66ebc165863e6a836d338c295f4eb3ca2975da49899f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-US,en;q=0.9
Referer: https://storage.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 01:24:50 GMT
via: 1.1 831e7b98ff065d26405d36a8a652162c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: envoy
x-amz-cf-pop: EWR52-C4
content-security-policy-report-only: default-src: 'self'; report-uri https://o13610.ingest.sentry.io/api/6173537/security/?sentry_key=7ac906c405c04da0bad984892f88d1bb
x-cache: Miss from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2592000
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: ruzS_6vig-Bn1ql3DC7awfIUMd7UApZuXod1A8KUDUuz2aA70ecADw==

Redirect headers

date: Mon, 21 Mar 2022 01:24:50 GMT
via: 1.1 831e7b98ff065d26405d36a8a652162c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: envoy
x-amz-cf-pop: EWR52-C4
content-security-policy-report-only: default-src: 'self'; report-uri https://o13610.ingest.sentry.io/api/6173537/security/?sentry_key=7ac906c405c04da0bad984892f88d1bb
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: /https:/daybag.com
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 53
x-amz-cf-id: SkHxo4iMT-wpGGRxRjuTwT_R7VtUfEwdwxYCZerFpG6rh-XQojNdfQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/jquery-3.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/popper.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/bootstrap_002.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/analytics_002.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/308148419372920.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/fbevents.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/prum.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/js_002

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/ecommerce.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/conversion_async.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/core.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/analytics.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/hotjar-337764.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/gtm.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/ddo5ohu.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/modernizr-2.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/slick-theme.css

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/default.css

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/jquery.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/jquery-migrate.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/modules.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/a

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/onsite-analytics.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/profiling.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/sentry.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/vendorssignupForms.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/signupForms.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/0.css

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/styles.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/vendorsRender.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/Render.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/vendorslazyLoadedRichText.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/lazyLoadedRichText.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/vendorscleave.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/Jenis-Endless-Summer-Ice-Cream-Collection-1800x1200.jpeg

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/ECOM_1_IMG_5393_Dark_Chocolate_Spoon_2_505__00461.jpg

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/Brambleberry_Spoonhead_2016-505__20076.jpg

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/ECOM_Salty_Caramel_Spoon_Head__00305.jpg

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/ECOM_2_IMG_5397_Brown_Butter_Almond_Brittle_Spoon__29928.webp

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/ECOM_Salted_Peanut_Butter_With_Chocolate_Flecks_Spoon_Head_.webp

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/Pick-your-own-mix.webp

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/The-best-ice-cream-in-the-world-1800x600.jpeg

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/Jenis-Local-Delivery-900x900.jpeg

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/Ecom_Collection_EndOfSummer_ColorBG__43353.webp

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/TopSellers2020_Main-505px__12004.webp

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/Newbornbabycollection-main-2020Edit-505px__20776.webp

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/StreetTreatPartyPack-505px_1__54328.jpg

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/BirthdayCollection2021blue-505px-505__06302.jpg

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/HoustonHeights-Shop-12-900x900.jpg

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/All-it-takes-is-one-bite-1800x600.jpg

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/BlackoutChocolateCake-BostonCreamPie-ShopsPints-3-900x900.jpg

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/oct.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/228142862.js

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/a.gif

Domain: moneylogss.azurewebsites.net
URL: https://moneylogss.azurewebsites.net/work/jenis_files/a_data/aea5bf6a-c090-425d-851f-d4656ba0e48a.png

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-ND7FZ8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.moneylogss.azurewebsites.net/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 8deff527c0ababa089921a5affcc4f13bf273f884d161fe9945c0a609330b02e
			storage.googleapis.com/	1970-01-20 01:43:46	Name: __session:0.9894588499480363: Value: https:

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://storage.googleapis.com/img/bg-image.jpg Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://storage.googleapis.com/wm-sec-up-2.appspot.com/index.html?email=#bcouch@daybag.com Message: Access to script at 'https://moneylogss.azurewebsites.net/work/jenis_files/jquery-3.js' from origin 'https://storage.googleapis.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://moneylogss.azurewebsites.net/work/jenis_files/jquery-3.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://storage.googleapis.com/wm-sec-up-2.appspot.com/index.html?email=#bcouch@daybag.com Message: Access to script at 'https://moneylogss.azurewebsites.net/work/jenis_files/popper.js' from origin 'https://storage.googleapis.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://moneylogss.azurewebsites.net/work/jenis_files/popper.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://storage.googleapis.com/wm-sec-up-2.appspot.com/index.html?email=#bcouch@daybag.com Message: Access to script at 'https://moneylogss.azurewebsites.net/work/jenis_files/bootstrap_002.js' from origin 'https://storage.googleapis.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://moneylogss.azurewebsites.net/work/jenis_files/bootstrap_002.js Message: Failed to load resource: net::ERR_FAILED
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://daybag.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

daybag.com
lexus360.azurewebsites.net
linkprotect.cudasvc.com
logo.clearbit.com
moneylogss.azurewebsites.net
protect-us.mimecast.com
storage.googleapis.com
www.googletagmanager.com
moneylogss.azurewebsites.net
www.googletagmanager.com
20.118.48.0
20.40.202.35
205.139.111.113
2607:f8b0:4006:821::2010
34.225.255.234
52.14.25.244
99.84.42.116
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06c8a989a9848ff3181bf09834e0618ad6775fa16024a90f21874d79e174f4c3
52d24bfa11040af721e66ebc165863e6a836d338c295f4eb3ca2975da49899f4
54e9d4c10fc4ba8795da651f2c642bf435012457226c6e23dee845e429649423
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
5cb3a53b3457072ed386188a4680e605eba18ff3bea01fcac6bb9f9ac665a604
76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c
783c061da2fdfe3c52555cf8db623d56548c74c69f11c27feefa731896169192
7c1d0632de1e85ef601d9a293d2190ad2598c9471c4840c7cdb75c694d9686e8
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
acd97e21e22319e600a577453dfc9e68ffcaa09b70942de914f11d038cbddbca
bbcfed2a93dcef85f23e4618f1f53b979531ad7e256ba63dd0b4fe5fa4328033
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb3ed351cd5c0f1f30f88778ee1f9b056598e6d25ac4fdcab1eebcd8be521cd9

storage.googleapis.com Open in urlscan Pro 2607:f8b0:4006:821::2010 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

21 %HTTPS

14 %IPv6

7 Domains

8 Subdomains

5 IPs

1 Countries

193 kBTransfer

693 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

2 Cookies

8 Console Messages

Indicators

storage.googleapis.com Open in urlscan Pro
2607:f8b0:4006:821::2010 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

21 %
HTTPS

14 %
IPv6

7
Domains

8
Subdomains

5
IPs

1
Countries

193 kB
Transfer

693 kB
Size

2
Cookies

73 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!