d2k52dm1iwwy.cloudfront.net Open in urlscan Pro
143.204.98.231  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response d2k52dm1iwwy.cloudfront.net/	69 KB 69 KB	210ms 204ms	Document text/html	143.204.98.231 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Protocol HTTP/1.1 Server 143.204.98.231 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash 445b92087d8da377c2c33044eac4ecaba30a3cee239e2c94a5298525940c5c3f Request headers Host d2k52dm1iwwy.cloudfront.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 8EE5875CFCE10D2A99A53EBCBD018E61 Response headers Content-Type text/html Content-Length 70460 Connection keep-alive Date Thu, 26 Jul 2018 20:30:16 GMT Last-Modified Thu, 26 Jul 2018 20:11:52 GMT ETag "46731e0d37feffd1a5d6bd23812f6153" Accept-Ranges bytes Server AmazonS3 X-Cache RefreshHit from cloudfront Via 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront) X-Amz-Cf-Id UTJ3O4hwaEb4WtAzIY1nQMT9DYeMAPRa7GMZZEIyOOTSrkqhwwiMgQ==
GET S	200	css fonts.googleapis.com/	2 KB 557 B	17ms 16ms	Stylesheet text/css	2a00:1450:4001:814::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Titillium+Web:400,700 Requested by Host: d2k52dm1iwwy.cloudfront.net URL: http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Protocol SPDY Server 2a00:1450:4001:814::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash 3d49296055d42972e1275138fd3f5023fa2cf390a0e6617cf05e97a51d1eda39 Security Headers Name Value Strict-Transport-Security max-age=600 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=600 content-encoding gzip last-modified Thu, 26 Jul 2018 23:32:10 GMT server ESF link <https://fonts.gstatic.com>; rel=preconnect; crossorigin status 200 date Thu, 26 Jul 2018 23:32:10 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" x-xss-protection 1; mode=block expires Thu, 26 Jul 2018 23:32:10 GMT
GET H/1.1	200 OK	/ Show response geoapi123.appspot.com/	400 B 426 B	151ms 121ms	Script text/html	2a00:1450:4001:814::2014 Google LLC
General Check archive.org Show headers Download Go to Full URL http://geoapi123.appspot.com/ Requested by Host: d2k52dm1iwwy.cloudfront.net URL: http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Protocol HTTP/1.1 Server 2a00:1450:4001:814::2014 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Frontend / Resource Hash 8eb553da27ed9787f002bb2577105a6609e724de5a27096ee22203aaf1f13cdc Request headers Referer http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 26 Jul 2018 23:32:10 GMT Content-Encoding gzip Server Google Frontend Vary Accept-Encoding Content-Type text/html; charset=utf-8 X-Cloud-Trace-Context 4a400ff693f78ba7c6fbee16ce1f172c Cache-Control private Content-Length 156
GET H/1.1	200 OK	style.css d2k52dm1iwwy.cloudfront.net/files/	2 KB 3 KB	110ms 107ms	Stylesheet text/css	143.204.98.231 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://d2k52dm1iwwy.cloudfront.net/files/style.css Requested by Host: d2k52dm1iwwy.cloudfront.net URL: http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Protocol HTTP/1.1 Server 143.204.98.231 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash af799a6513553c4aa0e6c1ba49c34043563b2fbe2ff87708584220908890b982 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host d2k52dm1iwwy.cloudfront.net User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Connection keep-alive Cache-Control no-cache Referer http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 26 Jul 2018 20:30:21 GMT Via 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront) Last-Modified Thu, 26 Jul 2018 20:11:51 GMT Server AmazonS3 ETag "ee18825b427f97f1c7fd232626d4fb68" X-Cache RefreshHit from cloudfront Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 2178 X-Amz-Cf-Id y--RAdF5tPjapl0VBFwuUukgHpJC9yIzYTLQByFsHnX9r_dcSJf5Sw==
GET H/1.1	200 OK	background-2.png d2k52dm1iwwy.cloudfront.net/files/	251 KB 251 KB	194ms 194ms	Image application/octet-stream	143.204.98.231 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://d2k52dm1iwwy.cloudfront.net/files/background-2.png Requested by Host: d2k52dm1iwwy.cloudfront.net URL: http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Protocol HTTP/1.1 Server 143.204.98.231 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash 166dedb9f977c9f52f3e1b475e1c19ec9f0559a3c13de1b1da6d6aaf44bff2ea Request headers Pragma no-cache Accept-Encoding gzip, deflate Host d2k52dm1iwwy.cloudfront.net User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Connection keep-alive Cache-Control no-cache Referer http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 26 Jul 2018 20:30:25 GMT Via 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront) Last-Modified Thu, 26 Jul 2018 20:11:53 GMT Server AmazonS3 ETag "ecb872795e4e8afc251962a54c26c157" X-Cache RefreshHit from cloudfront Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes Content-Length 256524 X-Amz-Cf-Id hBhk5bzj6SPdG-USkDGiKX9sBJjaAzwTtFfw4CtuS69-sdV87z-Acw==
GET H/1.1	200 OK	alert.jpg d2k52dm1iwwy.cloudfront.net/files/	37 KB 38 KB	194ms 193ms	Image application/octet-stream	143.204.98.140 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://d2k52dm1iwwy.cloudfront.net/files/alert.jpg Requested by Host: d2k52dm1iwwy.cloudfront.net URL: http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Protocol HTTP/1.1 Server 143.204.98.140 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash c73175a61d649c35682fbe86a7843ba99bad811cba32cb6e59d50cae3bdf34ca Request headers Pragma no-cache Accept-Encoding gzip, deflate Host d2k52dm1iwwy.cloudfront.net User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Connection keep-alive Cache-Control no-cache Referer http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 26 Jul 2018 20:30:25 GMT Via 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront) Last-Modified Thu, 26 Jul 2018 20:11:51 GMT Server AmazonS3 ETag "f9a46dfbac093c4bbcc1003d76b5a804" X-Cache RefreshHit from cloudfront Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes Content-Length 38167 X-Amz-Cf-Id t7ralXyrgFAdkQMX5FXTgtDcHN0mlzRinxZ6c6XvGcaVNhcLjGLwbg==
GET H/1.1	200 OK	microsoft.png d2k52dm1iwwy.cloudfront.net/files/	977 B 1 KB	116ms 104ms	Image application/octet-stream	143.204.98.27 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL http://d2k52dm1iwwy.cloudfront.net/files/microsoft.png Requested by Host: d2k52dm1iwwy.cloudfront.net URL: http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Protocol HTTP/1.1 Server 143.204.98.27 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash 844a92ee435552f7f26b4ec467220c537841f8245a16bbb265975ce4b3081f36 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host d2k52dm1iwwy.cloudfront.net User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Connection keep-alive Cache-Control no-cache Referer http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 26 Jul 2018 20:30:26 GMT Via 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront) Last-Modified Thu, 26 Jul 2018 20:11:51 GMT Server AmazonS3 ETag "ab563722ebc08ab73e4c72a3fa0d28c7" X-Cache RefreshHit from cloudfront Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes Content-Length 977 X-Amz-Cf-Id s-EYLKR0SkKkbzc42BwC8gJlXFpQKMg1KIHE4L3BCCR-EOu03GaOfw==
GET S	200	js Show response www.googletagmanager.com/gtag/	70 KB 25 KB	15ms 14ms	Script application/javascript	2a00:1450:4001:814::2008 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-67053605-1 Requested by Host: d2k52dm1iwwy.cloudfront.net URL: http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Protocol SPDY Server 2a00:1450:4001:814::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Tag Manager (scaffolding) / Resource Hash 9a0aa7f85e99fd16582eb96b9efae98fdcc10b6e83831c455f48464ca6d244d0 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 26 Jul 2018 23:32:11 GMT content-encoding gzip server Google Tag Manager (scaffolding) access-control-allow-headers Cache-Control status 200 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin http://www.googletagmanager.com cache-control private, max-age=900 access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 25189 x-xss-protection 1; mode=block expires Thu, 26 Jul 2018 23:32:11 GMT
GET S	200	css fonts.googleapis.com/	7 KB 815 B	16ms 16ms	Stylesheet text/css	2a00:1450:4001:814::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,600,700 Requested by Host: d2k52dm1iwwy.cloudfront.net URL: http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Protocol SPDY Server 2a00:1450:4001:814::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software ESF / Resource Hash c345fc13257023a5594f0be4a3b4643774ebfcba01a95d53c7842515d500ae7c Security Headers Name Value Strict-Transport-Security max-age=600 X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=600 content-encoding gzip last-modified Thu, 26 Jul 2018 23:32:11 GMT server ESF link <https://fonts.gstatic.com>; rel=preconnect; crossorigin status 200 date Thu, 26 Jul 2018 23:32:11 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" x-xss-protection 1; mode=block expires Thu, 26 Jul 2018 23:32:11 GMT
GET S	200	mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2 fonts.gstatic.com/s/opensans/v15/	9 KB 9 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:814::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2 Requested by Host: d2k52dm1iwwy.cloudfront.net URL: http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Protocol SPDY Server 2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Open+Sans:400,600,700 Origin http://d2k52dm1iwwy.cloudfront.net Response headers date Thu, 19 Jul 2018 18:17:59 GMT x-content-type-options nosniff last-modified Wed, 11 Oct 2017 21:49:48 GMT server sffe age 623652 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 8916 x-xss-protection 1; mode=block expires Fri, 19 Jul 2019 18:17:59 GMT
GET S	200	mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 fonts.gstatic.com/s/opensans/v15/	9 KB 9 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:814::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2 Requested by Host: d2k52dm1iwwy.cloudfront.net URL: http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Protocol SPDY Server 2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Open+Sans:400,600,700 Origin http://d2k52dm1iwwy.cloudfront.net Response headers date Thu, 19 Jul 2018 18:17:53 GMT x-content-type-options nosniff last-modified Wed, 11 Oct 2017 21:49:39 GMT server sffe age 623658 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 8800 x-xss-protection 1; mode=block expires Fri, 19 Jul 2019 18:17:53 GMT
GET S	200	NaPecZTIAOhVxoMyOr9n_E7fdMPmDaZRbrw.woff2 fonts.gstatic.com/s/titilliumweb/v6/	12 KB 12 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:814::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/titilliumweb/v6/NaPecZTIAOhVxoMyOr9n_E7fdMPmDaZRbrw.woff2 Requested by Host: d2k52dm1iwwy.cloudfront.net URL: http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Protocol SPDY Server 2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 00eefad8cfe42f52ba984740be5df503849b4d4603913570d515db8f1bb1fffd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Titillium+Web:400,700 Origin http://d2k52dm1iwwy.cloudfront.net Response headers date Fri, 13 Jul 2018 20:22:45 GMT x-content-type-options nosniff last-modified Wed, 11 Oct 2017 18:27:30 GMT server sffe age 1134566 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 12252 x-xss-protection 1; mode=block expires Sat, 13 Jul 2019 20:22:45 GMT
GET H/1.1	206 Partial Content	alertmicrosoft.mp3 d2k52dm1iwwy.cloudfront.net/files/	93 KB 0	189ms 183ms	Media binary/octet-stream	143.204.98.66 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://d2k52dm1iwwy.cloudfront.net/files/alertmicrosoft.mp3 Requested by Host: d2k52dm1iwwy.cloudfront.net URL: http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Protocol HTTP/1.1 Server 143.204.98.66 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash Request headers Pragma no-cache Accept-Encoding identity;q=1, *;q=0 Host d2k52dm1iwwy.cloudfront.net User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 chrome-proxy frfr Accept */* Cache-Control no-cache Referer http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Connection keep-alive Range bytes=0- Referer http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Range bytes=0- chrome-proxy frfr Response headers Date Thu, 26 Jul 2018 20:41:21 GMT Via 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront) Last-Modified Thu, 26 Jul 2018 20:11:53 GMT Server AmazonS3 ETag "6ed16685648cc6c15a7da8263543a65c" X-Cache RefreshHit from cloudfront Content-Type binary/octet-stream Content-Range bytes 0-143452/143453 Connection keep-alive Accept-Ranges bytes Content-Length 143453 X-Amz-Cf-Id OxrTEaOlem0RoN8cUdmxGvbdURxbiGEnbpJ5aNLTW8bgK9oBwL5wCQ==
GET H/1.1	206 Partial Content	warning.mp3 d2k52dm1iwwy.cloudfront.net/files/	13 KB 14 KB	199ms 193ms	Media binary/octet-stream	143.204.98.66 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://d2k52dm1iwwy.cloudfront.net/files/warning.mp3 Requested by Host: d2k52dm1iwwy.cloudfront.net URL: http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Protocol HTTP/1.1 Server 143.204.98.66 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash f4d5cae00178437f63e868ded066dde7503207230142ab3c37ef8ca70a03574d Request headers Pragma no-cache Accept-Encoding identity;q=1, *;q=0 Host d2k52dm1iwwy.cloudfront.net User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 chrome-proxy frfr Accept */* Cache-Control no-cache Referer http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Connection keep-alive Range bytes=0- Referer http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Range bytes=0- chrome-proxy frfr Response headers Date Thu, 26 Jul 2018 20:41:21 GMT Via 1.1 cb57b06fc1bc940d0cf018d7f2b56bdb.cloudfront.net (CloudFront) Last-Modified Thu, 26 Jul 2018 20:11:51 GMT Server AmazonS3 ETag "00b0b7579d355157c552145ce7720cb2" X-Cache RefreshHit from cloudfront Content-Type binary/octet-stream Content-Range bytes 0-13668/13669 Connection keep-alive Accept-Ranges bytes Content-Length 13669 X-Amz-Cf-Id yz7kZMV4i37tP7yTone4b2o_DcX48X_Ltj1Tsr9-U7DQpRq6QYPX3A==
GET S	200	analytics.js Show response www.google-analytics.com/	34 KB 14 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:814::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: d2k52dm1iwwy.cloudfront.net URL: http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Protocol SPDY Server 2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 18 May 2018 01:10:24 GMT server Golfe2 age 2003 date Thu, 26 Jul 2018 22:58:48 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 14386 expires Fri, 27 Jul 2018 00:58:48 GMT
GET S	200	collect www.google-analytics.com/r/	35 B 101 B	13ms 13ms	Image image/gif	2a00:1450:4001:814::200e Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j68&a=462011509&t=pageview&_s=1&dl=http%3A%2F%2Fd2k52dm1iwwy.cloudfront.net%2F%3Fzoneid%3D1618695%26hil%3Dundefined&ul=en-us&de=UTF-8&dt=Microsoft%20Official%20Support&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=344679186&gjid=2107352841&cid=826447457.1532647931&tid=UA-68643439-1&_gid=91468012.1532647931&_r=1&z=1669702287 Requested by Host: d2k52dm1iwwy.cloudfront.net URL: http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined Protocol SPDY Server 2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://d2k52dm1iwwy.cloudfront.net/?zoneid=1618695&hil=undefined User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Thu, 26 Jul 2018 23:32:11 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	200	NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzY5abuWI.woff2 fonts.gstatic.com/s/titilliumweb/v6/	11 KB 11 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:814::2003 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/titilliumweb/v6/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzY5abuWI.woff2 Protocol SPDY Server 2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash d16b62e9833a9777233cdc8b707d56dc5fe4d50f1999fa677155a6a9ec504b64 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Titillium+Web:400,700 Origin http://d2k52dm1iwwy.cloudfront.net Response headers date Sat, 14 Jul 2018 12:44:57 GMT x-content-type-options nosniff last-modified Wed, 11 Oct 2017 18:26:23 GMT server sffe age 1075635 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 11612 x-xss-protection 1; mode=block expires Sun, 14 Jul 2019 12:44:57 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| geoip_country_code function| geoip_country_name function| geoip_city function| geoip_region function| geoip_region_name function| geoip_latitude function| geoip_longitude function| geoip_postal_code function| geoip_area_code function| geoip_metro_code string| phone_number function| evali string| GoogleAnalyticsObject function| ga function| eval1 object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| dataLayer

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.d2k52dm1iwwy.cloudfront.net/	1970-01-18 17:45:34	Name: _gid Value: GA1.3.91468012.1532647931
			.d2k52dm1iwwy.cloudfront.net/	1970-01-18 17:44:07	Name: _gat Value: 1
			.d2k52dm1iwwy.cloudfront.net/	1970-01-19 11:15:19	Name: _ga Value: GA1.3.826447457.1532647931

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: City fails!!!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d2k52dm1iwwy.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
geoapi123.appspot.com
www.google-analytics.com
www.googletagmanager.com
143.204.98.140
143.204.98.231
143.204.98.27
143.204.98.66
2a00:1450:4001:814::2003
2a00:1450:4001:814::2008
2a00:1450:4001:814::200a
2a00:1450:4001:814::200e
2a00:1450:4001:814::2014
00eefad8cfe42f52ba984740be5df503849b4d4603913570d515db8f1bb1fffd
166dedb9f977c9f52f3e1b475e1c19ec9f0559a3c13de1b1da6d6aaf44bff2ea
3d49296055d42972e1275138fd3f5023fa2cf390a0e6617cf05e97a51d1eda39
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
445b92087d8da377c2c33044eac4ecaba30a3cee239e2c94a5298525940c5c3f
50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844a92ee435552f7f26b4ec467220c537841f8245a16bbb265975ce4b3081f36
8eb553da27ed9787f002bb2577105a6609e724de5a27096ee22203aaf1f13cdc
9a0aa7f85e99fd16582eb96b9efae98fdcc10b6e83831c455f48464ca6d244d0
af799a6513553c4aa0e6c1ba49c34043563b2fbe2ff87708584220908890b982
c345fc13257023a5594f0be4a3b4643774ebfcba01a95d53c7842515d500ae7c
c73175a61d649c35682fbe86a7843ba99bad811cba32cb6e59d50cae3bdf34ca
d16b62e9833a9777233cdc8b707d56dc5fe4d50f1999fa677155a6a9ec504b64
f4d5cae00178437f63e868ded066dde7503207230142ab3c37ef8ca70a03574d
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be