kso0w7laet6s0.freewebhostmost.com Open in urlscan Pro
34.129.222.6  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request q98jie7.AO86gqe.html Show response kso0w7laet6s0.freewebhostmost.com/	182 KB 53 KB	511ms 32ms	Document text/html	34.129.222.6 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.129.222.6 Melbourne, Australia, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS server4.webhostmost.com Software LiteSpeed / Resource Hash 16331f294021bb30bd69ab02a4ca34d7fd717942070f5d91e5f1932a5737e4eb Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 53103 content-security-policy block-all-mixed-content content-type text/html date Sat, 14 Sep 2024 17:22:42 GMT etag "2d902-66d82e3f-1371a023315fd5c5;br" last-modified Wed, 04 Sep 2024 09:54:07 GMT permissions-policy geolocation=*, midi=*, sync-xhr=(self "https://kso0w7laet6s0.freewebhostmost.com" "https://www.kso0w7laet6s0.freewebhostmost.com"), microphone=*, camera=*, magnetometer=*, gyroscope=*, payment=*, fullscreen=* referrer-policy no-referrer-when-downgrade server LiteSpeed strict-transport-security max-age=31536000 vary Accept-Encoding,User-Agent x-content-type-options nosniff x-dns-prefetch-control on x-download-options noopen x-frame-options SAMEORIGIN x-permitted-cross-domain-policies master-only x-xss-protection 1
GET H3	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	30 KB 6 KB	23ms 8ms	Stylesheet text/css	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: kso0w7laet6s0.freewebhostmost.com URL: https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 14 Sep 2024 17:22:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 63671 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 5631 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-7918" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2BIF%2BKoVpK9Ew4PmghoZgVNfeyH4OFeGmkmgr3WpYOUZUFIROCJRJHQPoI%2FzCqJMztMYqJK8S%2BIsSJnp9%2BsFjmaWTn04Yo%2BiGWwFe1rNbuh2slcAq2CSwaoi4LZx79FMnOa0hrHF"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8c320f872e85a965-SYD expires Thu, 04 Sep 2025 17:22:42 GMT
GET H2	200	w3.css www.w3schools.com/w3css/4/	23 KB 5 KB	29ms 2ms	Stylesheet text/css	192.229.179.87 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.w3schools.com/w3css/4/w3.css Requested by Host: kso0w7laet6s0.freewebhostmost.com URL: https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.179.87 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (nwa/E78F) / ASP.NET Resource Hash c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com; X-Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com; Request headers Referer https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com; content-encoding gzip date Sat, 14 Sep 2024 17:22:42 GMT last-modified Fri, 06 Sep 2024 10:45:10 GMT server ECS (nwa/E78F) age 710045 etag "0bf5ad8490db1:0" x-powered-by ASP.NET vary Accept-Encoding x-cache HIT content-type text/css cache-control public,max-age=31536000,public accept-ranges bytes content-length 5250 x-content-security-policy frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
GET H2	404	faviconV2_002.png kso0w7laet6s0.freewebhostmost.com/images/	796 B 796 B	17ms 16ms	Image text/html	34.129.222.6 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://kso0w7laet6s0.freewebhostmost.com/images/faviconV2_002.png Requested by Host: kso0w7laet6s0.freewebhostmost.com URL: https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.129.222.6 Melbourne, Australia, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS server4.webhostmost.com Software LiteSpeed / Resource Hash c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Sat, 14 Sep 2024 17:22:42 GMT x-content-type-options nosniff server LiteSpeed vary User-Agent content-type text/html cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 796
GET H2	404	faviconV2_002.png kso0w7laet6s0.freewebhostmost.com/PORTAL%20-%20GMAIL%20Mail_files/	796 B 796 B	17ms 16ms	Image text/html	34.129.222.6 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://kso0w7laet6s0.freewebhostmost.com/PORTAL%20-%20GMAIL%20Mail_files/faviconV2_002.png Requested by Host: kso0w7laet6s0.freewebhostmost.com URL: https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.129.222.6 Melbourne, Australia, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS server4.webhostmost.com Software LiteSpeed / Resource Hash c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Sat, 14 Sep 2024 17:22:42 GMT x-content-type-options nosniff server LiteSpeed vary User-Agent content-type text/html cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 796
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.4/	84 KB 30 KB	238ms 3ms	Script text/javascript	172.217.167.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js Requested by Host: kso0w7laet6s0.freewebhostmost.com URL: https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f10.1e100.net Software sffe / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 14 Sep 2024 17:14:43 GMT content-encoding gzip x-content-type-options nosniff age 479 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30028 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 14 Sep 2025 17:14:43 GMT
GET H2	200	q98jie7.AO86gqe.html Show response kso0w7laet6s0.freewebhostmost.com/ Frame 7D38	182 KB 52 KB	17ms 17ms	Document text/html	34.129.222.6 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html Requested by Host: kso0w7laet6s0.freewebhostmost.com URL: https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.129.222.6 Melbourne, Australia, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS server4.webhostmost.com Software LiteSpeed / Resource Hash 16331f294021bb30bd69ab02a4ca34d7fd717942070f5d91e5f1932a5737e4eb Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers Referer https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-encoding br content-length 53103 content-security-policy block-all-mixed-content content-type text/html date Sat, 14 Sep 2024 17:22:42 GMT etag "2d902-66d82e3f-1371a023315fd5c5;br" last-modified Wed, 04 Sep 2024 09:54:07 GMT permissions-policy geolocation=*, midi=*, sync-xhr=(self "https://kso0w7laet6s0.freewebhostmost.com" "https://www.kso0w7laet6s0.freewebhostmost.com"), microphone=*, camera=*, magnetometer=*, gyroscope=*, payment=*, fullscreen=* referrer-policy no-referrer-when-downgrade server LiteSpeed strict-transport-security max-age=31536000 vary Accept-Encoding,User-Agent x-content-type-options nosniff x-dns-prefetch-control on x-download-options noopen x-frame-options SAMEORIGIN x-permitted-cross-domain-policies master-only x-xss-protection 1
GET H3	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 7D38	30 KB 0	23ms 8ms	Stylesheet text/css	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: kso0w7laet6s0.freewebhostmost.com URL: https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 14 Sep 2024 17:22:42 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 63671 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 5631 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-7918" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2BIF%2BKoVpK9Ew4PmghoZgVNfeyH4OFeGmkmgr3WpYOUZUFIROCJRJHQPoI%2FzCqJMztMYqJK8S%2BIsSJnp9%2BsFjmaWTn04Yo%2BiGWwFe1rNbuh2slcAq2CSwaoi4LZx79FMnOa0hrHF"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8c320f872e85a965-SYD expires Thu, 04 Sep 2025 17:22:42 GMT
GET H2	200	w3.css www.w3schools.com/w3css/4/ Frame 7D38	23 KB 0	29ms 2ms	Stylesheet text/css	192.229.179.87 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://www.w3schools.com/w3css/4/w3.css Requested by Host: kso0w7laet6s0.freewebhostmost.com URL: https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.179.87 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (nwa/E78F) / ASP.NET Resource Hash c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com; X-Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com; Request headers Referer https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers content-security-policy frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com; content-encoding gzip date Sat, 14 Sep 2024 17:22:42 GMT last-modified Fri, 06 Sep 2024 10:45:10 GMT server ECS (nwa/E78F) age 710045 etag "0bf5ad8490db1:0" x-powered-by ASP.NET vary Accept-Encoding x-cache HIT content-type text/css cache-control public,max-age=31536000,public accept-ranges bytes content-length 5250 x-content-security-policy frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
GET H3	404	faviconV2_002.png kso0w7laet6s0.freewebhostmost.com/images/ Frame 7D38	796 B 796 B	17ms 17ms	Image text/html	34.129.222.6 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://kso0w7laet6s0.freewebhostmost.com/images/faviconV2_002.png Requested by Host: kso0w7laet6s0.freewebhostmost.com URL: https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html Protocol H3 Security QUIC, , AES_128_GCM Server 34.129.222.6 Melbourne, Australia, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS server4.webhostmost.com Software LiteSpeed / Resource Hash c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Sat, 14 Sep 2024 17:22:42 GMT x-content-type-options nosniff server LiteSpeed vary User-Agent content-type text/html cache-control private, no-cache, no-store, must-revalidate, max-age=0 alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 796
GET H3	404	faviconV2_002.png kso0w7laet6s0.freewebhostmost.com/PORTAL%20-%20GMAIL%20Mail_files/ Frame 7D38	796 B 796 B	16ms 16ms	Image text/html	34.129.222.6 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://kso0w7laet6s0.freewebhostmost.com/PORTAL%20-%20GMAIL%20Mail_files/faviconV2_002.png Requested by Host: kso0w7laet6s0.freewebhostmost.com URL: https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html Protocol H3 Security QUIC, , AES_128_GCM Server 34.129.222.6 Melbourne, Australia, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS server4.webhostmost.com Software LiteSpeed / Resource Hash c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers pragma no-cache date Sat, 14 Sep 2024 17:22:42 GMT x-content-type-options nosniff server LiteSpeed vary User-Agent content-type text/html cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 796
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.4/ Frame 7D38	84 KB 0	197ms 197ms	Script text/javascript	172.217.167.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js Requested by Host: kso0w7laet6s0.freewebhostmost.com URL: https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.74 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f10.1e100.net Software sffe / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 14 Sep 2024 17:14:43 GMT content-encoding gzip x-content-type-options nosniff age 479 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30028 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 14 Sep 2025 17:14:43 GMT
GET H2	200	q98jie7.AO86gqe.html kso0w7laet6s0.freewebhostmost.com/	182 KB 0	0ms 0ms	Other text/html	34.129.222.6 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.129.222.6 Melbourne, Australia, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS server4.webhostmost.com Software LiteSpeed / Resource Hash 16331f294021bb30bd69ab02a4ca34d7fd717942070f5d91e5f1932a5737e4eb Security Headers Name Value Content-Security-Policy block-all-mixed-content X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers Referer https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Sat, 14 Sep 2024 17:22:42 GMT content-encoding br x-content-type-options nosniff content-security-policy block-all-mixed-content x-permitted-cross-domain-policies master-only x-dns-prefetch-control on alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 53103 x-xss-protection 1 referrer-policy no-referrer-when-downgrade last-modified Wed, 04 Sep 2024 09:54:07 GMT server LiteSpeed etag "2d902-66d82e3f-1371a023315fd5c5;br" x-download-options noopen vary Accept-Encoding,User-Agent x-frame-options SAMEORIGIN content-type text/html permissions-policy geolocation=*, midi=*, sync-xhr=(self "https://kso0w7laet6s0.freewebhostmost.com" "https://www.kso0w7laet6s0.freewebhostmost.com"), microphone=*, camera=*, magnetometer=*, gyroscope=*, payment=*, fullscreen=* accept-ranges bytes

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| _0x7f6e05 function| _0x38cc1d function| _0x1e2ddf function| _0x1a884c function| _0x55bc6e function| _0x57e6 function| _0x2bcd69 function| _0x3d59 function| _0x5e1881 function| _0x5df10e function| _0x55a480 function| _0x554465 function| _0x524c08

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kso0w7laet6s0.freewebhostmost.com/images/faviconV2_002.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kso0w7laet6s0.freewebhostmost.com/PORTAL%20-%20GMAIL%20Mail_files/faviconV2_002.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kso0w7laet6s0.freewebhostmost.com/PORTAL%20-%20GMAIL%20Mail_files/faviconV2_002.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kso0w7laet6s0.freewebhostmost.com/images/faviconV2_002.png Message: Failed to load resource: the server responded with a status of 404 ()
recommendation	verbose	URL: https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html# Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://kso0w7laet6s0.freewebhostmost.com/q98jie7.AO86gqe.html# Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
kso0w7laet6s0.freewebhostmost.com
www.w3schools.com
104.17.24.14
172.217.167.74
192.229.179.87
34.129.222.6
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
16331f294021bb30bd69ab02a4ca34d7fd717942070f5d91e5f1932a5737e4eb
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5