main.d3lqtddfsbdi2v.amplifyapp.com Open in urlscan Pro
13.227.219.51 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://main.d3lqtddfsbdi2v.amplifyapp.com/?gclid=EAIaIQobChMIp8H915jBggMV9szCBB1dXwdeEAMYASAAEgKHYvD_BwE
Effective URL:
https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html
Submission: On December 04 via api (December 4th 2023, 8:09:18 pm UTC) from US — Scanned from DE

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 30 HTTP transactions. The main IP is 13.227.219.51, located in United States and belongs to AMAZON-02, US. The main domain is main.d3lqtddfsbdi2v.amplifyapp.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 4th 2023. Valid for: a year.

This is the only time main.d3lqtddfsbdi2v.amplifyapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
23	13.227.219.51 13.227.219.51	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	195.201.57.90 195.201.57.90	24940 (HETZNER-AS) (HETZNER-AS)
3	20.122.63.128 20.122.63.128	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
30	6

23 13.227.219.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-51.ams54.r.cloudfront.net

main.d3lqtddfsbdi2v.amplifyapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.57.90 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.90.57.201.195.clients.your-server.de

ipwho.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

p.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	amplifyapp.com main.d3lqtddfsbdi2v.amplifyapp.com	798 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 796 p.clarity.ms — Cisco Umbrella Rank: 7833 c.clarity.ms — Cisco Umbrella Rank: 1377	28 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 228	759 B
1	ipwho.is ipwho.is — Cisco Umbrella Rank: 63095	1013 B
30	4

	Domain	Requested by
23	main.d3lqtddfsbdi2v.amplifyapp.com	main.d3lqtddfsbdi2v.amplifyapp.com
3	p.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	www.clarity.ms	main.d3lqtddfsbdi2v.amplifyapp.com www.clarity.ms
1	c.bing.com	1 redirects
1	ipwho.is	main.d3lqtddfsbdi2v.amplifyapp.com
30	6

This site contains no links.

Subject Issuer	Validity	Valid
*.d3lqtddfsbdi2v.amplifyapp.com Amazon RSA 2048 M03	`2023-12-04` - `2025-01-01`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
ipwho.is GoGetSSL ECC DV CA	`2023-04-05` - `2024-04-05`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html
Frame ID: 8FB4B2E46DBBFAFE5239BA0B62E06C66
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Device Err00r Code #B9PwNn100d7

Page URL History Show full URLs

https://main.d3lqtddfsbdi2v.amplifyapp.com/?gclid=EAIaIQobChMIp8H915jBggMV9szCBB1dXwdeEAMYASAAEgKHYvD_BwE Page URL
https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

97 %
HTTPS

33 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

826 kB
Transfer

938 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://main.d3lqtddfsbdi2v.amplifyapp.com/?gclid=EAIaIQobChMIp8H915jBggMV9szCBB1dXwdeEAMYASAAEgKHYvD_BwE Page URL
https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4D9819BC1E984D9FA1893569F26AFFDB&RedC=c.clarity.ms&MXFR=0E329BCAE013632403208817E4136D64 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4D9819BC1E984D9FA1893569F26AFFDB&MUID=2F35033600516A9126CC10EB01516B4C

30 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ main.d3lqtddfsbdi2v.amplifyapp.com/	3 KB 1 KB	603ms 549ms	Document text/html	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/?gclid=EAIaIQobChMIp8H915jBggMV9szCBB1dXwdeEAMYASAAEgKHYvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control public, max-age=0, s-maxage=2 content-encoding gzip content-type text/html date Mon, 04 Dec 2023 20:09:12 GMT etag W/"4a699a194f6357e6efc07659eeb4facd" last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 vary Accept-Encoding via 1.1 df4167ab0949b4d2c15466bdfdc05f94.cloudfront.net (CloudFront) x-amz-cf-id Xz7Mm5XL7QxDojYV6V-bPbVK_SvU9QDXdtlEBdUCnUWrLkN7CaL5qQ== x-amz-cf-pop AMS54-C1 x-cache Miss from cloudfront
GET H2	200	Primary Request index.html Show response main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/	24 KB 7 KB	546ms 546ms	Document text/html	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/?gclid=EAIaIQobChMIp8H915jBggMV9szCBB1dXwdeEAMYASAAEgKHYvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `728e2716362f3c3581d3fe1fe6bbb7c4dbe0beba60451678b5792d2ade11c8bf` Request headers Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/?gclid=EAIaIQobChMIp8H915jBggMV9szCBB1dXwdeEAMYASAAEgKHYvD_BwE Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control public, max-age=0, s-maxage=2 content-encoding gzip content-type text/html date Mon, 04 Dec 2023 20:09:13 GMT etag W/"768d4d06d052e45e599c35920e221681" last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 vary Accept-Encoding via 1.1 df4167ab0949b4d2c15466bdfdc05f94.cloudfront.net (CloudFront) x-amz-cf-id w2bOJ1u4NTeyqB-pyG6Viv2Gd3QpKDmnMmLzkky96Wx7oW_WaC2vOA== x-amz-cf-pop AMS54-C1 x-cache Miss from cloudfront
GET H3	200	tapa.css main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/	18 KB 4 KB	563ms 562ms	Stylesheet text/css	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/tapa.css Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `22b2c21cd86ff8e53b784c5e40608872a0666f3682d1331829eb8a643f50b3e4` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:13 GMT content-encoding gzip via 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag W/"61b8b80c330b89cc536fa4fc8afb3eb5" vary Accept-Encoding x-cache Miss from cloudfront content-type text/css cache-control public, max-age=0, s-maxage=2 alt-svc h3=":443"; ma=86400 x-amz-cf-id ua_1Lnr-eCet5KShuMDic6mo52cfY15W78eed0HhEAL5CSZI8PB_Iw==
GET H3	200	jquery-1.4.4.min.js Show response main.d3lqtddfsbdi2v.amplifyapp.com/	77 KB 27 KB	574ms 573ms	Script application/javascript	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/jquery-1.4.4.min.js Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:13 GMT content-encoding gzip via 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag W/"73a9c334c5ca71d70d092b42064f6476" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript cache-control public, max-age=0, s-maxage=2 alt-svc h3=":443"; ma=86400 x-amz-cf-id whGQWA60-Y7flViUiF8uM6USDXBIEoT9y6JI0NFVCYLQL7lpW5VMdg==
GET H3	200	bg.png main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/	452 KB 452 KB	678ms 677ms	Image image/png	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/bg.png Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `4eaf7b7f53ea1a27a22bae168f560d9dc78dc2e2185162be9ee4db59e1e1065a` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:13 GMT via 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag "ab996ed3b126f2b5f0c1f214b96afe7a" x-cache Miss from cloudfront content-type image/png cache-control public, max-age=0, s-maxage=2 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 462770 x-amz-cf-id MCtfcg_U5WgqOmeDnKDTwOXCh1MCxJG_nMmRuX9t9o52Nta6uA_qjA==
GET H3	200	mnc.png main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/	187 B 482 B	551ms 551ms	Image image/png	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/mnc.png Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:13 GMT via 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag "271021cfa45940978184be0489841fd3" x-cache Miss from cloudfront content-type image/png cache-control public, max-age=0, s-maxage=2 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 187 x-amz-cf-id F19LJ3C2WpXZdeSw0qzPEZcAmnyHzLgH2Fj1l0lZxGDLMT2NgCMeYw==
GET H3	200	msmm.png main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/	168 B 462 B	560ms 559ms	Image image/png	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/msmm.png Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:13 GMT via 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag "acb05ebcd5f488fc99169cff02b6dd04" x-cache Miss from cloudfront content-type image/png cache-control public, max-age=0, s-maxage=2 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 168 x-amz-cf-id qycSNG7ePd0N_e_3Fq8w0u-u1K8tBtuhJJaFddz0mV9A_1s9cqELDw==
GET H3	200	set.png main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/	364 B 658 B	551ms 550ms	Image image/png	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/set.png Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:13 GMT via 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag "e144c3378090087c8ce129a30cb6cb4e" x-cache Miss from cloudfront content-type image/png cache-control public, max-age=0, s-maxage=2 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 364 x-amz-cf-id uwJBU8321qlJTwllPWuSB-kdhRpyxm16PMkV6o-SqctdMogR4GXf8g==
GET H3	200	vsc.png main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/	722 B 1016 B	570ms 569ms	Image image/png	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/vsc.png Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:13 GMT via 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag "42d8f2cc1ae5759c2369f255f36ebc03" x-cache Miss from cloudfront content-type image/png cache-control public, max-age=0, s-maxage=2 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 722 x-amz-cf-id KywckWnLD_hdVK6YwSGF-MAPNIm_yHKT9Ylbbv3yp1N7IIOyi9dM8w==
GET H3	200	bx1.png main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/	97 KB 97 KB	548ms 548ms	Image image/png	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/bx1.png Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `93ab9ddc223156f5f4ba7ff8fc14a885e9b5946fc10917571022d7c2d9a08886` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:13 GMT via 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag "6b11ad15da74888bea9095007a9f7dd6" x-cache Miss from cloudfront content-type image/png cache-control public, max-age=0, s-maxage=2 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 99389 x-amz-cf-id lVsPq9mMabJWJZRq-uNqMhfaG3lYnXN8RojEmCYss5ZZYfPPrlrKQQ==
GET H3	200	bel.png main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/	276 B 572 B	549ms 549ms	Image image/png	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/bel.png Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `4c1606563842cce5f1788329d4417ae3618b33c6365c56a7122439b6ab45c977` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:13 GMT via 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag "7616d96c388301e391653647e1f5f057" x-cache Miss from cloudfront content-type image/png cache-control public, max-age=0, s-maxage=2 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 276 x-amz-cf-id -GZI25fkpmbHSKjPeLY4xl_R0v2FvuDfD3QBoCtY_jZlBRxHanzk8w==
GET H3	200	pcm.png main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/	1 KB 2 KB	567ms 566ms	Image image/png	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/pcm.png Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `afe332157f4efe355f3181284e99f4331c4d19703ed1678b5316d2933f95e98e` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:13 GMT via 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag "05cdf1a2c2fc8f07bea0a8f4f9356637" x-cache Miss from cloudfront content-type image/png cache-control public, max-age=0, s-maxage=2 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 1270 x-amz-cf-id 8qKaXuBBnn6Z-wI3l4H0-BY9kSaaJsvqOEM2r14ER8tr4w-S-3NBXg==
GET H3	200	dm.png main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/	332 B 626 B	560ms 559ms	Image image/png	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/dm.png Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `7df9f467d23ee1887edb2123cca10a1a9c4624cdcf7199c64e78a8430031f9f5` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:13 GMT via 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag "9d8a90a63d20f05d27e5d6abb35e0cd0" x-cache Miss from cloudfront content-type image/png cache-control public, max-age=0, s-maxage=2 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 332 x-amz-cf-id MHfMM5KGp2LImMcRW3NlD5E0Un6suyrLY212s0kRgBpGpkngKdRjBA==
GET H3	200	cs.png main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/	3 KB 3 KB	551ms 550ms	Image image/png	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/cs.png Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `b67a7c07a045d7cb0f2e216a557aec0d99405e17c36d1a6b1ff3e2733aa35348` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:13 GMT via 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag "b01a30d354bfcf51edf33e0b0ea07402" x-cache Miss from cloudfront content-type image/png cache-control public, max-age=0, s-maxage=2 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 2681 x-amz-cf-id C1YnAZB6V8v4Hl9h04blOCy-t3ujTaMbFhJ4-M4N8GWdHGlHTqSPHQ==
GET H3	200	nvidia.js Show response main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/	2 KB 1 KB	553ms 552ms	Script application/javascript	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/nvidia.js Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `73310aa233204005c5d97ccd8b6c8c06dda83205f1de6571aa798400fb5bedeb` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:13 GMT content-encoding gzip via 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag W/"6ebcbed0dc957cd9298e2629e35a0139" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript cache-control public, max-age=0, s-maxage=2 alt-svc h3=":443"; ma=86400 x-amz-cf-id bkGEMyIavw1txTEguCj9DTRrCO3VxvILDyEYZRviyaVdvFH998soIA==
GET H3	200	jupiter.js Show response main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/	503 B 799 B	552ms 551ms	Script application/javascript	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/jupiter.js Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:13 GMT via 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag "cd6c33fbc221d0271c910af910e6ebed" x-cache Miss from cloudfront content-type application/javascript cache-control public, max-age=0, s-maxage=2 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 503 x-amz-cf-id WpkTHMymEq4yYuT3pSnn4xvW5BklEmFkmkXuU3BA5FSk9DBqfqqVaQ==
GET H2	200	i92631h1ap Show response www.clarity.ms/tag/	668 B 1 KB	159ms 119ms	Script application/x-javascript	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/i92631h1ap Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `dfd4911ee44bb9bef48dbcdd8eb22375e57e314d8626120c4bdd65d4ff60d69b` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers expires -1 date Mon, 04 Dec 2023 20:09:14 GMT x-azure-ref 20231204T200914Z-cx8az7vgnx3wr4h354phbr4ddn00000004v000000000tyx4 x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store accept-ranges bytes content-length 668 request-context appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
GET H/1.1	200 OK	/ Show response ipwho.is/	741 B 1013 B	53ms 12ms	XHR application/json	195.201.57.90 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://ipwho.is/?lang=en Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 195.201.57.90 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.90.57.201.195.clients.your-server.de Software ipwhois / Resource Hash `2eafb93159b1df103bfca1f223350fdbec07e0be6a69798e7cb3ca93192985d3` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Mon, 04 Dec 2023 20:09:14 GMT Server ipwhois Transfer-Encoding chunked Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive X-Robots-Tag noindex Access-Control-Allow-Headers *
GET DATA	200 OK	truncated /	349 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type image/png
GET H3	200	mnc.png main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/	187 B 481 B	24ms 24ms	Image image/png	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/mnc.png Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:13 GMT via 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag "271021cfa45940978184be0489841fd3" x-cache Hit from cloudfront content-type image/png cache-control public, max-age=0, s-maxage=2 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 187 x-amz-cf-id EGgC1txpEHnTDrywvfQlyUPNdrf7pRxbG8F-6IZwEtODJA8nvvAu8A==
GET H3	200	msmm.png main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/	168 B 462 B	25ms 24ms	Image image/png	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/msmm.png Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:13 GMT via 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag "acb05ebcd5f488fc99169cff02b6dd04" x-cache Hit from cloudfront content-type image/png cache-control public, max-age=0, s-maxage=2 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 168 x-amz-cf-id -ZIMjDh249KWLzjaLikj1VuqiSRB-mViZd5hsOUBBodEMABvtrsO3A==
GET H3	200	set.png main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/	364 B 658 B	26ms 26ms	Image image/png	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/set.png Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:13 GMT via 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag "e144c3378090087c8ce129a30cb6cb4e" x-cache Hit from cloudfront content-type image/png cache-control public, max-age=0, s-maxage=2 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 364 x-amz-cf-id _ED3kyfhw5yF9DPpKMREc98sgH8LvVJQ_cBsztE-V8SHv0J60HJyCQ==
GET H3	200	vsc.png main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/	722 B 1016 B	41ms 41ms	Image image/png	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/vsc.png Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:13 GMT via 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 age 1 x-amz-cf-pop AMS54-C1 etag "42d8f2cc1ae5759c2369f255f36ebc03" x-cache Hit from cloudfront content-type image/png cache-control public, max-age=0, s-maxage=2 accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 722 x-amz-cf-id Nnns121EXYMjizXWmTofKGAGfdepD13ntdt5UqwQEdTOtXEapwqoMg==
GET H3	206	_Fm7-alert.mp3 main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/	196 KB 196 KB	544ms 544ms	Media audio/mpeg	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/_Fm7-alert.mp3 Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash `fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65` Request headers Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Accept-Encoding identity;q=1, ;q=0 accept-language* de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Range bytes=0- Response headers date Mon, 04 Dec 2023 20:09:14 GMT via 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag "0116152611dd51432e852781f8cc7e82" x-cache Miss from cloudfront content-type audio/mpeg Content-Range bytes 0-200831/200832 cache-control public, max-age=0, s-maxage=2 accept-ranges bytes alt-svc h3=":443"; ma=86400 x-amz-cf-id M0eo0Joe8kdr4tQtWCxXO8aYZjUeGHBzoRjwAcEVrzgx7_yrbPfBvA== Content-Length 200832
GET H3	404	ai2.mp3 main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/	0 0	554ms 553ms	Media text/html	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/ai2.mp3 Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Accept-Encoding identity;q=1, ;q=0 accept-language* de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Range bytes=0- Response headers date Mon, 04 Dec 2023 20:09:14 GMT via 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag "4a699a194f6357e6efc07659eeb4facd" vary Accept-Encoding x-cache Error from cloudfront content-type text/html accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 2748 x-amz-cf-id bcqMT34WABs4FGU6PK5vcycpfzGn-OdySvBhbwBDgN74NUjzV6H0CQ==
GET H3	404	webs.mp4 main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/	0 0	552ms 552ms	Media text/html	13.227.219.51 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/webs.mp4 Requested by Host: main.d3lqtddfsbdi2v.amplifyapp.com URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 13.227.219.51 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-51.ams54.r.cloudfront.net Software AmazonS3 / Resource Hash Request headers Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/index.html Accept-Encoding identity;q=1, ;q=0 accept-language* de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Range bytes=0- Response headers date Mon, 04 Dec 2023 20:09:14 GMT via 1.1 b911c551065b8f78ad33b4c4564141be.cloudfront.net (CloudFront) last-modified Mon, 04 Dec 2023 20:01:49 GMT server AmazonS3 x-amz-cf-pop AMS54-C1 etag "4a699a194f6357e6efc07659eeb4facd" vary Accept-Encoding x-cache Error from cloudfront content-type text/html accept-ranges bytes alt-svc h3=":443"; ma=86400 content-length 2748 x-amz-cf-id dltbyvDeW-Rfl6wcFxsT4QHBTzps6iUgkyuVpKFERAU7VN8FhSEcuA==
GET H2	200	clarity.js Show response www.clarity.ms/s/0.7.20/	60 KB 25 KB	30ms 30ms	Script application/javascript	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/s/0.7.20/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/i92631h1ap Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash `cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 04 Dec 2023 20:09:14 GMT content-encoding br last-modified Thu, 30 Nov 2023 12:37:50 GMT etag W/"0x8DBF1A12A7EABEF" vary Accept-Encoding x-azure-ref 20231204T200914Z-cx8az7vgnx3wr4h354phbr4ddn00000004v000000000tyxh content-type application/javascript;charset=utf-8 access-control-allow-origin * x-ms-request-id 68748bd9-901e-0036-6d53-24a3ab000000 cache-control public, max-age=86400 x-cache TCP_HIT x-ms-version 2018-03-28
POST H/1.1	204 No Content	collect Show response p.clarity.ms/	0 314 B	330ms 106ms	XHR text/plain	20.122.63.128 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://p.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.20/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/x-clarity-gzip Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Access-Control-Allow-Origin https://main.d3lqtddfsbdi2v.amplifyapp.com Date Mon, 04 Dec 2023 20:09:14 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4D9819BC1E984D9FA1893569F26AFFDB&RedC=c.clarity.ms&MXFR=0E329BCAE013632403208817E4136D64 https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4D9819BC1E984D9FA1893569F26AFFDB&MUID=2F35033600516A9126CC10EB01516B4C	42 B 441 B	26ms 25ms	Image image/gif	68.219.88.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4D9819BC1E984D9FA1893569F26AFFDB&MUID=2F35033600516A9126CC10EB01516B4C Protocol H2 Server 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12` Request headers accept-language de-DE,de;q=0.9 Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Mon, 04 Dec 2023 20:09:14 GMT last-modified Wed, 30 Aug 2023 19:01:41 GMT server Microsoft-IIS/10.0 etag "8d59566974dbd91:0" x-powered-by ASP.NET content-type image/gif p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-length 42 Redirect headers pragma no-cache date Mon, 04 Dec 2023 20:09:14 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: AAF23A75AF23492F98AF9C3B1CC8B23F Ref B: FRAEDGE1812 Ref C: 2023-12-04T20:09:15Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4D9819BC1E984D9FA1893569F26AFFDB&MUID=2F35033600516A9126CC10EB01516B4C cache-control private, no-cache, proxy-revalidate, no-store content-length 0
POST H/1.1	204 No Content	collect Show response p.clarity.ms/	0 314 B	106ms 105ms	XHR text/plain	20.122.63.128 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://p.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.20/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/x-clarity-gzip Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Access-Control-Allow-Origin https://main.d3lqtddfsbdi2v.amplifyapp.com Date Mon, 04 Dec 2023 20:09:15 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
POST H/1.1	204 No Content	collect Show response p.clarity.ms/	0 314 B	96ms 95ms	XHR text/plain	20.122.63.128 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://p.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.20/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept application/x-clarity-gzip Referer https://main.d3lqtddfsbdi2v.amplifyapp.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Access-Control-Allow-Origin https://main.d3lqtddfsbdi2v.amplifyapp.com Date Mon, 04 Dec 2023 20:09:18 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-21 01:27:36	Name: CLID Value: b3419fe5653240598b69e762e13213bd.20231204.20241203
.amplifyapp.com/	1970-01-21 01:27:36	Name: _clck Value: kmxadd%7C2%7Cfh9%7C0%7C1433
.amplifyapp.com/	1970-01-20 16:43:26	Name: _clsk Value: n1vwsf%7C1701720554609%7C1%7C1%7Cp.clarity.ms%2Fcollect
.bing.com/	1970-01-21 02:03:36	Name: MUID Value: 2F35033600516A9126CC10EB01516B4C
.c.bing.com/	1970-01-20 16:52:05	Name: MR Value: 0
.c.bing.com/	1970-01-21 02:03:36	Name: SRM_B Value: 2F35033600516A9126CC10EB01516B4C
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:03:36	Name: MUID Value: 2F35033600516A9126CC10EB01516B4C
.c.clarity.ms/	1970-01-20 16:52:05	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:42:01	Name: ANONCHK Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/webs.mp4 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://main.d3lqtddfsbdi2v.amplifyapp.com/Win08Ay0Er08d8d77/ai2.mp3 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
ipwho.is
main.d3lqtddfsbdi2v.amplifyapp.com
p.clarity.ms
www.clarity.ms
13.227.219.51
195.201.57.90
20.122.63.128
2620:1ec:bdf::45
2620:1ec:c11::200
68.219.88.97
1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115
22b2c21cd86ff8e53b784c5e40608872a0666f3682d1331829eb8a643f50b3e4
2eafb93159b1df103bfca1f223350fdbec07e0be6a69798e7cb3ca93192985d3
318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479
31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
4c1606563842cce5f1788329d4417ae3618b33c6365c56a7122439b6ab45c977
4eaf7b7f53ea1a27a22bae168f560d9dc78dc2e2185162be9ee4db59e1e1065a
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
728e2716362f3c3581d3fe1fe6bbb7c4dbe0beba60451678b5792d2ade11c8bf
73310aa233204005c5d97ccd8b6c8c06dda83205f1de6571aa798400fb5bedeb
7df9f467d23ee1887edb2123cca10a1a9c4624cdcf7199c64e78a8430031f9f5
93ab9ddc223156f5f4ba7ff8fc14a885e9b5946fc10917571022d7c2d9a08886
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
afe332157f4efe355f3181284e99f4331c4d19703ed1678b5316d2933f95e98e
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
b67a7c07a045d7cb0f2e216a557aec0d99405e17c36d1a6b1ff3e2733aa35348
c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
dfd4911ee44bb9bef48dbcdd8eb22375e57e314d8626120c4bdd65d4ff60d69b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65

main.d3lqtddfsbdi2v.amplifyapp.com Open in urlscan Pro 13.227.219.51 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

97 %HTTPS

33 %IPv6

4 Domains

6 Subdomains

6 IPs

3 Countries

826 kBTransfer

938 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

main.d3lqtddfsbdi2v.amplifyapp.com Open in urlscan Pro
13.227.219.51 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

97 %
HTTPS

33 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

826 kB
Transfer

938 kB
Size

10
Cookies

30 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!