gerg.pics Open in urlscan Pro
2606:4700:3035::6815:14b0 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gerg.pics/
Effective URL:
https://gerg.pics/WRzrshtline16JP16/index.html
Submission: On December 20 via api (December 20th 2023, 7:57:06 am UTC) from US — Scanned from US

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3035::6815:14b0, located in United States and belongs to CLOUDFLARENET, US. The main domain is gerg.pics.
TLS certificate: Issued by GTS CA 1P5 on December 19th 2023. Valid for: 3 months.

This is the only time gerg.pics was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
25	2606:4700:303... 2606:4700:3035::6815:14b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1	15.204.213.5 15.204.213.5	16276 (OVH) (OVH)
27	4

25 2606:4700:3035::6815:14b0 (United States)

ASN13335 (CLOUDFLARENET, US)

gerg.pics	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.204.213.5 (Reston, United States)

ASN16276 (OVH, FR)
PTR: ns1019603.ip-15-204-213.us

ipwho.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	gerg.pics gerg.pics	2 MB
1	ipwho.is ipwho.is — Cisco Umbrella Rank: 63095	974 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	27 KB
27	3

	Domain	Requested by
25	gerg.pics	gerg.pics
1	ipwho.is	gerg.pics
1	code.jquery.com	gerg.pics
27	3

This site contains no links.

Subject Issuer	Validity	Valid
gerg.pics GTS CA 1P5	`2023-12-19` - `2024-03-18`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
ipwho.is GoGetSSL ECC DV CA	`2023-04-05` - `2024-04-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://gerg.pics/WRzrshtline16JP16/index.html
Frame ID: DDA100E234E791B827F8845568E1A1F2
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

コンピュータエラーコード #D8700d80d7

Page URL History Show full URLs

https://gerg.pics/ Page URL
https://gerg.pics/WRzrshtline16JP16/index.html Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

2253 kB
Transfer

2402 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gerg.pics/ Page URL
https://gerg.pics/WRzrshtline16JP16/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ gerg.pics/	3 KB 1 KB	344ms 276ms	Document text/html	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gerg.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 838654f98c53b3c2-MIA content-encoding br content-type text/html date Wed, 20 Dec 2023 07:57:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5eqHJ%2FUC55aIOu%2F93htw%2B9D1gKesd%2BJZbXCTnbZZ9PGFTW%2B8op1RBbz7yXyVI7MKmiLD3Z1a85nZznsesXZW193P8Nq1r2wfIV7jEBleOzzQrD9c4pcngY%2FkDtuCkzr4xLu7W2Sy9Vg%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	Primary Request index.html Show response gerg.pics/WRzrshtline16JP16/	24 KB 7 KB	155ms 155ms	Document text/html	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gerg.pics/WRzrshtline16JP16/index.html Requested by Host: gerg.pics URL: https://gerg.pics/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2ce7e2e0876c01e7a5be1d8ea882264d2e7b632f8e4f6999de59888c76400c8d` Request headers Referer https://gerg.pics/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 838654fb6d7db3c2-MIA content-encoding br content-type text/html date Wed, 20 Dec 2023 07:57:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoY9bIJTXSGZUy0ohFZzlB1sr5C4667x7FoILWpakgM5IK9cssYz88Bst8aYOOdaLYt8ZNl%2FuLwIiL8PvqVecIXzDsDfcUMoiDzbQi%2FJG2iVwa0JSnDBZjC6CA6pv0Xkm2c%2Fy7RhEBk%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	tapa.css gerg.pics/WRzrshtline16JP16/	20 KB 5 KB	270ms 269ms	Stylesheet text/css	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gerg.pics/WRzrshtline16JP16/tapa.css Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c1b039d547cac85f20e4f97d612061d322c5a0b689c39dd72831eb8b7ef62b2b` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/WRzrshtline16JP16/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:57:00 GMT content-encoding br cf-cache-status MISS last-modified Thu, 14 Dec 2023 16:51:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"657b3278-5112" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5VvDq8xirb1XbkzIMm%2Boumk7j7qCrX8D%2B4%2FxHJeX4cFtzL8H8gaEje0QUCNlEPkxycgkrEwXtsSbJJBPaEf6u9kjEUD3WvC3QUg1E0m9Fhpl%2Bs6YV5WID4YM8XWpbrXCaLDAjq8o%2Bs%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 838654fd1decb3e9-MIA alt-svc h3=":443"; ma=86400
GET H2	200	jquery-1.4.4.min.js Show response code.jquery.com/	77 KB 27 KB	84ms 26ms	Script application/javascript	2a04:4e42:200::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-1.4.4.min.js Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash `517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:57:00 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 1727235 x-cache HIT, HIT content-length 27078 x-served-by cache-lga21980-LGA, cache-mia-kmia1760065-MIA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1703059020.397289,VS0,VE0 etag W/"28feccc0-13309" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 7238, 2
GET H3	200	cross.png gerg.pics/WRzrshtline16JP16/	377 KB 378 KB	482ms 482ms	Image image/png	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gerg.pics/WRzrshtline16JP16/cross.png Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c3ad6aa1c03fd108854f008cfec2753ba623e1470a4d61798b5d8c050e474868` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/WRzrshtline16JP16/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:57:00 GMT cf-cache-status MISS last-modified Thu, 14 Dec 2023 16:51:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "657b3278-5e537" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kbrLzfYrhk46cdcz5Au9Z9cbZ4boYT3zpkfp8qwJBeqNw4n%2F9rGIjmSkIe%2BViru25kMf%2FikKOedTTJCjluTPi6sVukvmizlHtOaB7TvbNd8oDlTTgIppiXx6H%2BbPvGnprAEMIcto9E%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 838654fd1deeb3e9-MIA alt-svc h3=":443"; ma=86400 content-length 386359
GET H3	200	gif1.gif gerg.pics/WRzrshtline16JP16/	10 KB 11 KB	266ms 266ms	Image image/gif	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gerg.pics/WRzrshtline16JP16/gif1.gif Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a38ce8950f9fd31142fa9f3f673db29058f43989dd4415118bc8d223d0302f77` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/WRzrshtline16JP16/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:57:00 GMT cf-cache-status MISS last-modified Thu, 14 Dec 2023 16:51:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "657b3278-2815" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfSiaH7PnkdNe6np1gm%2Bijvt48BDt%2BrXIHzfL2BLb9IdKCCIG3BKgL0HKK0KKphOTIuQft%2B%2BRUg6wQCVUJA7sTropbjWImwGoNanvCXqYR6P%2Bd%2Ft8Obxqmjw9q2yOsCXF5JLedwESxw%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 838654fd1df0b3e9-MIA alt-svc h3=":443"; ma=86400 content-length 10261
GET H3	200	microsoft.png gerg.pics/WRzrshtline16JP16/	19 KB 20 KB	380ms 379ms	Image image/png	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gerg.pics/WRzrshtline16JP16/microsoft.png Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8f6cc14698864746b3bc0c6537501405f415048d28b6e9592fa91ccd3620e619` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/WRzrshtline16JP16/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:57:00 GMT cf-cache-status MISS last-modified Thu, 14 Dec 2023 16:51:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "657b3278-4d43" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=li7HEHT1uEG%2Fkrpf6Eki4%2FWfv0K0Gwp%2FIEACGzGTMt%2F23wieOUiCQ%2FdUC0PmT7cXJrerT%2FTM5WQeFDDWGemOSxmS5qISUOoRc1pAzS%2F5IKUHMLpWWwcdcmASQQjfuR7CuM1bLNuCFu4%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 838654fecee2b3e9-MIA alt-svc h3=":443"; ma=86400 content-length 19779
GET H3	200	gif2.gif gerg.pics/WRzrshtline16JP16/	16 KB 17 KB	379ms 378ms	Image image/gif	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gerg.pics/WRzrshtline16JP16/gif2.gif Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4e1c30469b24a3e29ff7ee42e124056a91e2d5c892d1693d3ac51f456d1e1df4` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/WRzrshtline16JP16/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:57:00 GMT cf-cache-status MISS last-modified Thu, 14 Dec 2023 16:51:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "657b3278-413b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xr4IvXJwERl%2FjPyeQGeVejmJBVgNBRghyAyIKxuxNepeapaBQcb7qWbps2m0ZtDF0f8V%2Fv8sIvFtvhcQ9FmsyDq6vf5cPkz8gC5E8N9lPcO7NZf4cED5dkZt7d6mvO1e78bcrSDiblA%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 838654ff0f67b3e9-MIA alt-svc h3=":443"; ma=86400 content-length 16699
GET H3	404	bg.png gerg.pics/WRzrshtline16JP16/	196 B 196 B	264ms 261ms	Image text/html	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gerg.pics/WRzrshtline16JP16/bg.png Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/WRzrshtline16JP16/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:57:00 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kZpnAsVZV43PEtueO0UZ8jtWhDfLTYxnm2stiSkZRtwcUq6RWifGmWbagByydtUdFNHmB%2BnkDc9DrWuzVMArU2SwJeniCskYtQ1Ea8L8eCfw6Sbp7W1TuoRUuMzVMQP9gJFowxl9uU%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 838654ff0f6cb3e9-MIA alt-svc h3=":443"; ma=86400
GET H3	200	mnc.png gerg.pics/WRzrshtline16JP16/	187 B 640 B	151ms 148ms	Image image/png	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gerg.pics/WRzrshtline16JP16/mnc.png Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/WRzrshtline16JP16/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:57:00 GMT cf-cache-status MISS last-modified Thu, 14 Dec 2023 16:51:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "657b3278-bb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkgHSXB2dyiYLxDYjWHedehQ%2ByIjvTI1hGhkeyIC2UDtLu76%2F7ak%2FrTPtohtuen4x656ag2EWE5Pfe1u3wOvGQE0VlA6q99WlD6Zp2FTPOQ9BBVkY5yuOQrWD7vJBQa7cnrnZZBYoO8%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 838654ff0f72b3e9-MIA alt-svc h3=":443"; ma=86400 content-length 187
GET H3	200	msmm.png gerg.pics/WRzrshtline16JP16/	168 B 621 B	270ms 268ms	Image image/png	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gerg.pics/WRzrshtline16JP16/msmm.png Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/WRzrshtline16JP16/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:57:00 GMT cf-cache-status MISS last-modified Thu, 14 Dec 2023 16:51:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "657b3278-a8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QF7awoyfaLtynhcfw1pkV93%2F%2Foh6u0q86FrWtNHJcLg1A4lCcyFulorw3O1rlrQI0UmUJclUwUgrQbRKWTfLoHGDCPx%2Fe8pXsypOm372fiGhByUwdBW%2FqOLDQUib7EyAIAM79ZvKX8%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 838654ff0f74b3e9-MIA alt-svc h3=":443"; ma=86400 content-length 168
GET H3	200	set.png gerg.pics/WRzrshtline16JP16/	364 B 822 B	269ms 267ms	Image image/png	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gerg.pics/WRzrshtline16JP16/set.png Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/WRzrshtline16JP16/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:57:00 GMT cf-cache-status MISS last-modified Thu, 14 Dec 2023 16:51:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "657b3278-16c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfhT4nDjU%2BPmHgwFokYzecnkztlqGerXMFrAgLGF60aA1Fya4fY0VTBZc%2BrNq9esVN6%2FN5YjJU6ykpW80wDZEaOe5hUj%2BPmCdREpBnctib7SnpvSY%2BraY5YwnWMWw66IiqcToXYOo%2Fc%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 838654ff0f75b3e9-MIA alt-svc h3=":443"; ma=86400 content-length 364
GET H3	200	vsc.png gerg.pics/WRzrshtline16JP16/	722 B 1 KB	269ms 266ms	Image image/png	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gerg.pics/WRzrshtline16JP16/vsc.png Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/WRzrshtline16JP16/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:57:00 GMT cf-cache-status MISS last-modified Thu, 14 Dec 2023 16:51:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "657b3278-2d2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVqQq5Q7GAFdGpW%2BHNhTkYHOFqa9Y0YE4b4Xpw3tB5x%2B2TqubyCbRu9W0skpROJjEPdpOevNi1An80oHfc9RZ%2FNV668qpxvfthMWqszP2uHau56sxkhXfXpXheL%2F2i4tQsYoBWlTWK0%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 838654ff0f76b3e9-MIA alt-svc h3=":443"; ma=86400 content-length 722
GET H3	200	bx1.png gerg.pics/WRzrshtline16JP16/	97 KB 98 KB	496ms 493ms	Image image/png	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gerg.pics/WRzrshtline16JP16/bx1.png Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `93ab9ddc223156f5f4ba7ff8fc14a885e9b5946fc10917571022d7c2d9a08886` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/WRzrshtline16JP16/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:57:01 GMT cf-cache-status MISS last-modified Thu, 14 Dec 2023 16:51:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "657b3278-1843d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Lutmsn4%2BDM%2FuFhXit755Nqh%2BrTb7lso18Y%2BGMTqY9dX%2B94oDgDNTO9NW5iycQSb8p9ET%2BE8KyzzyVL7e4IJu1XYRHjJLiecUdKib9XEg1vou78c3MtF%2B7cfW4PX%2FsvpvBe%2BTW2zoHg%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 838654ff0f77b3e9-MIA alt-svc h3=":443"; ma=86400 content-length 99389
GET H3	200	bel.png gerg.pics/WRzrshtline16JP16/	276 B 732 B	270ms 268ms	Image image/png	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gerg.pics/WRzrshtline16JP16/bel.png Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4c1606563842cce5f1788329d4417ae3618b33c6365c56a7122439b6ab45c977` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/WRzrshtline16JP16/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:57:00 GMT cf-cache-status MISS last-modified Thu, 14 Dec 2023 16:51:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "657b3278-114" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNu5momd915zp8yF273oQgoNBN8nQzyj89JyJ0gBt6f3Z%2BKzEs77w%2BnIsYHM8avV3mSCA30yrqJVTy9nInENhM3Dk%2FRe2BVRzh4OxtQ0%2F%2F1zwFCkGuVHL5Ffto31ybzGibEn3Wphax4%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 838654ff0f78b3e9-MIA alt-svc h3=":443"; ma=86400 content-length 276
GET H3	200	pcm.png gerg.pics/WRzrshtline16JP16/	1 KB 2 KB	265ms 262ms	Image image/png	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gerg.pics/WRzrshtline16JP16/pcm.png Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `afe332157f4efe355f3181284e99f4331c4d19703ed1678b5316d2933f95e98e` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/WRzrshtline16JP16/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:57:00 GMT cf-cache-status MISS last-modified Thu, 14 Dec 2023 16:51:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "657b3278-4f6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=st0VP6mxPg9un44yWHgdvTSRJJ16rAP5OWj9KIm3r3%2FY3Fa%2FcT%2BAd9uPihvroGAmCuxVx6HlESMTCFDbmt3%2FYd1ZQpfMwY33r30QC5oK91rVUnYtDCLS16O6U4otwVUbYRbn2Cy71%2Bg%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 838654ff0f79b3e9-MIA alt-svc h3=":443"; ma=86400 content-length 1270
GET H3	200	dm.png gerg.pics/WRzrshtline16JP16/	332 B 794 B	271ms 268ms	Image image/png	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gerg.pics/WRzrshtline16JP16/dm.png Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7df9f467d23ee1887edb2123cca10a1a9c4624cdcf7199c64e78a8430031f9f5` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/WRzrshtline16JP16/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:57:00 GMT cf-cache-status MISS last-modified Thu, 14 Dec 2023 16:51:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "657b3278-14c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4V%2FYjj4c%2FCpBcv4EbK8uwwCOhSsrchFQN0%2FKVFF7P%2BWsoDYfOt7i4W%2Bjccm6UUIp7v7H%2FIexPLRAnO16pJivzq3j%2FByE%2Fa7Ok7LN2yAMhEl2fjqCYj%2FGbkiwil0fN78g0LdQ6dpByqM%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 838654ff0f7ab3e9-MIA alt-svc h3=":443"; ma=86400 content-length 332
GET H3	200	cs.png gerg.pics/WRzrshtline16JP16/	3 KB 3 KB	263ms 261ms	Image image/png	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gerg.pics/WRzrshtline16JP16/cs.png Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b67a7c07a045d7cb0f2e216a557aec0d99405e17c36d1a6b1ff3e2733aa35348` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/WRzrshtline16JP16/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:57:00 GMT cf-cache-status MISS last-modified Thu, 14 Dec 2023 16:51:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "657b3278-a79" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSCu186yhP3dqrYjyKOLqUApuiKH1S5JOyQcs3RmpPxnHvYp6iIHV5lZFiaC64qIKelTacY6VWvFHnlEzUTL5kkbYl7aboEX44UXLZxj6JgsAtM2uxgt1xT4ITOGGm%2F9JqcL9n9yEm4%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 838654ff0f7bb3e9-MIA alt-svc h3=":443"; ma=86400 content-length 2681
GET H3	200	re.gif gerg.pics/WRzrshtline16JP16/	14 KB 15 KB	392ms 390ms	Image image/gif	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gerg.pics/WRzrshtline16JP16/re.gif Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/WRzrshtline16JP16/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:57:01 GMT cf-cache-status MISS last-modified Thu, 14 Dec 2023 16:51:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "657b3278-399f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZw%2BAHDThS8VMCag%2FOONjuG4EoMvrDKKsCmsZatDCwULbRVc5XN4C5oI38M2h%2Bx0B05aSIp65ERMKpW2mrvMPxsBkXYJ%2BaT34iM%2BqBZ706%2F3aXl%2FC61LwQi9aQQeAGLXtsQJ%2BG7dVHA%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 838654ff0f7db3e9-MIA alt-svc h3=":443"; ma=86400 content-length 14751
GET H3	200	nvidia.js Show response gerg.pics/WRzrshtline16JP16/	2 KB 1 KB	267ms 264ms	Script application/javascript	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gerg.pics/WRzrshtline16JP16/nvidia.js Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6f78b0c9e5d7661f43db1f95f29e1f29c853c1bc3c81aa5e2c28a5bed0e314ea` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/WRzrshtline16JP16/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:57:00 GMT content-encoding br cf-cache-status MISS last-modified Thu, 14 Dec 2023 16:51:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"657b3278-7fa" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rILaX75VwRltWf5AScVETOhPdin3gVxnPKlcA%2F47yzzPtjiCdoke5LRvbLfg7%2B9uqIa8v3fWw3Ye%2BWePdce5B%2By5Sh83pf7EW7T%2BldycztB8oQ2lO%2BmQ0zwr4rtTa24folqmO1ee%2FsM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 838654ff0f6eb3e9-MIA alt-svc h3=":443"; ma=86400
GET H3	200	jupiter.js Show response gerg.pics/WRzrshtline16JP16/	494 B 676 B	268ms 265ms	Script application/javascript	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gerg.pics/WRzrshtline16JP16/jupiter.js Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `117227a291aedf767a9d3446bc9e32166cc238f5df82f52a62b5589c09d235d2` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/WRzrshtline16JP16/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:57:00 GMT content-encoding br cf-cache-status MISS last-modified Thu, 14 Dec 2023 16:51:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"657b3278-1ee" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEZndICOaY6G2W427toebnT%2BXDK%2B3vY1ynvZ5MJD83UeyaQpZhIIKafIoambtBGb5wJSzeJeRwx51URzLrDwyy%2Fs9TA7knE5OEjiZ1cEF4k6RbKzVCy0Vpy%2FzxsTNjKT2OTNwYzpzxE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 838654ff0f6fb3e9-MIA alt-svc h3=":443"; ma=86400
GET H3	200	esc.js Show response gerg.pics/WRzrshtline16JP16/	87 B 516 B	269ms 266ms	Script application/javascript	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gerg.pics/WRzrshtline16JP16/esc.js Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `46ebb2640aac2186a7cf13f528c03648fa9a498910289cdad41ba87b9770eb14` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/WRzrshtline16JP16/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:57:00 GMT content-encoding br cf-cache-status MISS last-modified Thu, 14 Dec 2023 16:51:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"657b3278-57" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mf8r99qvE8m4z8x4dPN7nPRnae0cdS3yTKCLA2sIisDkdWcCPhES4H%2FP7LQPYPkj2j9583VTTiFuZMZmaBygrQjTxm0g2nJlHTLguQWSk0ES0xN4iYPPcqq4F5wJzsGTOayFHwqk5yg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 838654ff0f70b3e9-MIA alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	/ Show response ipwho.is/	702 B 974 B	156ms 48ms	XHR application/json	15.204.213.5 OVH
General Check archive.org Show headers Download Go to Full URL https://ipwho.is/?lang=en Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 15.204.213.5 Reston, United States, ASN16276 (OVH, FR), Reverse DNS ns1019603.ip-15-204-213.us Software ipwhois / Resource Hash `a0bec5376a061c335917ea9ddb5a80c94fe116f3091951c8396567b054289b90` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Wed, 20 Dec 2023 07:57:00 GMT Server ipwhois Transfer-Encoding chunked Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive X-Robots-Tag noindex Access-Control-Allow-Headers *
GET DATA	200 OK	truncated /	349 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
GET H3	200	bg1.jpg gerg.pics/WRzrshtline16JP16/	2 MB 2 MB	494ms 494ms	Image image/jpeg	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gerg.pics/WRzrshtline16JP16/bg1.jpg Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/tapa.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8802cb8dbfeacb9b6d420ccc719667263de50cad229d03b71f194302b01fa93c` Request headers accept-language en-US,en;q=0.9 Referer https://gerg.pics/WRzrshtline16JP16/tapa.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 20 Dec 2023 07:57:01 GMT cf-cache-status MISS last-modified Thu, 14 Dec 2023 16:51:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "657b3278-19d2dd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nQ1ZCnH08k9DyimEJPXxm8vG2olN2JYXHq9GXF6m7KoCQ1Ycw8oKYzuiTeLv6C4BouCyXRywgUZF29R9kGlaNidJaZ5Mf4VIsVOlzBMq%2BCL4DKdWQkFS66AmZIMJdvlCmhf6a0Vz2E%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 838654ff0f7fb3e9-MIA alt-svc h3=":443"; ma=86400 content-length 1692381
GET H3	206	_Fm7-alert.mp3 gerg.pics/WRzrshtline16JP16/	72 KB 0	481ms 481ms	Media audio/mpeg	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gerg.pics/WRzrshtline16JP16/_Fm7-alert.mp3 Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://gerg.pics/WRzrshtline16JP16/index.html Accept-Encoding identity;q=1, ;q=0 accept-language* en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Range bytes=0- Response headers date Wed, 20 Dec 2023 07:57:01 GMT cf-cache-status MISS last-modified Thu, 14 Dec 2023 16:51:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "657b3278-2f44c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nw7EtxCrQ3gwBTqexyHzXGGh4RCithimON0f88KjVaOyc1s7iEeZ47Te9lYBrpJWBK7m1xqD306P51bwm8LJIuKA8nAMt%2FUMnEInAYR7T9w4VJrfJMbM%2FzwpoWtRH%2FjvQdOOnlHRYR8%3D"}],"group":"cf-nel","max_age":604800} content-type audio/mpeg Content-Range bytes 0-193611/193612 cache-control max-age=14400 cf-ray 838654ff6fc3b3e9-MIA alt-svc h3=":443"; ma=86400 Content-Length 193612
GET H3	404	ai2.mp3 gerg.pics/WRzrshtline16JP16/	196 B 631 B	263ms 263ms	Media text/html	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gerg.pics/WRzrshtline16JP16/ai2.mp3 Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880` Request headers Referer https://gerg.pics/WRzrshtline16JP16/index.html Accept-Encoding identity;q=1, ;q=0 accept-language* en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Range bytes=0- Response headers date Wed, 20 Dec 2023 07:57:01 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBzy0dDbxoU6AaHb4xc8qSkuibS8mBhAA4n%2By6KI50OJce%2B48JXkK3LxbLlnuBZUlLj0OBDkkEOIexLwg7Q83MATX7VVp8wE139dYEo79GVsfVeuCmJCKX07oF4ZPrIgqMbDjf%2BMyQk%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 83865500c907b3e9-MIA alt-svc h3=":443"; ma=86400
GET H3	206	webs.mp4 gerg.pics/WRzrshtline16JP16/	8 KB 9 KB	278ms 278ms	Media video/mp4	2606:4700:3035::6815:14b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gerg.pics/WRzrshtline16JP16/webs.mp4 Requested by Host: gerg.pics URL: https://gerg.pics/WRzrshtline16JP16/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3035::6815:14b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1` Request headers Referer https://gerg.pics/WRzrshtline16JP16/index.html Accept-Encoding identity;q=1, ;q=0 accept-language* en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Range bytes=0- Response headers date Wed, 20 Dec 2023 07:57:01 GMT cf-cache-status MISS last-modified Thu, 14 Dec 2023 16:51:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "20d5-60c7b16d78e00" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouivL0jbDDXHKc%2BQA8C%2BHEX3KezudWp24li1DRU199rn4li9JGCyXH%2B%2BhbVKQijB%2F9%2FBEraokYV3Q0avaqqhHa%2B76hUHdnMsN3imsWZ0DwjIvzc%2FqJEwRQ9JJ73QPN9GI5a6xONGuFU%3D"}],"group":"cf-nel","max_age":604800} content-type video/mp4 Content-Range bytes 0-8404/8405 cache-control max-age=14400 cf-ray 83865500c908b3e9-MIA alt-svc h3=":443"; ma=86400 Content-Length 8405

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gerg.pics/WRzrshtline16JP16/bg.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gerg.pics/WRzrshtline16JP16/ai2.mp3 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
gerg.pics
ipwho.is
15.204.213.5
2606:4700:3035::6815:14b0
2a04:4e42:200::649
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
117227a291aedf767a9d3446bc9e32166cc238f5df82f52a62b5589c09d235d2
1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115
2ce7e2e0876c01e7a5be1d8ea882264d2e7b632f8e4f6999de59888c76400c8d
31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
46ebb2640aac2186a7cf13f528c03648fa9a498910289cdad41ba87b9770eb14
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86
4c1606563842cce5f1788329d4417ae3618b33c6365c56a7122439b6ab45c977
4e1c30469b24a3e29ff7ee42e124056a91e2d5c892d1693d3ac51f456d1e1df4
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
6f78b0c9e5d7661f43db1f95f29e1f29c853c1bc3c81aa5e2c28a5bed0e314ea
7df9f467d23ee1887edb2123cca10a1a9c4624cdcf7199c64e78a8430031f9f5
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
8802cb8dbfeacb9b6d420ccc719667263de50cad229d03b71f194302b01fa93c
8f6cc14698864746b3bc0c6537501405f415048d28b6e9592fa91ccd3620e619
93ab9ddc223156f5f4ba7ff8fc14a885e9b5946fc10917571022d7c2d9a08886
a0bec5376a061c335917ea9ddb5a80c94fe116f3091951c8396567b054289b90
a38ce8950f9fd31142fa9f3f673db29058f43989dd4415118bc8d223d0302f77
afe332157f4efe355f3181284e99f4331c4d19703ed1678b5316d2933f95e98e
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
b67a7c07a045d7cb0f2e216a557aec0d99405e17c36d1a6b1ff3e2733aa35348
c1b039d547cac85f20e4f97d612061d322c5a0b689c39dd72831eb8b7ef62b2b
c3ad6aa1c03fd108854f008cfec2753ba623e1470a4d61798b5d8c050e474868
c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41

gerg.pics Open in urlscan Pro 2606:4700:3035::6815:14b0 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

4 IPs

1 Countries

2253 kBTransfer

2402 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

gerg.pics Open in urlscan Pro
2606:4700:3035::6815:14b0 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

1
Countries

2253 kB
Transfer

2402 kB
Size

0
Cookies

27 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!