ahs.formeroo.click Open in urlscan Pro
94.23.74.93 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ahs.formeroo.click/kmrtzagjqidexh93510511xhbb9xgz7p8sxh22317xh8553xh46g53fokzxxh83xh0.html
Submission: On December 07 via manual (December 7th 2023, 10:21:46 am UTC) from PT — Scanned from PT

Summary HTTP 10 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 94.23.74.93, located in Lisbon, Portugal and belongs to OVH, FR. The main domain is ahs.formeroo.click.
TLS certificate: Issued by R3 on December 6th 2023. Valid for: 3 months.

This is the only time ahs.formeroo.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	94.23.74.93 94.23.74.93	16276 (OVH) (OVH)
1	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
7	52.85.92.22 52.85.92.22	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
10	4

1 94.23.74.93 (Lisbon, Portugal)

ASN16276 (OVH, FR)
PTR: ahs.formeroo.click

ahs.formeroo.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.85.92.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-92-22.ham50.r.cloudfront.net

vht.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	tradedoubler.com vht.tradedoubler.com — Cisco Umbrella Rank: 96622	124 KB
1	gstatic.com fonts.gstatic.com	33 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1002 B
1	formeroo.click ahs.formeroo.click	15 KB
10	4

	Domain	Requested by
7	vht.tradedoubler.com	ahs.formeroo.click
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	ahs.formeroo.click
1	ahs.formeroo.click
10	4

This site contains links to these domains. Also see Links.

Domain
clk.tradedoubler.com
www.eureu.uk

Subject Issuer	Validity	Valid
ahs.formeroo.click R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.tradedoubler.com Amazon RSA 2048 M02	`2023-11-14` - `2024-12-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ahs.formeroo.click/kmrtzagjqidexh93510511xhbb9xgz7p8sxh22317xh8553xh46g53fokzxxh83xh0.html
Frame ID: B6A831BB89A81B98414672541F0E9AE7
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

172 kB
Transfer

170 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://clk.tradedoubler.com/click?p=285161&a=3056675&g=25487406&url=https://deals-btob.com/NP_1774_PT_0823/?qcp=NP_1774_PT_0823

Search URL Search Domain Scan URL

URL: http://www.eureu.uk/des-93510511-bb9xgz7p8s-22317-46g53fokzx-83-0.php
Title: anular a sua inscrição.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request kmrtzagjqidexh93510511xhbb9xgz7p8sxh22317xh8553xh46g53fokzxxh83xh0.html Show response
ahs.formeroo.click/ 15 KB
15 KB 643ms
96ms Document
text/html 94.23.74.93
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ahs.formeroo.click/kmrtzagjqidexh93510511xhbb9xgz7p8sxh22317xh8553xh46g53fokzxxh83xh0.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.23.74.93 Lisbon, Portugal, ASN16276 (OVH, FR),
Reverse DNS: ahs.formeroo.click
Software: Apache /
Resource Hash: 7e5293f0c8a0053072d3c1c81efb4b999b980c1865fda39f44514b40a2829458

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 07 Dec 2023 10:21:42 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1002 B 243ms
88ms Stylesheet
text/css 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap

Requested by

Host: ahs.formeroo.click
URL: https://ahs.formeroo.click/kmrtzagjqidexh93510511xhbb9xgz7p8sxh22317xh8553xh46g53fokzxxh83xh0.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

ESF /

Resource Hash

eb9f037b8ddff6f9ef0236c133d4204a4b0488896d0f7ce56e132cb6b704f5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ahs.formeroo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 10:21:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 09:29:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 10:21:42 GMT

GET
H/1.1 200
OK top_logo.png
vht.tradedoubler.com/file/285161/0823/img/ 3 KB
4 KB 282ms
98ms Image
image/png 52.85.92.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/285161/0823/img/top_logo.png

Requested by

Host: ahs.formeroo.click
URL: https://ahs.formeroo.click/kmrtzagjqidexh93510511xhbb9xgz7p8sxh22317xh8553xh46g53fokzxxh83xh0.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.92.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-92-22.ham50.r.cloudfront.net

Software

Apache /

Resource Hash

722d79cf82194f81e5b4eb4c27b1046c93d1b19a52cd67815fc69726fb67b61a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ahs.formeroo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 08:21:08 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 7b39f60eed6e589bf869ce2ecfe6ab8c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: HAM50-C1
Age: 525634
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 3099
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 09 Aug 2023 14:23:24 GMT
Server: Apache
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: Q7dhlpUPPQiDyZhRaMuH5yYd3PodquO26bn8jZzmLzyuoB5g6dMt3g==

GET
H/1.1 200
OK cta1.png
vht.tradedoubler.com/file/285161/0823/img/ 4 KB
5 KB 279ms
98ms Image
image/png 52.85.92.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/285161/0823/img/cta1.png

Requested by

Host: ahs.formeroo.click
URL: https://ahs.formeroo.click/kmrtzagjqidexh93510511xhbb9xgz7p8sxh22317xh8553xh46g53fokzxxh83xh0.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.92.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-92-22.ham50.r.cloudfront.net

Software

Apache /

Resource Hash

0ec63ea3782fbe958870271909113146e5c80690ce192dc66413c68b3fb564bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ahs.formeroo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Wed, 06 Dec 2023 15:06:40 GMT
Via: 1.1 e626e3045304034f7160fd4e5f8b6fce.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: HAM50-C1
Age: 69302
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 4420
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 09 Aug 2023 14:23:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: 5U1-raWNkJ5jpvOd0wK54mpTaW1xmxpTfb4iz0p-b9JKI6pwB0G5zw==

GET
H/1.1 200
OK main.gif
vht.tradedoubler.com/file/285161/0823/img/ 94 KB
95 KB 283ms
99ms Image
image/gif 52.85.92.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/285161/0823/img/main.gif

Requested by

Host: ahs.formeroo.click
URL: https://ahs.formeroo.click/kmrtzagjqidexh93510511xhbb9xgz7p8sxh22317xh8553xh46g53fokzxxh83xh0.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.92.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-92-22.ham50.r.cloudfront.net

Software

Apache /

Resource Hash

0a041d50a4953c9fcb2c3127c98e91a40a235e4fb64cb7b5d912eee92e4d02b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ahs.formeroo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Thu, 07 Dec 2023 07:13:24 GMT
Via: 1.1 e37f79ad8aac2f2f2e74a09fc473b7be.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: HAM50-C1
Age: 11298
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 96719
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 09 Aug 2023 14:23:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/gif
Accept-Ranges: bytes
X-Amz-Cf-Id: 3rXaaFeQ0coNwqqL_fkhtXgz6UCdMH9Cvv7LKpELbB2qJfg4xnIXNw==

GET
H/1.1 200
OK arg1.png
vht.tradedoubler.com/file/285161/0823/img/ 4 KB
5 KB 283ms
99ms Image
image/png 52.85.92.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/285161/0823/img/arg1.png

Requested by

Host: ahs.formeroo.click
URL: https://ahs.formeroo.click/kmrtzagjqidexh93510511xhbb9xgz7p8sxh22317xh8553xh46g53fokzxxh83xh0.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.92.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-92-22.ham50.r.cloudfront.net

Software

Apache /

Resource Hash

910b84294fe3a586d68e87a75e92b31114f75194c11a8d7513aaba223b1d9441

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ahs.formeroo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Thu, 07 Dec 2023 10:21:42 GMT
Via: 1.1 5d217f1e3e1cc27be2d78854345b4f24.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: HAM50-C1
Age: 11336
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 4138
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 09 Aug 2023 14:23:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: R_ijEuR-ZjhJdc86SGwxqfpYXy6KMyjyFzrlQ61luAM0r19Si1hfDg==

GET
H/1.1 200
OK arg2.png
vht.tradedoubler.com/file/285161/0823/img/ 4 KB
4 KB 281ms
97ms Image
image/png 52.85.92.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/285161/0823/img/arg2.png

Requested by

Host: ahs.formeroo.click
URL: https://ahs.formeroo.click/kmrtzagjqidexh93510511xhbb9xgz7p8sxh22317xh8553xh46g53fokzxxh83xh0.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.92.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-92-22.ham50.r.cloudfront.net

Software

Apache /

Resource Hash

fafd47b25977c1e7aee7f8a072225e0d636cbc570d75edf2baed73ffe2c160a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ahs.formeroo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Thu, 07 Dec 2023 07:13:11 GMT
Via: 1.1 5f0d6d57343209c7287434183e565392.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: HAM50-C1
Age: 11311
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 3632
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 09 Aug 2023 14:23:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: 0ZeM1og3-HbQpOYoqm3J2bEIsRfaWhNS1pXLbRgEp1FeOFEAoJ6Beg==

GET
H/1.1 200
OK arg3.png
vht.tradedoubler.com/file/285161/0823/img/ 6 KB
6 KB 127ms
99ms Image
image/png 52.85.92.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/285161/0823/img/arg3.png

Requested by

Host: ahs.formeroo.click
URL: https://ahs.formeroo.click/kmrtzagjqidexh93510511xhbb9xgz7p8sxh22317xh8553xh46g53fokzxxh83xh0.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.92.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-92-22.ham50.r.cloudfront.net

Software

Apache /

Resource Hash

4596b62c53097a6aeb65ffd77c9f5bf94ef7ff06e152f460eb5b200706b57956

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ahs.formeroo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Thu, 07 Dec 2023 07:13:05 GMT
Via: 1.1 e626e3045304034f7160fd4e5f8b6fce.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: HAM50-C1
Age: 11317
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 5650
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 09 Aug 2023 14:23:24 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: Xvvos1h8nX2K_G5ygY8Mk8YEHTOsgp5t1RvPWFcmRn9XVz_t2_aPmA==

GET
H/1.1 200
OK cta2.png
vht.tradedoubler.com/file/285161/0823/img/ 5 KB
5 KB 282ms
98ms Image
image/png 52.85.92.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vht.tradedoubler.com/file/285161/0823/img/cta2.png

Requested by

Host: ahs.formeroo.click
URL: https://ahs.formeroo.click/kmrtzagjqidexh93510511xhbb9xgz7p8sxh22317xh8553xh46g53fokzxxh83xh0.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.92.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-92-22.ham50.r.cloudfront.net

Software

Apache /

Resource Hash

6c21dc6593265f730fa828c02c940e3b5c989781706abbcf53de4274a6c2a059

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://ahs.formeroo.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 01 Dec 2023 08:21:09 GMT
Strict-Transport-Security: max-age=31536000
Via: 1.1 4151e9c487816c27efe39c7f30779450.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: HAM50-C1
Age: 525633
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 4740
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 09 Aug 2023 14:23:24 GMT
Server: Apache
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: QPX-Suw2Vt2zTzDTu-KZuE457MftxuS33tS16VQEohYV2NqD3yT5Og==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 241ms
74ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ahs.formeroo.click
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:32:51 GMT
x-content-type-options: nosniff
age: 53332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:32:51 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ahs.formeroo.click
fonts.googleapis.com
fonts.gstatic.com
vht.tradedoubler.com
142.250.185.106
142.250.186.99
52.85.92.22
94.23.74.93
0a041d50a4953c9fcb2c3127c98e91a40a235e4fb64cb7b5d912eee92e4d02b1
0ec63ea3782fbe958870271909113146e5c80690ce192dc66413c68b3fb564bd
4596b62c53097a6aeb65ffd77c9f5bf94ef7ff06e152f460eb5b200706b57956
6c21dc6593265f730fa828c02c940e3b5c989781706abbcf53de4274a6c2a059
722d79cf82194f81e5b4eb4c27b1046c93d1b19a52cd67815fc69726fb67b61a
7e5293f0c8a0053072d3c1c81efb4b999b980c1865fda39f44514b40a2829458
910b84294fe3a586d68e87a75e92b31114f75194c11a8d7513aaba223b1d9441
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
eb9f037b8ddff6f9ef0236c133d4204a4b0488896d0f7ce56e132cb6b704f5f3
fafd47b25977c1e7aee7f8a072225e0d636cbc570d75edf2baed73ffe2c160a1

ahs.formeroo.click Open in urlscan Pro 94.23.74.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

172 kBTransfer

170 kBSize

0 Cookies

2 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

ahs.formeroo.click Open in urlscan Pro
94.23.74.93 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

172 kB
Transfer

170 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions