urlscan.io logo urlscan.io
SecurityTrails logo

affectedplain.com Open in urlscan Pro
2606:4700:3036::6815:1437  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://aquanoslesbiuntrescinq.s3.us-east-2.amazonaws.com/sdfsvxclkvidfugyvdd.html
Effective URL: https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
Submission: On June 07 via manual from MX — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3036::6815:1437, located in United States and belongs to CLOUDFLARENET, US. The main domain is affectedplain.com.
TLS certificate: Issued by E1 on May 8th 2023. Valid for: 3 months.
This is the only time affectedplain.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 52.219.93.202 16509 (AMAZON-02)
1 172.82.84.172 398343 (BAXET-GROUP)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
17 2606:4700:303... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
20 4
1    52.219.93.202 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
aquanoslesbiuntrescinq.s3.us-east-2.amazonaws.com
1    172.82.84.172 (United States)

ASN398343 (BAXET-GROUP, US)
romqust.com
1    2606:4700:3037::ac43:8d4e (United States)

ASN13335 (CLOUDFLARENET, US)
foregoneblade.live
17    2606:4700:3036::6815:1437 (United States)

ASN13335 (CLOUDFLARENET, US)
affectedplain.com
1    2607:f8b0:4006:820::200a (Flushing, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
Domain Requested by
17 affectedplain.com romqust.com
affectedplain.com
1 ajax.googleapis.com affectedplain.com
1 foregoneblade.live 1 redirects
1 romqust.com aquanoslesbiuntrescinq.s3.us-east-2.amazonaws.com
1 aquanoslesbiuntrescinq.s3.us-east-2.amazonaws.com
20 5

This site contains no links.

Subject Issuer Validity Valid
*.s3.us-east-2.amazonaws.com
Amazon RSA 2048 M01		 2023-04-11 -
2024-02-28		 a year crt.sh
romqust.com
R3		 2023-04-11 -
2023-07-10		 3 months crt.sh
affectedplain.com
E1		 2023-05-08 -
2023-08-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
Frame ID: 0FF71D96C0D5913E7F335DE33408CAEB
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ace Hardware-Shopper

Page URL History Show full URLs

  1. https://aquanoslesbiuntrescinq.s3.us-east-2.amazonaws.com/sdfsvxclkvidfugyvdd.html Page URL
  2. https://romqust.com/0/0/0/533e93dba02ac2dfc83e6c64c03eceda Page URL
  3. https://foregoneblade.live/d-6v13g/index_2.php?s1=351510&s2=999404456&s3=1949&s4=2084&ow=72&p=10-c-6v13g HTTP 302
    https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

4
IPs

1
Countries

198 kB
Transfer

429 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aquanoslesbiuntrescinq.s3.us-east-2.amazonaws.com/sdfsvxclkvidfugyvdd.html Page URL
  2. https://romqust.com/0/0/0/533e93dba02ac2dfc83e6c64c03eceda Page URL
  3. https://foregoneblade.live/d-6v13g/index_2.php?s1=351510&s2=999404456&s3=1949&s4=2084&ow=72&p=10-c-6v13g HTTP 302
    https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
sdfsvxclkvidfugyvdd.html
aquanoslesbiuntrescinq.s3.us-east-2.amazonaws.com/ 		137 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aquanoslesbiuntrescinq.s3.us-east-2.amazonaws.com/sdfsvxclkvidfugyvdd.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.93.202 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
137
Content-Type
text/html
Date
Wed, 07 Jun 2023 18:38:51 GMT
ETag
"c23545246db1d53c3b4a9c3d865644b7"
Last-Modified
Tue, 06 Jun 2023 15:17:49 GMT
Server
AmazonS3
x-amz-id-2
+SRhC8w/9i4ZgXc64PXUVnBvldxukj6M1/QlejiHFq7NOANtgffvkUoczne1TxpC9TKr/FR2tdw=
x-amz-request-id
KE7J430G6YZ1G792
x-amz-server-side-encryption
AES256
533e93dba02ac2dfc83e6c64c03eceda
romqust.com/0/0/0/ 		167 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://romqust.com/0/0/0/533e93dba02ac2dfc83e6c64c03eceda
Requested by
Host: aquanoslesbiuntrescinq.s3.us-east-2.amazonaws.com
URL: https://aquanoslesbiuntrescinq.s3.us-east-2.amazonaws.com/sdfsvxclkvidfugyvdd.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.82.84.172 , United States, ASN398343 (BAXET-GROUP, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://aquanoslesbiuntrescinq.s3.us-east-2.amazonaws.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
167
content-type
text/html; charset=UTF-8
date
Wed, 07 Jun 2023 18:38:50 GMT
server
Apache
Primary Request /
affectedplain.com/d-6v13g/
Redirect Chain
  • https://foregoneblade.live/d-6v13g/index_2.php?s1=351510&s2=999404456&s3=1949&s4=2084&ow=72&p=10-c-6v13g
  • https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
41 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
Requested by
Host: romqust.com
URL: https://romqust.com/0/0/0/533e93dba02ac2dfc83e6c64c03eceda
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1437 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2fa9b237d4224b50a1c2ed2f0c729795f0dec8597aba7ac1084ba0826c42686
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://romqust.com/0/0/0/533e93dba02ac2dfc83e6c64c03eceda#undefined
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7d3b03b1aa00c440-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 07 Jun 2023 18:38:51 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdCllrbk%2BaGpJhaoD06zF%2FbtN8yKtPayXP9aJOuYSwfGSFWq5An4Wt66guoatbVhXLTkOqR3u04r5I%2F%2BRFK5K1A%2FGQk%2BNRB33P0XNb%2F9DI4zYs6EqsGe%2BQ7UdvyDM9DxDSpUW5i8%2FRv5TyaoQku7Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7d3b03b0be62424f-EWR
content-type
text/html; charset=UTF-8
date
Wed, 07 Jun 2023 18:38:51 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YWbSuLTVQqbyyEe2XdvpC7DVjOlkhenuBq4WEbUiDGe%2F%2BK4TvTXfWalIA0NvX6f0Pw2utZ1S6IimZtlYIyY0FvZRDr3vccjwaOb2f40fA3B6f9S0FHEtPXwBqUPPw%2BOHzMiAc8gfjl2DzP3v8dj1Nxo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
bootstrapp.min.css
affectedplain.com/d-6v13g/assets/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://affectedplain.com/d-6v13g/assets/css/bootstrapp.min.css
Requested by
Host: affectedplain.com
URL: https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1437 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35b735bedf07d6b66c0a9b4b82b307c9cce8b70b61b3661f2dfe87d7c1fc814c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:38:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152999
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 19 Aug 2021 12:47:54 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qN6oLDBoYfPAiU60FTeKTy1vyynp0xioaEh1GHCvhAO%2BLSWbpoQKMhAxC8l5gmlnATUHv9Aww1k5CA2m0ignwkbYJBIeAb5Cgf2Lz2CiNZb9EiJhv6%2BuBIBpK6iaKFt9iEQghlAGhGwwDSFz%2F3S17Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7d3b03b28b16c440-EWR
expires
Tue, 13 Jun 2023 00:08:52 GMT
main0010.css
affectedplain.com/d-6v13g/assets/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://affectedplain.com/d-6v13g/assets/css/main0010.css
Requested by
Host: affectedplain.com
URL: https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1437 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa36256a9e62971035994e35f7679b2efe818cf6d8cb0ca847825560f7f07f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:38:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 08 Apr 2022 13:20:43 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUsiU0Ct48nGF0re3jkevAYqKF72HnFxAiFkjt9aaKXqk%2FO%2F5f%2FOICaLeeihzSqE37tHNf0Omj8W7OPMQE0dl9sUov%2Fq3%2F11mzpYjDW8FAll%2FIKEaVrfL9ztwD4U46jxjSHoW%2F00JLFmNZ1aQz4QuA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7d3b03b28b17c440-EWR
expires
Wed, 14 Jun 2023 18:38:51 GMT
terms.css
affectedplain.com/d-6v13g/assets/css/ 		1 KB
729 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://affectedplain.com/d-6v13g/assets/css/terms.css
Requested by
Host: affectedplain.com
URL: https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1437 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30ab151bbfbf9da9daa1bcdbf284f19d567f41301015a66084a7571eaae2fa9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:38:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
407597
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 19 Aug 2021 12:47:54 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvH2hZxb37Rv8mM4hqh8xkZnK97AZAz%2FxoIJKrZ5PfiAwoLetswwPEh2Z%2FGRLjP4yyzvOGwiIPJiUyKhFTb4f8O2KJ4UKtJTMoVXImQcncwO1qSvHYxir%2BRybWRU0F%2FUeeFtGjDHZVYEDIc%2F0545DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7d3b03b28b19c440-EWR
expires
Sat, 10 Jun 2023 01:25:34 GMT
ipad.png
affectedplain.com/d-6v13g/assets/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://affectedplain.com/d-6v13g/assets/images/ipad.png
Requested by
Host: affectedplain.com
URL: https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1437 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e87b95d23998a3fcf71b26abdea393644e5fceaee4cb2c796aaee90a3bbfe61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:38:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
416218
alt-svc
h3=":443"; ma=86400
content-length
23121
x-xss-protection
1; mode=block
last-modified
Thu, 19 Aug 2021 12:47:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xft2USFD%2FnJ4jk%2B6yycxRrEMnYbhnaZoMeoCRP4pCs7A%2BetT33PxMSRVFpMWSq1zPfNWPo2%2FPoayo2mNfdO7crBfedUXh%2B4rvWg%2B%2BtCSzhWj3sIvRO4K%2FFoFc6ILfkFRUW8bHVTpa96A5157AWRASw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7d3b03b33f15c41d-EWR
expires
Fri, 09 Jun 2023 23:01:53 GMT
5.jpg
affectedplain.com/d-6v13g/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://affectedplain.com/d-6v13g/assets/images/5.jpg
Requested by
Host: affectedplain.com
URL: https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1437 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
856a3e25e403c4f577c63b78a2ee734deedeb7b77fdb25a600b2a5dded64f722
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:38:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
152999
alt-svc
h3=":443"; ma=86400
content-length
1250
x-xss-protection
1; mode=block
last-modified
Thu, 19 Aug 2021 12:47:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KrGsb1P3eV%2FkN7v6QOkOSOoGfhwhOjghcSawSVQ6NZDAzVpDQIywwoZkTVBNeXGgqnN9ykK6dk%2BCybpFkqA2kXnHau%2Fj3Tcf3gWFnCMuQOkw41dLVBhdn5NwtfpdlfnQXuLa9AL5Jy9NbClSd6zp4g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7d3b03b33f18c41d-EWR
expires
Tue, 13 Jun 2023 00:08:52 GMT
3.jpg
affectedplain.com/d-6v13g/assets/images/ 		936 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://affectedplain.com/d-6v13g/assets/images/3.jpg
Requested by
Host: affectedplain.com
URL: https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1437 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7532d53e07de8cd28c1a4d98e284df714255ec21c86d6756fe9261ec30691cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:38:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
416218
alt-svc
h3=":443"; ma=86400
content-length
936
x-xss-protection
1; mode=block
last-modified
Thu, 19 Aug 2021 12:47:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAJT73DL5NfIRzTNdlV2SaYZzZS87Vk234T1T7JcnOy9U8ZZejZU6%2Bpa1liGVRjfzhwe5w1hzpC1Yo2fGrofcwL0YhIn1JDUs18mLLQKFshLm11yyFWgTCoqgo3cAdEkf6pA8E8xeBtKpODBYjBxeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7d3b03b34f1cc41d-EWR
expires
Fri, 09 Jun 2023 23:01:53 GMT
4.jpg
affectedplain.com/d-6v13g/assets/images/ 		1005 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://affectedplain.com/d-6v13g/assets/images/4.jpg
Requested by
Host: affectedplain.com
URL: https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1437 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4475cabe931a1f71deea2db0509054d4261af226673c9450f0085b82d6d123f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:38:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
416218
alt-svc
h3=":443"; ma=86400
content-length
1005
x-xss-protection
1; mode=block
last-modified
Thu, 19 Aug 2021 12:47:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9UZG%2BmypFsQKumujMV4htqedlC3kLm9Yp0hxRATEI7eaW4Xy%2B5madhQ9fk%2FRfFfjVegfIOvc2SWmWzGwPZf2KUQ6ETLvVottOlBlh524jVYFACwUUq0BZRNJxkeMMyyLYd7W0w2REXRRtaWPNgpvg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7d3b03b34f1ec41d-EWR
expires
Fri, 09 Jun 2023 23:01:53 GMT
2.jpg
affectedplain.com/d-6v13g/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://affectedplain.com/d-6v13g/assets/images/2.jpg
Requested by
Host: affectedplain.com
URL: https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1437 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac98de861aae4984b0d4a2eaaf03525b8a230f6645598d7951ad970eb35193a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:38:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
416218
alt-svc
h3=":443"; ma=86400
content-length
1212
x-xss-protection
1; mode=block
last-modified
Thu, 19 Aug 2021 12:47:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4KBrQ44f7u5LmAG5wvQWLUbC8Y7TZt1dow5oUtlWyfp7QDldPFkD1ixnMyC%2BirNIa08w9oJ8OHQ%2BFi8xKbZ1dv1uFxk8UqI10TCaBGdtvKH6yuPtw%2F2azwBGYxD9NYeWTQS%2B5rdu7JETektCcU%2Fjg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7d3b03b34f20c41d-EWR
expires
Fri, 09 Jun 2023 23:01:53 GMT
1.jpg
affectedplain.com/d-6v13g/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://affectedplain.com/d-6v13g/assets/images/1.jpg
Requested by
Host: affectedplain.com
URL: https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1437 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
957fa9d8e22009502c40c12d830e48a28de8cfdcec5926bfb27830ef3b460611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:38:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
416218
alt-svc
h3=":443"; ma=86400
content-length
1933
x-xss-protection
1; mode=block
last-modified
Thu, 19 Aug 2021 12:47:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JraqTsmJq7YUea8MqCezpdwL3eB%2Fx09i%2Fb6kzHhcTvRR5SGg3Um%2FrcSbK6jGfKaVcx%2F0OxRnEP98W%2FOQ9h5tMOYqY1k89Ur1ucD0fugHl8zWd1XMj1YezninNEwQ0sS2SBZswmkZj34ZOG25aebgjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7d3b03b34f21c41d-EWR
expires
Fri, 09 Jun 2023 23:01:53 GMT
download.png
affectedplain.com/d-6v13g/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://affectedplain.com/d-6v13g/assets/images/download.png
Requested by
Host: affectedplain.com
URL: https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1437 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d43c47d081ccec81e0af4c139eb7ad18c06fd84cd5aafe96fbcb55bd4e29efb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:38:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
416218
alt-svc
h3=":443"; ma=86400
content-length
1300
x-xss-protection
1; mode=block
last-modified
Thu, 19 Aug 2021 12:47:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTi4G89%2FBPCUsx%2BoPVLp84zjgTBUiCQUKqtuEC9mbuEo2VybuJ5mKNrRfXClRlBT7%2FJ3ofT7cebbkX9nlgwubJZLAM9Yrnox%2BD5ApOXJVS1iNEBcUmZ86ec0lf%2FOZ9wPKOtYh20AcKN2%2FXQprJ7yCA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7d3b03b34f22c41d-EWR
expires
Fri, 09 Jun 2023 23:01:53 GMT
x.png
affectedplain.com/d-6v13g/assets/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://affectedplain.com/d-6v13g/assets/images/x.png
Requested by
Host: affectedplain.com
URL: https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1437 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:38:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
436133
alt-svc
h3=":443"; ma=86400
content-length
5389
x-xss-protection
1; mode=block
last-modified
Thu, 19 Aug 2021 12:47:54 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96ZYLqZz06agwx6oYazRDK5bbR3fmvDkP0rrBpmjefRKY%2B%2FWtLXqQ5pnXUSrfi6fMgq9RYVPU4AmRFdJZVbcZ0tze1jN5p%2FM%2BJJf81D6IQhQCJMaH53x5fp3GZEM1RIWxUm0QRs6Yp%2B9rEkd1D63bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7d3b03b34f23c41d-EWR
expires
Fri, 09 Jun 2023 17:29:58 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: affectedplain.com
URL: https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://affectedplain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 14:10:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33495
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 06 Jun 2024 14:10:17 GMT
modal.js
affectedplain.com/d-6v13g/assets/js/ 		887 B
780 B 		Script
General
Check archive.org
Download Go to
Full URL
https://affectedplain.com/d-6v13g/assets/js/modal.js
Requested by
Host: affectedplain.com
URL: https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1437 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c94b3e9800d457f6d9f64d3a25c360a749c49e855c3a1f74aed1d77e86948c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:38:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
53942
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 19 Aug 2021 12:47:54 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRNHmfFs331uLoMKIncRy3%2FjdJnnKsGMED3P0TUs4B8jOyiMjd3OBt6h%2BS%2BHQpPKwPacH21Ultad2TUHiDB4RW6cTgWDrE7VrBK5PFDmsJIdEOxUJVtn%2ByyHYZrHGUIshdcD%2Bbdmca%2ByuRSi%2Fb0vYw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7d3b03b2feb8c41d-EWR
expires
Wed, 14 Jun 2023 03:39:49 GMT
bootstrap.min.js
affectedplain.com/d-6v13g/assets/bootstrap/dist/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://affectedplain.com/d-6v13g/assets/bootstrap/dist/js/bootstrap.min.js
Requested by
Host: affectedplain.com
URL: https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1437 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6ee36ce8e2826b76fd7632195831e3710b8c3bd2002af22dbb3f0b85b64f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:38:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
416218
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 19 Aug 2021 12:47:54 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMxays%2FjRwxxOamf3d5FRn7mysQUOxw3fSj3oVurhCpQu2JDDOrJzLXTsF%2B4YLR2DHW7KlbFhOvY8GNhK1zvQaaGoHA9yU%2Bg7kFd%2BiWk%2Ba8A7HGPep7FPjvjcg0dNLTMRLaQdJG7bw9r9VZ4Z%2F%2F9AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7d3b03b31ed8c41d-EWR
expires
Fri, 09 Jun 2023 23:01:53 GMT
scripts-w23478e-ed5.js
affectedplain.com/d-6v13g/assets/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://affectedplain.com/d-6v13g/assets/js/scripts-w23478e-ed5.js?v=2&cc=us
Requested by
Host: affectedplain.com
URL: https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1437 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94a101733b064ea75abcc50f0c0f5b8be69890186b9f96a3e9cb956a2d6845a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:38:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
416218
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 29 Nov 2021 14:44:40 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJ3gROUHmilG887MsCIbbSpCLASjO3Rujsd%2BC%2FPAdIUpLfk%2F72ChvTr1cMidt5Cd5QQS5m5zCf0ruMHUj5wM4R6b9UPfagVQNKoxzEWPedZAomwo6GNWP56TaKIDapLv%2FXLN5AIyV5%2BuBWt0OffrBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7d3b03b32efec41d-EWR
expires
Fri, 09 Jun 2023 23:01:53 GMT
css.css
affectedplain.com/d-6v13g/assets/css/ 		4 KB
943 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://affectedplain.com/d-6v13g/assets/css/css.css
Requested by
Host: affectedplain.com
URL: https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1437 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeeb96b92d5aeda83b7b00508324d18dedf839671918eed90f9ff83d85c196d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://affectedplain.com/d-6v13g/?04e774fb7d89eb016629391588f2f8d5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:38:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
416218
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 19 Aug 2021 12:47:54 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZDZGNxqgpqBnMgDPNa6jpjBQVUwXXTBBNLiwnXldXWBzu8yzY8%2BRFdb%2FupxKDsK1hU9i3if509NEOJQPnzSnTRtJOqifc4mhPIG1%2BE2SAsqiRYjuroUpOW2bsl%2F%2F1d3KJb0hwiJHrCcn%2F5shFtBew%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
7d3b03b34f24c41d-EWR
expires
Fri, 09 Jun 2023 23:01:53 GMT
bg-ace.jpg
affectedplain.com/d-6v13g/assets/images/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://affectedplain.com/d-6v13g/assets/images/bg-ace.jpg
Requested by
Host: affectedplain.com
URL: https://affectedplain.com/d-6v13g/assets/css/main0010.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1437 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05bd6e53460437d7c0d887dac8c8a6dcdc1c7d0066d7c5ce551c1dbf760577d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://affectedplain.com/d-6v13g/assets/css/main0010.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:38:51 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
249083
alt-svc
h3=":443"; ma=86400
content-length
80745
x-xss-protection
1; mode=block
last-modified
Fri, 08 Apr 2022 13:20:15 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=brEk8IUIqN4KStxXc%2BX43B8OFRtbvP%2BnSjA7qQKgMkUMrTouTFRvQMYqD9OcwV7iVwDlM8JB%2BB5vL4wQS7DXD1jcy1M4g2GNbdBGRxMTMuz4LxRrZKNAlFC3tkw%2FTczKUVVz04yz%2BMPKUKqOMZ0vXw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7d3b03b34f2ec41d-EWR
expires
Sun, 11 Jun 2023 21:27:28 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| socle function| $ function| jQuery object| jQuery111204002038294355956 function| findGetParameter function| buildOfferHtml function| getRandomInt function| processQuestion number| offer_tick undefined| zz object| wall_json object| $questionsForm object| $activeQuestion object| $nextQuestion

3 Cookies

Domain/Path Name / Value
romqust.com/ Name: uid1949
Value: 999404456-20230607143850-51cd74691425c8c2de45052cead6d772-2687
foregoneblade.live/ Name: PHPSESSID
Value: c18c42fdf55b077f635ae4efd9231ad0
affectedplain.com/ Name: PHPSESSID
Value: 4a578bb28d95ae229bb5a03508346412

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affectedplain.com
ajax.googleapis.com
aquanoslesbiuntrescinq.s3.us-east-2.amazonaws.com
foregoneblade.live
romqust.com
172.82.84.172
2606:4700:3036::6815:1437
2606:4700:3037::ac43:8d4e
2607:f8b0:4006:820::200a
52.219.93.202
05bd6e53460437d7c0d887dac8c8a6dcdc1c7d0066d7c5ce551c1dbf760577d1
1a6ee36ce8e2826b76fd7632195831e3710b8c3bd2002af22dbb3f0b85b64f16
2ac98de861aae4984b0d4a2eaaf03525b8a230f6645598d7951ad970eb35193a
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
30ab151bbfbf9da9daa1bcdbf284f19d567f41301015a66084a7571eaae2fa9a
35b735bedf07d6b66c0a9b4b82b307c9cce8b70b61b3661f2dfe87d7c1fc814c
7c94b3e9800d457f6d9f64d3a25c360a749c49e855c3a1f74aed1d77e86948c0
7e87b95d23998a3fcf71b26abdea393644e5fceaee4cb2c796aaee90a3bbfe61
856a3e25e403c4f577c63b78a2ee734deedeb7b77fdb25a600b2a5dded64f722
94a101733b064ea75abcc50f0c0f5b8be69890186b9f96a3e9cb956a2d6845a2
957fa9d8e22009502c40c12d830e48a28de8cfdcec5926bfb27830ef3b460611
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
d43c47d081ccec81e0af4c139eb7ad18c06fd84cd5aafe96fbcb55bd4e29efb5
d7532d53e07de8cd28c1a4d98e284df714255ec21c86d6756fe9261ec30691cf
e2fa9b237d4224b50a1c2ed2f0c729795f0dec8597aba7ac1084ba0826c42686
e4475cabe931a1f71deea2db0509054d4261af226673c9450f0085b82d6d123f
eeeb96b92d5aeda83b7b00508324d18dedf839671918eed90f9ff83d85c196d4
fa36256a9e62971035994e35f7679b2efe818cf6d8cb0ca847825560f7f07f7e