majbuiwlmfry.pages.dev Open in urlscan Pro
172.66.47.176 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://majbuiwlmfry.pages.dev/
Effective URL:
https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/
Submission Tags: @ecarlesi threat scam Search All
Submission: On July 31 via api (July 31st 2024, 7:39:02 am UTC) from IT — Scanned from IT

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 20 HTTP transactions. The main IP is 172.66.47.176, located in United States and belongs to CLOUDFLARENET, US. The main domain is majbuiwlmfry.pages.dev.
TLS certificate: Issued by WE1 on July 31st 2024. Valid for: 3 months.

This is the only time majbuiwlmfry.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:310... 2606:4700:310c::ac42:2c50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	172.66.47.176 172.66.47.176	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	4

2 2606:4700:310c::ac42:2c50 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

majbuiwlmfry.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.66.47.176 (United States)

ASN13335 (CLOUDFLARENET, US)

majbuiwlmfry.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

userstatics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	pages.dev 1 redirects majbuiwlmfry.pages.dev	1 MB
1	userstatics.com userstatics.com — Cisco Umbrella Rank: 303208	661 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	811 B
20	3

	Domain	Requested by
19	majbuiwlmfry.pages.dev	1 redirects majbuiwlmfry.pages.dev
1	userstatics.com	majbuiwlmfry.pages.dev
1	fonts.googleapis.com	majbuiwlmfry.pages.dev
20	3

This site contains no links.

Subject Issuer	Validity	Valid
majbuiwlmfry.pages.dev WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
userstatics.com WE1	`2024-07-24` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/
Frame ID: 73381E715599A0D26FCCC6F89873EC87
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Security Require Action

Page URL History Show full URLs

https://majbuiwlmfry.pages.dev/ Page URL
https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/index.html HTTP 308
https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

1405 kB
Transfer

1488 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://majbuiwlmfry.pages.dev/ Page URL
https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/index.html HTTP 308
https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
majbuiwlmfry.pages.dev/ 3 KB
1 KB 223ms
143ms Document
text/html 2606:4700:310c::ac42:2c50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://majbuiwlmfry.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2c50 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcec506234a4c754757c32ce0858889f0aa998d565299c2341a748dc19475ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8abbee88cbadbb03-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 31 Jul 2024 07:38:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MhZj%2F8IngRvmiEmDA5CxH%2BQF19ueCv2Q%2FXvBooe57wgN6HDRrzLJ7De6Yt8Srl2004nVs%2BM6pFyHqrNTezdBXcbm%2BdOkv%2B%2BcRVWewP6bPq74%2B6UUoapxEx1bwmfjVxSkDxPP8b6oKBEElbVx%2Bxsi2sLIQibr"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3

200

Primary Request / Show response
majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/
Redirect Chain

https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/index.html
https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/

16 KB
5 KB

133ms
133ms

Document
text/html

172.66.47.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/

Requested by

Host: majbuiwlmfry.pages.dev
URL: https://majbuiwlmfry.pages.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.176 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a1a373579863f216f833865df4c6e002560599bf2a52f9cbff1663758fcb743

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://majbuiwlmfry.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8abbee8a3e40bb03-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 31 Jul 2024 07:38:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GNa8QoemsBWbyoe6LIGax1uTrMAs91bqcwdXfJ4LMvV7X71BPD5DtGqKRcM28L4vBLhfO52ouxhKNqCByn75fxrkoJCfzH5MStCvi%2F3sVM2b35tYEByYTnTWVnWP1h%2FZjgBqSQ1CAFww"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-ray: 8abbee8a0ddebb03-MXP
content-length: 0
date: Wed, 31 Jul 2024 07:38:56 GMT
location: /Wi0n0ErrAbh000New72/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ViKd119hFEb%2BRfUyu5H5L2zQ3wxh5PPihEuV9urwRlWlqSaCwfHzDj7fgbcVVlUI5hQlC0fuIgMct3THZb9k26YdEZImY164O%2BaJxoatuP0xYXSOIpp9NuTSAeiT07amfazll8PxepazL7MlfJV4C6yWZrhz"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 pstyle.css
majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/css/ 15 KB
4 KB 117ms
113ms Stylesheet
text/css 172.66.47.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/css/pstyle.css

Requested by

Host: majbuiwlmfry.pages.dev
URL: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.176 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

650f55598e1607e8369abad5a79e72852a3043dafc19f4be5e69801a9da13ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 07:38:57 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3377097891d53ea45eba81ae33740908"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7gd08HaElv%2FHZY%2FluAqQlKark6Up7pVPPHVErgoO0aNOzKLKurZDEyOR1fKLcYvSIJKD8P1kOHyEvGNNY35QSSIkd7vnGkQJ%2FsLIMpiO8pEhlvWYIN45fu9Ji3U9R87CF8jt1M3tRtkT"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8abbee8b2808bb03-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 windows_11_logo_by_rejaneappel_dfpbq6p-fullview.png
majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/images/ 1 KB
1 KB 174ms
170ms Image
image/png 172.66.47.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/images/windows_11_logo_by_rejaneappel_dfpbq6p-fullview.png

Requested by

Host: majbuiwlmfry.pages.dev
URL: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.176 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 07:38:57 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "784ab5e987249ef1422816edc26a250f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZRaRcLa%2FlEw6G45QxyNc2ijYJwBLACGE10XPKW4Ro07x1RJNpaBNJXGBGzQtKMuM0Qyvjzn5AGQETtDHcPVrtKBOSr9bF3cDyKZLobmm1z2LWil7EIIAwezwutF%2FqA6Ie6pArKPOLf%2Bt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8abbee8b280cbb03-MXP
alt-svc: h3=":443"; ma=86400
content-length: 1045

GET
H3 200 wall.png
majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/images/ 1 KB
1 KB 114ms
109ms Image
image/png 172.66.47.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/images/wall.png

Requested by

Host: majbuiwlmfry.pages.dev
URL: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.176 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 07:38:57 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "784ab5e987249ef1422816edc26a250f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9pcggYmmQUDrOWC623nfSXfYBLUgw4vvfZWtgLjVTUCm5XiEojAPksjKp7f8HkBKSxGZC%2Fp5yEG%2BHErKhqKodnn6k2gXLA0yxKzgStsjL2tf%2B%2F7H2obwaKEmM0T9i3ph2kUUFQSbhhtd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8abbee8b2810bb03-MXP
alt-svc: h3=":443"; ma=86400
content-length: 1045

GET
H2 200 css2
fonts.googleapis.com/ 631 B
811 B 127ms
38ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200

Requested by

Host: majbuiwlmfry.pages.dev
URL: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4aebe935b69b0e1728874c3a71f9a341b102fafb9ba87c338599cb36eb75e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://majbuiwlmfry.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 31 Jul 2024 07:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 31 Jul 2024 07:38:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 31 Jul 2024 07:38:57 GMT

GET
H3 200 pscript.js Show response
majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/js/ 9 KB
3 KB 175ms
140ms Script
application/javascript 172.66.47.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/js/pscript.js

Requested by

Host: majbuiwlmfry.pages.dev
URL: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.176 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ef01e4af70d28c3a12c54ed17c9ca0b8d1a5b39b42dde46ce7206000f947edf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 07:38:57 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ae3926469670b6717f0d7a6c7ea3f7eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2BpFuqZkN1nFzREsUED3Tb4rdluMxjAmHYsEh8OamCZG5Ol3anFM9qHaiQ0nMKJjDYcY715gq%2FNAkQ8Z14VVwPoqHuyQStkY%2BLvwbqRPdPvqYJa3Hb4a%2B84LzQfkTcemigEE4S0thiTt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8abbee8c2985bb03-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 script1.js Show response
majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/js/ 515 B
709 B 176ms
134ms Script
application/javascript 172.66.47.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/js/script1.js

Requested by

Host: majbuiwlmfry.pages.dev
URL: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.176 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c5d3e5e4f718568768d5e274cb2ddd90d5877f4260c139b067ed9d67781ded

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 07:38:57 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1b541eb157315496304c4713b96e8000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PsGl024dERRoWg72W3x3yOeDVok%2BYl7Xg7GbmJd08mcORhLQdSfbd2qhwsE0Ei5eLVSO%2FR%2FpuP%2BG2YskgtAQ3A4DiI58StbEqtgn37SBjISjov583A6QiXRsS3tXevcKGuWBReOutkOR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8abbee8c39a8bb03-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 script2.js Show response
majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/js/ 1 KB
922 B 174ms
133ms Script
application/javascript 172.66.47.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/js/script2.js

Requested by

Host: majbuiwlmfry.pages.dev
URL: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.176 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caf426458eae5d386a33752b566355131e3811524fcbac3fd88b7f6f7a936b2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 07:38:57 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"09440876091166c34147675d726646ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iCU0KmYKkaE3sKXGy%2Fv3QSV42BLqgRK3KJ%2BgozEkb7f3fCiefPV%2BQ6IXz%2FXc98MbPVngbikkmfyfk9hAiUWGLyq0iaF6tECZh2rO9MSQzUp%2BFwDKjyICmB27iZTUlCNrXOGtXNRHUvI1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8abbee8c39adbb03-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 script3.js Show response
majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/js/ 334 B
608 B 174ms
133ms Script
application/javascript 172.66.47.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/js/script3.js

Requested by

Host: majbuiwlmfry.pages.dev
URL: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.176 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba2a8e0e05fd4b666e404981470fc5bc59b2d9654b1c025a339e3cefdac6308c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 07:38:57 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"9d2c025e9b5df4d06e836a81a10bffd6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F6le9edk%2FI1C95TB7fqFhGRW760%2FgzO0xvL0UoGxMSwUr%2BmbNxfK8FQGQuOhZ%2BOWU53aD7SuH41hJSzFlxYr0Yvq190nVOrPUFr7WgM4%2F0fLC9QVR9oM%2FTgJg0q930lw230sd8qp1RWe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8abbee8c39b0bb03-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-3.2.1.min.js Show response
majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/js/ 85 KB
31 KB 215ms
175ms Script
application/javascript 172.66.47.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/js/jquery-3.2.1.min.js

Requested by

Host: majbuiwlmfry.pages.dev
URL: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.176 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba7d154e5ef77906946f6ae267c919a96df47cf7abbb1f7f4fb36a434493ee65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 07:38:57 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b88cf816e5abe18e052202f13a4f44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q6WFmZEeeW4lPRW5eNdjy%2FnqkhbKEocEkuhBaYJUQZQ4e%2BN0jnNyiDDM9yh%2FLyqE4DOYwB%2BJ3vTzXkRFxSAbtZVMebsECLZpEMM%2BQ5058Yx3kOHdgIptJfItB8AbX1czCHMA6QTBcti4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8abbee8c39b3bb03-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 5f205bb74a5eb_v.css
majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/css/ 215 B
678 B 214ms
175ms Stylesheet
text/css 172.66.47.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/css/5f205bb74a5eb_v.css

Requested by

Host: majbuiwlmfry.pages.dev
URL: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.176 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bde6a5369760d9427c6d72a624f3087740cfbe00cb421f381cff78733d0fe52e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 07:38:57 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"614a7eebc6c12ea4e24952c0f355db44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Y5ejSsSX4s%2FUDZqAbSO0%2BWUFiZGc8ybcw%2BmhU8as1McXk0%2F7NFFNp72iUTvDNqO9qXmWxekcNpskIv2uRmlI%2FZ7i6gZ7RHp3%2FEdkSSynJ3Q%2BHSJZ0GT3F6Vb4uiYz8x5t%2B%2FUugmg1l6"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8abbee8c39b6bb03-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 froala_style.min.css
majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/css/ 7 KB
2 KB 167ms
132ms Stylesheet
text/css 172.66.47.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/css/froala_style.min.css

Requested by

Host: majbuiwlmfry.pages.dev
URL: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.176 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cfc73a6db9523c12b6b7f5d009bed19c8799eed001f607bd891a1fd838b7739

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 07:38:57 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3b023940e9d170a7a3b4727c78bc2f79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oEttiJOfgIHQi06PA9NlDaVtnJ6U8JMebip6IUx%2FDXXNylfyKjUPdRXMtsWoNMn8%2BlJXH6lqH856L9SiG7ryytnMOtmJdL%2B3ZEGCx6Pvc6elnerrTzmfsj5zqGacqhT7fPPmr1tSeCUw"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8abbee8c39b8bb03-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 5f205bb63ccd2_v.css
majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/css/ 215 B
664 B 166ms
132ms Stylesheet
text/css 172.66.47.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/css/5f205bb63ccd2_v.css

Requested by

Host: majbuiwlmfry.pages.dev
URL: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.176 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e3bab239ceeccef12af09a16dad170ced312a26e918b8b6ee808e150dc598f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 07:38:57 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b8939d88e5e8d8a03271409ce8659e00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kaDVZ6pbaSyjrN7hPfOfnKyx4JSWXG77uGgqtuAC49NNrjfBU%2B7mpg7KRGcKA1DtRgqahnnIZQFt7D5uDM2asYuAfNSkeFcSdZhTlqPjsosJZgGsUwMC0C8B5H3C7Oz30Uu%2Btb3YmWJs"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8abbee8c39b9bb03-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 5f205bc497791_v.css
majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/css/ 215 B
671 B 169ms
135ms Stylesheet
text/css 172.66.47.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/css/5f205bc497791_v.css

Requested by

Host: majbuiwlmfry.pages.dev
URL: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.176 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeea3053ace1602a6f2582bcccb90fac1191ecce1c49a0370bef53299a7b44a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 07:38:57 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6c9df7aa491df0b4dde690b9a920c919"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2FPddv3%2FVV4xaOcoSXHWN1Sp%2BfzcZGOIsYiFp2z3VkFsr3K1P5svzka2ZIRZtCUIf%2BC8tumyFJsxRx8iaDOAWovCeHdE5j0H3ClcCfqjLwd6EP37X3Jzp85GeUhQGWsyOmjY6fETHbLd"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8abbee8c39bbbb03-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 website2.png
majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/images/ 111 KB
111 KB 158ms
148ms Image
image/png 172.66.47.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/images/website2.png

Requested by

Host: majbuiwlmfry.pages.dev
URL: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.176 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

948b1331677d0f9991d50376bfba436033c5a9cc5919cf9f74c03424b6f3e342

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 07:38:57 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8cb87ccf76fc5a627b75d80b8a96c640"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9qMgldVM%2B9pUbelGg41VZtFawRkAtwhzOcu4rjtlHwnV60TQUMZu%2B52y2ghFUtardvPFpscJA7fr1YcbgeHTKz3YPMXBcaNaEG4TOMBKpOaLpsx7OiATUOmnivmvqfXZmIVlDhj7Tlb4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8abbee8c39bdbb03-MXP
alt-svc: h3=":443"; ma=86400
content-length: 113635

GET
H3 200 Pop.png
majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/images/ 12 KB
13 KB 121ms
112ms Image
image/png 172.66.47.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/images/Pop.png

Requested by

Host: majbuiwlmfry.pages.dev
URL: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.176 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8014a26da533388083c1aba430334ab7862e6ae61c48b2fa4520594359053372

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 07:38:57 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2724b8259b0e43efa70c6f23b6c9c597"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mulEU4EbiDbvLPRI1Qa8y%2FJqtCx4TgBZQFhLTqVk8HGL15NSKc0yKnnGZYZ6L7QzKlO9UwvuvUogDh%2B3KQcJXTwdaQwXaGE8kO7oY2hwIznxZM7lazxaO2cVgwjZImVsqPdI11cmPXMN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8abbee8c39bfbb03-MXP
alt-svc: h3=":443"; ma=86400
content-length: 12443

GET
H3 200 audio1.wav
majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/media/ 1 MB
1 MB 168ms
159ms Media
audio/wav 172.66.47.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/media/audio1.wav

Requested by

Host: majbuiwlmfry.pages.dev
URL: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.176 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cf70b50931cbdf7d28545f7da162983cf5a4bdb7fbaa08f02087fc725a4c9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 31 Jul 2024 07:38:57 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ff8eaa44de97799d0fccc7c609fd5809"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jVKeBpHdou0%2Fzfv58ZmgOXR7PthYfr%2FhzV5jgb9CizhTohHn7mB9mrYtt9bQ6qInSoyM5aLBUxx9y7zObwRXWQXZmaTjrkgX4F2iVRkjN%2BG%2BH9bkV0hCdyYX0phhBA5iFNPgQCG1cgWk"}],"group":"cf-nel","max_age":604800}
content-type: audio/wav
access-control-allow-origin: *
cf-ray: 8abbee8d4b7bbb03-MXP
alt-svc: h3=":443"; ma=86400
content-length: 1253392

GET
H3 200 windows_11_logo_by_rejaneappel_dfpbq6p-fullview.png
majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/images/ 1 KB
418 B 64ms
62ms Other
image/png 172.66.47.176
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/images/windows_11_logo_by_rejaneappel_dfpbq6p-fullview.png

Protocol

Security

QUIC, , AES_128_GCM

Server

172.66.47.176 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 07:38:57 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "784ab5e987249ef1422816edc26a250f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KwLzyJ3mGzQHPAowI7E2%2Ficg06gM68tRw3T6xynES3bTUZ1ilh3%2FSJS1IE%2FE0pz6%2FjBj7Bj%2Fh8LD3GJvG%2FxVil7kfJiJoP2EW4Vu5IVxGDT0Y1w%2FmvfCW07znimbgutwBVgEQ1YHHK%2B7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8abbee8f1f83bb03-MXP
alt-svc: h3=":443"; ma=86400
content-length: 1045

GET
H3 200 script.js Show response
userstatics.com/get/ 133 B
661 B 145ms
113ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://userstatics.com/get/script.js?referrer=https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/
Requested by: Host: majbuiwlmfry.pages.dev
URL: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/js/jquery-3.2.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.1
Resource Hash: df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26

Request headers

Referer: https://majbuiwlmfry.pages.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 07:38:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.1
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://majbuiwlmfry.pages.dev
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Km6dR1zA5On8P8mine8usAVZ1N0FubrbaaVi0M%2FTXyC3qO68neL5zOD2BjCuOxAnbrZE7StztT4tg%2BvDw8fqDgpxXD1s5LPNJlpf7P%2FxmbP474m%2Bujti3z0BjxWCx1KRYD8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8abbee93ef970e4b-MXP
access-control-allow-headers: X-Requested-With,content-type
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72	1970-01-20 22:27:31	Name: PHPREFS Value: full

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://majbuiwlmfry.pages.dev/Wi0n0ErrAbh000New72/# Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
majbuiwlmfry.pages.dev
userstatics.com
172.66.47.176
188.114.96.3
2606:4700:310c::ac42:2c50
2a00:1450:4001:803::200a
1cfc73a6db9523c12b6b7f5d009bed19c8799eed001f607bd891a1fd838b7739
2cf70b50931cbdf7d28545f7da162983cf5a4bdb7fbaa08f02087fc725a4c9e0
3a1a373579863f216f833865df4c6e002560599bf2a52f9cbff1663758fcb743
4ef01e4af70d28c3a12c54ed17c9ca0b8d1a5b39b42dde46ce7206000f947edf
61c5d3e5e4f718568768d5e274cb2ddd90d5877f4260c139b067ed9d67781ded
650f55598e1607e8369abad5a79e72852a3043dafc19f4be5e69801a9da13ae9
8014a26da533388083c1aba430334ab7862e6ae61c48b2fa4520594359053372
948b1331677d0f9991d50376bfba436033c5a9cc5919cf9f74c03424b6f3e342
b2e3bab239ceeccef12af09a16dad170ced312a26e918b8b6ee808e150dc598f
b4aebe935b69b0e1728874c3a71f9a341b102fafb9ba87c338599cb36eb75e22
ba2a8e0e05fd4b666e404981470fc5bc59b2d9654b1c025a339e3cefdac6308c
ba7d154e5ef77906946f6ae267c919a96df47cf7abbb1f7f4fb36a434493ee65
bcec506234a4c754757c32ce0858889f0aa998d565299c2341a748dc19475ae8
bde6a5369760d9427c6d72a624f3087740cfbe00cb421f381cff78733d0fe52e
caf426458eae5d386a33752b566355131e3811524fcbac3fd88b7f6f7a936b2e
df9690fea031319de38a437cb6d393026c4aae70642ed394c4254ed64f035b26
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
eeea3053ace1602a6f2582bcccb90fac1191ecce1c49a0370bef53299a7b44a6

majbuiwlmfry.pages.dev Open in urlscan Pro 172.66.47.176 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

1405 kBTransfer

1488 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

26 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

majbuiwlmfry.pages.dev Open in urlscan Pro
172.66.47.176 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

1405 kB
Transfer

1488 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!