prickly.dvrlists.com Open in urlscan Pro
162.241.121.114 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tv.di.dk/jump/payload?payload=mz47YdksFEUnPgDAz9DdXPvTpb1sqFJ0QbWTXhcHZ87gj%2BH6a6gjY5bHUhUAaIPeGTmMrLaB%...
Effective URL:
https://prickly.dvrlists.com/office/PS-619fb0856d323
Submission Tags: falconsandbox
Submission: On November 25 via api (November 25th 2021, 3:49:33 pm UTC) from US — Scanned from DE

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 25 HTTP transactions. The main IP is 162.241.121.114, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is prickly.dvrlists.com.
TLS certificate: Issued by R3 on November 17th 2021. Valid for: 3 months.

This is the only time prickly.dvrlists.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
2	151.101.1.120 151.101.1.120	54113 (FASTLY) (FASTLY)
4	52.50.242.157 52.50.242.157	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700::68... 2606:4700::6812:16cf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	162.241.121.114 162.241.121.114	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
25	5

2 151.101.1.120 (United States)

ASN54113 (FASTLY, US)

tv.di.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.50.242.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-242-157.eu-west-1.compute.amazonaws.com

ttcontacts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:16cf (United States)

ASN13335 (CLOUDFLARENET, US)

9uod1.codesandbox.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
codesandbox.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 162.241.121.114 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-121-114.unifiedlayer.com

prickly.dvrlists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	dvrlists.com 1 redirects prickly.dvrlists.com	345 KB
9	codesandbox.io 9uod1.codesandbox.io codesandbox.io	2 MB
4	ttcontacts.com ttcontacts.com	28 KB
2	di.dk tv.di.dk	3 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
25	5

	Domain	Requested by
10	prickly.dvrlists.com	1 redirects 9uod1.codesandbox.io prickly.dvrlists.com
5	codesandbox.io	9uod1.codesandbox.io codesandbox.io
4	9uod1.codesandbox.io	tv.di.dk
4	ttcontacts.com	tv.di.dk ttcontacts.com
2	tv.di.dk	tv.di.dk
1	static.cloudflareinsights.com	9uod1.codesandbox.io
25	6

This site contains no links.

Subject Issuer	Validity	Valid
video.home.dk GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-26` - `2022-06-27`	a year	crt.sh
ttcontacts.com R3	`2021-10-12` - `2022-01-10`	3 months	crt.sh
codesandbox.io Cloudflare Inc ECC CA-3	`2021-05-19` - `2022-05-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
prickly.dvrlists.com R3	`2021-11-17` - `2022-02-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://prickly.dvrlists.com/office/PS-619fb0856d323
Frame ID: 00F7A504A746720FF56B5FC0D7D4B250
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

A3DA971BE1AA3EBE7E90CB01B3A9C7DC619FB0859C0B2

Page URL History Show full URLs

https://tv.di.dk/jump/payload?payload=mz47YdksFEUnPgDAz9DdXPvTpb1sqFJ0QbWTXhcHZ87gj%2BH6a6gjY... Page URL
https://9uod1.codesandbox.io/?dg=ZmpvdHpAZGVsb2l0dGUubHU= Page URL
https://prickly.dvrlists.com/office/$fjotz@deloitte.lu HTTP 302
https://prickly.dvrlists.com/office/PS-619fb0856d323 Page URL

Page Statistics

25
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

2273 kB
Transfer

6981 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tv.di.dk/jump/payload?payload=mz47YdksFEUnPgDAz9DdXPvTpb1sqFJ0QbWTXhcHZ87gj%2BH6a6gjY5bHUhUAaIPeGTmMrLaB%2BROjJ4pStBuE3SWk9A4FlPEHFPzdUkiWkGo7xnJzLgZFcyvIRceDeRSaYTzgBzIL2BItl84NKj8jwNBtz11QkQp3g%2Bi47srDsRJoRDK5jSTQiYa%2FTttwvqVD&url=https%3A%2F%2F9uod1.codesandbox.io%3Fdg%3DZmpvdHpAZGVsb2l0dGUubHU%3D Page URL
https://9uod1.codesandbox.io/?dg=ZmpvdHpAZGVsb2l0dGUubHU= Page URL
https://prickly.dvrlists.com/office/$fjotz@deloitte.lu HTTP 302
https://prickly.dvrlists.com/office/PS-619fb0856d323 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 payload Show response
tv.di.dk/jump/ 1 KB
1 KB 281ms
263ms Document
text/html 151.101.1.120
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tv.di.dk/jump/payload?payload=mz47YdksFEUnPgDAz9DdXPvTpb1sqFJ0QbWTXhcHZ87gj%2BH6a6gjY5bHUhUAaIPeGTmMrLaB%2BROjJ4pStBuE3SWk9A4FlPEHFPzdUkiWkGo7xnJzLgZFcyvIRceDeRSaYTzgBzIL2BItl84NKj8jwNBtz11QkQp3g%2Bi47srDsRJoRDK5jSTQiYa%2FTttwvqVD&url=https%3A%2F%2F9uod1.codesandbox.io%3Fdg%3DZmpvdHpAZGVsb2l0dGUubHU%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.120 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8acbf82f3312119a3aa7564e4ad3b16f2f955136921d36d4f52971869705cf37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cache-policy: no-cache
cache-control: no-cache, no-store
mime-version: 1.0
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-compressable: Yes
x-compressed: Yes
x-cachetype: No-Cache
accept-ranges: bytes
date: Thu, 25 Nov 2021 15:49:22 GMT
via: 1.1 varnish
x-served-by: cache-fra19125-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1637855362.347157,VS0,VE257
vary: Accept-Encoding

GET
H2 200 persist-1.0.js Show response
tv.di.dk/resources/um/script/libraries/ 2 KB
1 KB 33ms
33ms Script
application/x-javascript 151.101.1.120
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tv.di.dk/resources/um/script/libraries/persist-1.0.js

Requested by

Host: tv.di.dk
URL: https://tv.di.dk/jump/payload?payload=mz47YdksFEUnPgDAz9DdXPvTpb1sqFJ0QbWTXhcHZ87gj%2BH6a6gjY5bHUhUAaIPeGTmMrLaB%2BROjJ4pStBuE3SWk9A4FlPEHFPzdUkiWkGo7xnJzLgZFcyvIRceDeRSaYTzgBzIL2BItl84NKj8jwNBtz11QkQp3g%2Bi47srDsRJoRDK5jSTQiYa%2FTttwvqVD&url=https%3A%2F%2F9uod1.codesandbox.io%3Fdg%3DZmpvdHpAZGVsb2l0dGUubHU%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.120 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3f7ebccb49494f4b7d9e6bc8e00653b178f43434bccfa29dbbffc5f178f6085d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tv.di.dk/jump/payload?payload=mz47YdksFEUnPgDAz9DdXPvTpb1sqFJ0QbWTXhcHZ87gj%2BH6a6gjY5bHUhUAaIPeGTmMrLaB%2BROjJ4pStBuE3SWk9A4FlPEHFPzdUkiWkGo7xnJzLgZFcyvIRceDeRSaYTzgBzIL2BItl84NKj8jwNBtz11QkQp3g%2Bi47srDsRJoRDK5jSTQiYa%2FTttwvqVD&url=https%3A%2F%2F9uod1.codesandbox.io%3Fdg%3DZmpvdHpAZGVsb2l0dGUubHU%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-compressable: Yes
x-compressed: Yes
x-cachetype: Public
x-cache: MISS
x-served-by: cache-fra19125-FRA
last-modified: Wed, 24 Nov 2021 12:21:02 GMT
x-timer: S1637855363.633000,VS0,VE27
date: Thu, 25 Nov 2021 15:49:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish
expires: Fri, 25 Nov 2022 15:49:22 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
mime-version: 1.0
x-cache-hits: 0

GET
H2 200 / Show response
ttcontacts.com/ 69 KB
28 KB 99ms
32ms Script
text/javascript 52.50.242.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ttcontacts.com/

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.50.242.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-242-157.eu-west-1.compute.amazonaws.com

Software

/ Express

Resource Hash

1d69fc3ec7dae43f73eba9e34c0d6ecad1f8dbd6377f8fae71f32e609b0209d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tv.di.dk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:49:22 GMT
content-encoding: gzip
etag: W/"115a2-ZF3SofYkU6qWSUWXEfuABJsvfT0"
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=7200
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 452502:67788989:8C62DA59F6E03BF63823F599C8CDF3F7B39E1605-mafb0JUCEhwGTzMleLD2.gif
ttcontacts.com/api/audience/mail/click/ 43 B
267 B 95ms
63ms Image
image/gif 52.50.242.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ttcontacts.com/api/audience/mail/click/452502:67788989:8C62DA59F6E03BF63823F599C8CDF3F7B39E1605-mafb0JUCEhwGTzMleLD2.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.50.242.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-242-157.eu-west-1.compute.amazonaws.com

Software

/ Express

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tv.di.dk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:49:22 GMT
etag: W/"2b-17d066c2350"
last-modified: Tue, 09 Nov 2021 20:38:10 GMT
x-powered-by: Express
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/gif
cache-control: private, max-age=0
accept-ranges: bytes
content-length: 43

GET
H2 200 profile
ttcontacts.com/api/audience/ 61 B
246 B 48ms
48ms Script
application/x-javascript 52.50.242.157
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ttcontacts.com/api/audience/profile?site=452502&email=bjorn%40sixtus-compliance.dk&force=true&uuid=f4d3f102-b734-2bb1-03e7-6c074bfaa50f&sync=1&callback=__audcb_1

Requested by

Host: ttcontacts.com
URL: https://ttcontacts.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.50.242.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-242-157.eu-west-1.compute.amazonaws.com

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tv.di.dk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:49:22 GMT
x-powered-by: Express
etag: W/"3d-GUjR92LmxKihfMcyNwNLERGHzSU"
content-length: 61
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/x-javascript; charset=utf-8

GET
H2 200 / Show response
9uod1.codesandbox.io/ 2 KB
1 KB 122ms
91ms Document
text/html 2606:4700::6812:16cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://9uod1.codesandbox.io/?dg=ZmpvdHpAZGVsb2l0dGUubHU=
Requested by: Host: tv.di.dk
URL: https://tv.di.dk/jump/payload?payload=mz47YdksFEUnPgDAz9DdXPvTpb1sqFJ0QbWTXhcHZ87gj%2BH6a6gjY5bHUhUAaIPeGTmMrLaB%2BROjJ4pStBuE3SWk9A4FlPEHFPzdUkiWkGo7xnJzLgZFcyvIRceDeRSaYTzgBzIL2BItl84NKj8jwNBtz11QkQp3g%2Bi47srDsRJoRDK5jSTQiYa%2FTttwvqVD&url=https%3A%2F%2F9uod1.codesandbox.io%3Fdg%3DZmpvdHpAZGVsb2l0dGUubHU%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae5ececaedfc2c6167256692390c414be42ef60699d5e675d386170f75a2b5d8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tv.di.dk/

Response headers

date: Thu, 25 Nov 2021 15:49:22 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: private, max-age=0, no-cache, no-store
x-request-id: FrrUxllmPIdGV7EYfTJB
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b3c06d188b06945-FRA
content-encoding: br

GET
H2 200 profile
ttcontacts.com/api/audience/ 43 B
267 B 35ms
34ms Image
image/gif 52.50.242.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ttcontacts.com/api/audience/profile?site=452502&uuid=00781e3d-43e0-902b-a53a-9bb4ee7b8f81

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.50.242.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-242-157.eu-west-1.compute.amazonaws.com

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tv.di.dk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:49:22 GMT
etag: W/"2b-17d066c2350"
last-modified: Tue, 09 Nov 2021 20:38:10 GMT
x-powered-by: Express
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/gif
cache-control: private, max-age=0
accept-ranges: bytes
content-length: 43

GET
H2 200 vendors~app~embed~sandbox~sandbox-startup.bcc15d438.chunk.js
codesandbox.io/static/js/ 9 KB
4 KB 62ms
41ms Script
application/javascript 2606:4700::6812:16cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/static/js/vendors~app~embed~sandbox~sandbox-startup.bcc15d438.chunk.js
Requested by: Host: 9uod1.codesandbox.io
URL: https://9uod1.codesandbox.io/?dg=ZmpvdHpAZGVsb2l0dGUubHU=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://9uod1.codesandbox.io/
Origin: https://9uod1.codesandbox.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:49:22 GMT
via: 1.1 google
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 25 Nov 2021 12:15:12 GMT
server: cloudflare
etag: W/"619f7e50-2312"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6b3c06d25b574ece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vendors~app~embed~sandbox-startup.6e3433fd3.chunk.js
codesandbox.io/static/js/ 17 KB
5 KB 69ms
48ms Script
application/javascript 2606:4700::6812:16cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/static/js/vendors~app~embed~sandbox-startup.6e3433fd3.chunk.js
Requested by: Host: 9uod1.codesandbox.io
URL: https://9uod1.codesandbox.io/?dg=ZmpvdHpAZGVsb2l0dGUubHU=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://9uod1.codesandbox.io/
Origin: https://9uod1.codesandbox.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:49:22 GMT
via: 1.1 google
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 25 Nov 2021 12:15:12 GMT
server: cloudflare
etag: W/"619f7e50-423b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6b3c06d25b5c4ece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sandbox-startup.62e80e598.js
codesandbox.io/static/js/ 24 KB
8 KB 66ms
46ms Script
application/javascript 2606:4700::6812:16cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/static/js/sandbox-startup.62e80e598.js
Requested by: Host: 9uod1.codesandbox.io
URL: https://9uod1.codesandbox.io/?dg=ZmpvdHpAZGVsb2l0dGUubHU=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://9uod1.codesandbox.io/
Origin: https://9uod1.codesandbox.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:49:22 GMT
via: 1.1 google
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 25 Nov 2021 12:15:12 GMT
server: cloudflare
etag: W/"619f7e50-5ef5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6b3c06d25b604ece-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 browserfs.min.js Show response
codesandbox.io/static/browserfs12/ 232 KB
59 KB 29ms
29ms Script
application/javascript 2606:4700::6812:16cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/static/browserfs12/browserfs.min.js
Requested by: Host: 9uod1.codesandbox.io
URL: https://9uod1.codesandbox.io/?dg=ZmpvdHpAZGVsb2l0dGUubHU=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62483db86f3ba9581159a53ce478b67f4b1814e3ec0948dc60fabeeca10faff7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9uod1.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:49:22 GMT
via: 1.1 google
cf-cache-status: HIT
age: 10834606
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 22 Jul 2021 13:01:29 GMT
server: cloudflare
etag: W/"60f96c29-39fc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6b3c06d23a936945-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 v64f9daad31f64f81be21cbef6184a5e31634941392597
static.cloudflareinsights.com/beacon.min.js/ 13 KB
5 KB 96ms
77ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v64f9daad31f64f81be21cbef6184a5e31634941392597
Requested by: Host: 9uod1.codesandbox.io
URL: https://9uod1.codesandbox.io/?dg=ZmpvdHpAZGVsb2l0dGUubHU=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://9uod1.codesandbox.io/
Origin: https://9uod1.codesandbox.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:49:23 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.10.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6b3c06d2c98768f5-FRA

GET
H2 200 babel.7.12.12.min.js
codesandbox.io/static/js/ 0
360 KB 36ms
35ms Other
application/javascript 2606:4700::6812:16cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://codesandbox.io/static/js/babel.7.12.12.min.js
Requested by: Host: codesandbox.io
URL: https://codesandbox.io/static/js/sandbox-startup.62e80e598.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:16cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9uod1.codesandbox.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 15:49:23 GMT
via: 1.1 google
cf-cache-status: HIT
age: 19138586
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 16 Apr 2021 07:19:12 GMT
server: cloudflare
etag: W/"60793a70-190d43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6b3c06d2abf76945-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

Primary Request PS-619fb0856d323 Show response
prickly.dvrlists.com/office/
Redirect Chain

https://prickly.dvrlists.com/office/$fjotz@deloitte.lu
https://prickly.dvrlists.com/office/PS-619fb0856d323

36 KB
37 KB

191ms
186ms

Document
text/html

162.241.121.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://prickly.dvrlists.com/office/PS-619fb0856d323
Requested by: Host: 9uod1.codesandbox.io
URL: https://9uod1.codesandbox.io/?dg=ZmpvdHpAZGVsb2l0dGUubHU=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.121.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-121-114.unifiedlayer.com
Software: Apache /
Resource Hash: 02d7f1fd670ff0898c654b3785786964e256badaa3fe128c726260c7e8d85d5b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://9uod1.codesandbox.io/?dg=ZmpvdHpAZGVsb2l0dGUubHU=

Response headers

Date: Thu, 25 Nov 2021 15:49:25 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Thu, 25 Nov 2021 15:49:22 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Location: ./PS-619fb0856d323
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H3 200 babel-transpiler.1fa7fdd7.worker.js
9uod1.codesandbox.io/ 2 MB
485 KB 103ms
102ms Other
application/javascript 2606:4700::6812:16cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://9uod1.codesandbox.io/babel-transpiler.1fa7fdd7.worker.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:16cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9uod1.codesandbox.io/?dg=ZmpvdHpAZGVsb2l0dGUubHU=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cf-ray: 6b3c06d2bb445c2c-FRA
date: Thu, 25 Nov 2021 15:49:23 GMT
via: 1.1 google
cf-cache-status: MISS
last-modified: Thu, 25 Nov 2021 12:15:12 GMT
server: cloudflare
etag: W/"619f7e50-1fb75b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 babel-transpiler.1fa7fdd7.worker.js
9uod1.codesandbox.io/ 2 MB
485 KB 128ms
127ms Other
application/javascript 2606:4700::6812:16cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://9uod1.codesandbox.io/babel-transpiler.1fa7fdd7.worker.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:16cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9uod1.codesandbox.io/?dg=ZmpvdHpAZGVsb2l0dGUubHU=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cf-ray: 6b3c06d2bb485c2c-FRA
date: Thu, 25 Nov 2021 15:49:23 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 25 Nov 2021 12:15:12 GMT
server: cloudflare
age: 0
etag: W/"619f7e50-1fb75b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 babel-transpiler.1fa7fdd7.worker.js
9uod1.codesandbox.io/ 2 MB
485 KB 187ms
186ms Other
application/javascript 2606:4700::6812:16cf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://9uod1.codesandbox.io/babel-transpiler.1fa7fdd7.worker.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:16cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9uod1.codesandbox.io/?dg=ZmpvdHpAZGVsb2l0dGUubHU=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

cf-ray: 6b3c06d2bb4c5c2c-FRA
date: Thu, 25 Nov 2021 15:49:23 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 25 Nov 2021 12:15:12 GMT
server: cloudflare
age: 0
etag: W/"619f7e50-1fb75b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK 83caade9b21ea6fbd31e0cab17bec019cb359990b77a0
prickly.dvrlists.com/office/APP-QEL8LK/ 103 KB
18 KB 197ms
136ms Stylesheet
text/css 162.241.121.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://prickly.dvrlists.com/office/APP-QEL8LK/83caade9b21ea6fbd31e0cab17bec019cb359990b77a0
Requested by: Host: prickly.dvrlists.com
URL: https://prickly.dvrlists.com/office/PS-619fb0856d323
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.121.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-121-114.unifiedlayer.com
Software: Apache /
Resource Hash: a7057bebfff43e7281ca31da00d40bd88c8d02d1576b9c45891dd56a3853269a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prickly.dvrlists.com/office/PS-619fb0856d323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 15:49:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Aug 2021 19:23:18 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 18548

GET
H/1.1 200
OK 79a92bb1cce0a17b0ca8f3dca71a0b69e5b1bed33e909
prickly.dvrlists.com/office/o/ 4 KB
2 KB 248ms
132ms Image
image/svg+xml 162.241.121.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prickly.dvrlists.com/office/o/79a92bb1cce0a17b0ca8f3dca71a0b69e5b1bed33e909
Requested by: Host: prickly.dvrlists.com
URL: https://prickly.dvrlists.com/office/PS-619fb0856d323
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.121.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-121-114.unifiedlayer.com
Software: Apache /
Resource Hash: 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prickly.dvrlists.com/office/PS-619fb0856d323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 15:49:25 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Nov 2019 23:10:04 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1435

GET
H/1.1 200
OK 973b3cab7eca99eac1b03e9aa1bc8ef1d06925bd1700b
prickly.dvrlists.com/office/e/ 513 B
569 B 396ms
132ms Image
image/svg+xml 162.241.121.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prickly.dvrlists.com/office/e/973b3cab7eca99eac1b03e9aa1bc8ef1d06925bd1700b
Requested by: Host: prickly.dvrlists.com
URL: https://prickly.dvrlists.com/office/PS-619fb0856d323
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.121.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-121-114.unifiedlayer.com
Software: Apache /
Resource Hash: 34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prickly.dvrlists.com/office/PS-619fb0856d323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 15:49:26 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Nov 2019 06:44:20 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 276

GET
H/1.1 200
OK 61a7ace7bb1f39bdc3e8b1adc30e1cb9a2959e0a070b9 Show response
prickly.dvrlists.com/office/jq/ 84 KB
29 KB 269ms
138ms Script
application/javascript 162.241.121.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://prickly.dvrlists.com/office/jq/61a7ace7bb1f39bdc3e8b1adc30e1cb9a2959e0a070b9
Requested by: Host: prickly.dvrlists.com
URL: https://prickly.dvrlists.com/office/PS-619fb0856d323
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.121.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-121-114.unifiedlayer.com
Software: Apache /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prickly.dvrlists.com/office/PS-619fb0856d323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 15:49:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 May 2021 20:23:14 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 29822

GET
H/1.1 200
OK 0c3e3101bd29b703cabd99ea9c68ea7119a0ea75cbbbf Show response
prickly.dvrlists.com/office/boot/ 50 KB
14 KB 279ms
134ms Script
application/javascript 162.241.121.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://prickly.dvrlists.com/office/boot/0c3e3101bd29b703cabd99ea9c68ea7119a0ea75cbbbf
Requested by: Host: prickly.dvrlists.com
URL: https://prickly.dvrlists.com/office/PS-619fb0856d323
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.121.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-121-114.unifiedlayer.com
Software: Apache /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prickly.dvrlists.com/office/PS-619fb0856d323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 15:49:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 May 2021 20:23:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 14085

GET
H/1.1 200
OK ace03b6bc3ec10079a1d1017287f9ae5aabebdcb3999b Show response
prickly.dvrlists.com/office/jm/ 5 KB
2 KB 280ms
134ms Script
application/javascript 162.241.121.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://prickly.dvrlists.com/office/jm/ace03b6bc3ec10079a1d1017287f9ae5aabebdcb3999b
Requested by: Host: prickly.dvrlists.com
URL: https://prickly.dvrlists.com/office/PS-619fb0856d323
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.121.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-121-114.unifiedlayer.com
Software: Apache /
Resource Hash: fb23209dbc5709c625b8103fdbc6914f5cb8df714c88e4dbc99f22cd18ebcde7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prickly.dvrlists.com/office/PS-619fb0856d323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 15:49:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Sep 2021 22:38:14 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1260

GET
H/1.1 200
OK api-1eb339ad9b2b18b775cbf0ca9dea0176bea3a0199ecc0
prickly.dvrlists.com/office/ 5 KB
5 KB 1205ms
1205ms Image
image/jpeg 162.241.121.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prickly.dvrlists.com/office/api-1eb339ad9b2b18b775cbf0ca9dea0176bea3a0199ecc0?email=fjotz@deloitte.lu&data=logo
Requested by: Host: prickly.dvrlists.com
URL: https://prickly.dvrlists.com/office/PS-619fb0856d323
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.121.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-121-114.unifiedlayer.com
Software: Apache /
Resource Hash: e7b063de9bf8a25e2080945e7aec41138f9aaa206595a1c110b40bb3f169c3f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prickly.dvrlists.com/office/PS-619fb0856d323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 15:49:26 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: image/jpeg;
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK api-b2530097cabbcb6b10cea01a9e71d933f7ead8aeb9c91
prickly.dvrlists.com/office/ 236 KB
236 KB 1733ms
1733ms Image
image/jpeg 162.241.121.114
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prickly.dvrlists.com/office/api-b2530097cabbcb6b10cea01a9e71d933f7ead8aeb9c91?email=fjotz@deloitte.lu&data=background
Requested by: Host: prickly.dvrlists.com
URL: https://prickly.dvrlists.com/office/PS-619fb0856d323
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.121.114 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-121-114.unifiedlayer.com
Software: Apache /
Resource Hash: fbbf97b7a3afdff8eac733b280c6bca554b56ae796f60f2059fe2257cbeeca12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prickly.dvrlists.com/office/PS-619fb0856d323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 15:49:26 GMT
Server: Apache
Transfer-Encoding: chunked
Content-Type: image/jpeg;
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tv.di.dk/	1970-01-19 22:57:37	Name: ad_session_id Value: 95353586511%2c0%2c0+%7b56+1637857162+383AF97F9A54E806750BF98E1AA3DE5F21746904%7d
tv.di.dk/	1969-12-31 23:59:59	Name: comment_name Value: Bj%C3%B8rn%20Leth%20Erichsen
tv.di.dk/	1969-12-31 23:59:59	Name: inlinecollectorobject Value: 66726987%2C67788989%2C67788989
tv.di.dk/	1970-01-20 01:07:11	Name: 452502_p Value: company%2Cdata_optin%2Cemail%2Cfirstname%2Clastname%2Cmarketing_optin%2Cuuid%2Csite
tv.di.dk/	1970-01-20 01:07:11	Name: 452502_u Value: f4d3f102-b734-2bb1-03e7-6c074bfaa50f
tv.di.dk/	1970-01-20 01:07:11	Name: uuid Value: f4d3f102-b734-2bb1-03e7-6c074bfaa50f
prickly.dvrlists.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7da761f7f96c76df28059a5b75d1786c

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	warning	URL: https://codesandbox.io/static/js/babel.7.12.12.min.js Message: Browserslist: caniuse-lite is outdated. Please run: npx browserslist@latest --update-db Why you should do it regularly: https://github.com/browserslist/browserslist#browsers-data-updating
worker	warning	URL: https://codesandbox.io/static/js/babel.7.12.12.min.js Message: Browserslist: caniuse-lite is outdated. Please run: npx browserslist@latest --update-db Why you should do it regularly: https://github.com/browserslist/browserslist#browsers-data-updating
worker	warning	URL: https://codesandbox.io/static/js/babel.7.12.12.min.js Message: Browserslist: caniuse-lite is outdated. Please run: npx browserslist@latest --update-db Why you should do it regularly: https://github.com/browserslist/browserslist#browsers-data-updating

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9uod1.codesandbox.io
codesandbox.io
prickly.dvrlists.com
static.cloudflareinsights.com
ttcontacts.com
tv.di.dk
151.101.1.120
162.241.121.114
2606:4700::6810:5e41
2606:4700::6812:16cf
52.50.242.157
02d7f1fd670ff0898c654b3785786964e256badaa3fe128c726260c7e8d85d5b
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1d69fc3ec7dae43f73eba9e34c0d6ecad1f8dbd6377f8fae71f32e609b0209d9
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
3f7ebccb49494f4b7d9e6bc8e00653b178f43434bccfa29dbbffc5f178f6085d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
62483db86f3ba9581159a53ce478b67f4b1814e3ec0948dc60fabeeca10faff7
8acbf82f3312119a3aa7564e4ad3b16f2f955136921d36d4f52971869705cf37
a7057bebfff43e7281ca31da00d40bd88c8d02d1576b9c45891dd56a3853269a
ae5ececaedfc2c6167256692390c414be42ef60699d5e675d386170f75a2b5d8
e7b063de9bf8a25e2080945e7aec41138f9aaa206595a1c110b40bb3f169c3f6
fb23209dbc5709c625b8103fdbc6914f5cb8df714c88e4dbc99f22cd18ebcde7
fbbf97b7a3afdff8eac733b280c6bca554b56ae796f60f2059fe2257cbeeca12

prickly.dvrlists.com Open in urlscan Pro 162.241.121.114 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

25 Requests

100 %HTTPS

40 %IPv6

5 Domains

6 Subdomains

5 IPs

2 Countries

2273 kBTransfer

6981 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

7 Cookies

3 Console Messages

Security Headers

prickly.dvrlists.com Open in urlscan Pro
162.241.121.114 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

2273 kB
Transfer

6981 kB
Size

7
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!