urlscan.io logo urlscan.io
SecurityTrails logo

pub-9aac200f71ed4107987645733706a799.r2.dev Open in urlscan Pro
104.18.3.35  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Submission: On June 21 via manual from HU — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 21 HTTP transactions. The main IP is 104.18.3.35, located in and belongs to CLOUDFLARENET, US. The main domain is pub-9aac200f71ed4107987645733706a799.r2.dev.
TLS certificate: Issued by E1 on June 3rd 2024. Valid for: 3 months.
This is the only time pub-9aac200f71ed4107987645733706a799.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Dropbox (Consumer) Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 6 104.18.3.35 13335 (CLOUDFLAR...)
2 104.18.10.207 13335 (CLOUDFLAR...)
1 151.101.130.137 54113 (FASTLY)
4 78.46.22.25 24940 (HETZNER-AS)
1 185.15.59.240 14907 (WIKIMEDIA)
1 104.17.25.14 13335 (CLOUDFLAR...)
5 172.67.142.245 13335 (CLOUDFLAR...)
1 2.19.251.24 20940 (AKAMAI-ASN1)
21 9
6    104.18.3.35 (None, )

ASN13335 (CLOUDFLARENET, US)
pub-9aac200f71ed4107987645733706a799.r2.dev
2    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    151.101.130.137 (San Francisco, United States)

ASN54113 (FASTLY, US)
code.jquery.com
4    78.46.22.25 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.25.22.46.78.clients.your-server.de
www.freepnglogos.com
1    185.15.59.240 (United States)

ASN14907 (WIKIMEDIA, US)
PTR: upload-lb.esams.wikimedia.org
upload.wikimedia.org
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    172.67.142.245 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2.19.251.24 (Cape Town, South Africa)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-251-24.deploy.static.akamaitechnologies.com
sm.pcmag.com
Apex Domain
Subdomains		 Transfer
6 r2.dev
pub-9aac200f71ed4107987645733706a799.r2.dev
81 KB
5 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1381
fontawesome.com Failed
86 KB
4 freepnglogos.com
www.freepnglogos.com — Cisco Umbrella Rank: 248053
1 MB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1286
38 KB
1 pcmag.com
sm.pcmag.com — Cisco Umbrella Rank: 407607
26 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
7 KB
1 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 3915
23 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 816
31 KB
21 8
Domain Requested by
6 pub-9aac200f71ed4107987645733706a799.r2.dev 1 redirects pub-9aac200f71ed4107987645733706a799.r2.dev
5 use.fontawesome.com pub-9aac200f71ed4107987645733706a799.r2.dev
use.fontawesome.com
4 www.freepnglogos.com pub-9aac200f71ed4107987645733706a799.r2.dev
2 maxcdn.bootstrapcdn.com pub-9aac200f71ed4107987645733706a799.r2.dev
1 sm.pcmag.com pub-9aac200f71ed4107987645733706a799.r2.dev
1 cdnjs.cloudflare.com pub-9aac200f71ed4107987645733706a799.r2.dev
1 upload.wikimedia.org pub-9aac200f71ed4107987645733706a799.r2.dev
1 code.jquery.com pub-9aac200f71ed4107987645733706a799.r2.dev
0 fontawesome.com Failed pub-9aac200f71ed4107987645733706a799.r2.dev
21 9

This site contains no links.

Subject Issuer Validity Valid
*.r2.dev
E1		 2024-06-03 -
2024-09-01		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-05-25 -
2024-08-23		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
freepnglogos.com
R3		 2024-05-12 -
2024-08-10		 3 months crt.sh
*.wikipedia.org
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-10-18 -
2024-10-16		 a year crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
www.ziffdavis.com
COMODO RSA Organization Validation Secure Server CA		 2023-07-27 -
2024-07-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Frame ID: 494D1F7A24CF5F4535CB202B98D788AC
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dropbox - Get your files anytime anywhere

Page URL History Show full URLs

  1. https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html Page URL
  2. https://pub-9aac200f71ed4107987645733706a799.r2.dev/cdn-cgi/phish-bypass?atok=i.7t4scJPKRog3rNuPSP7eWKA0XYJ0d3Rd7.GxsjwWU-171899... HTTP 301
    https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

95 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

9
IPs

4
Countries

1532 kB
Transfer

1779 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html Page URL
  2. https://pub-9aac200f71ed4107987645733706a799.r2.dev/cdn-cgi/phish-bypass?atok=i.7t4scJPKRog3rNuPSP7eWKA0XYJ0d3Rd7.GxsjwWU-1718999470-0.0.1.1-%2F30.html HTTP 301
    https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://cdn.fontawesome.com/js/stats.js HTTP 301
  • https://fontawesome.com/

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
30.html
pub-9aac200f71ed4107987645733706a799.r2.dev/ 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b48c49e9a2e3492032f9f599c459e495dbedd053e6bd9eeb3bdf1140037bdff0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
se-SE,se;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

CF-RAY
8976881ffa9782dc-ARN
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 21 Jun 2024 19:51:10 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
cf.errors.css
pub-9aac200f71ed4107987645733706a799.r2.dev/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pub-9aac200f71ed4107987645733706a799.r2.dev/cdn-cgi/styles/cf.errors.css
Requested by
Host: pub-9aac200f71ed4107987645733706a799.r2.dev
URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 19:51:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 19 Jun 2024 08:39:00 GMT
Server
cloudflare
ETag
W/"66729924-5df3"
Transfer-Encoding
chunked
X-Frame-Options
DENY
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=7200, public
Connection
keep-alive
CF-RAY
897688205b0d82dc-ARN
Expires
Fri, 21 Jun 2024 21:51:10 GMT
icon-exclamation.png
pub-9aac200f71ed4107987645733706a799.r2.dev/cdn-cgi/images/ 		452 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-9aac200f71ed4107987645733706a799.r2.dev/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: pub-9aac200f71ed4107987645733706a799.r2.dev
URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/cdn-cgi/styles/cf.errors.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pub-9aac200f71ed4107987645733706a799.r2.dev/cdn-cgi/styles/cf.errors.css
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 19:51:10 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 19 Jun 2024 08:39:00 GMT
Server
cloudflare
ETag
"66729924-1c4"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=7200, public
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
897688209b7582dc-ARN
Content-Length
452
Expires
Fri, 21 Jun 2024 21:51:10 GMT
favicon.ico
pub-9aac200f71ed4107987645733706a799.r2.dev/ 		27 KB
27 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pub-9aac200f71ed4107987645733706a799.r2.dev/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 19:51:10 GMT
Server
cloudflare
Connection
keep-alive
CF-RAY
89768820fbeb82dc-ARN
Content-Length
27242
Vary
Accept-Encoding
Content-Type
text/html
Primary Request 30.html
pub-9aac200f71ed4107987645733706a799.r2.dev/
Redirect Chain
  • https://pub-9aac200f71ed4107987645733706a799.r2.dev/cdn-cgi/phish-bypass?atok=i.7t4scJPKRog3rNuPSP7eWKA0XYJ0d3Rd7.GxsjwWU-1718999470-0.0.1.1-%2F30.html
  • https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
44 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bb6e2b52ebd0bb36ba61aba050fed74814a6cf36a629a69558a55a23201130b

Request headers

Accept-Language
se-SE,se;q=0.9;q=0.9
Referer
https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
CF-RAY
897688406e8a82dc-ARN
Connection
keep-alive
Content-Length
44551
Content-Type
text/html
Date
Fri, 21 Jun 2024 19:51:15 GMT
ETag
"32e7d88cc9d7c8d216643b9ff3373322"
Last-Modified
Thu, 20 Jun 2024 21:37:36 GMT
Server
cloudflare
Vary
Accept-Encoding

Redirect headers

CF-RAY
897688402e2982dc-ARN
Cache-Control
private, no-cache
Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Fri, 21 Jun 2024 19:51:15 GMT
Location
https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Server
cloudflare
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/css/ 		122 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/css/bootstrap.min.css
Requested by
Host: pub-9aac200f71ed4107987645733706a799.r2.dev
URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bf87f7140c085febf881462c536ee73cf9183670811342d3dc1fd0f7a762a0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pub-9aac200f71ed4107987645733706a799.r2.dev/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:51:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617, 617
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
12643794
cdn-cachedat
2021-06-08 13:42:16
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
98d94e91ddf6e42b98fc52f77b8fa4cb
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
89768842892c0a35-ARN
cdn-requestpullsuccess
True
jquery-3.6.1.min.js
code.jquery.com/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.1.min.js
Requested by
Host: pub-9aac200f71ed4107987645733706a799.r2.dev
URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Origin
https://pub-9aac200f71ed4107987645733706a799.r2.dev
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://pub-9aac200f71ed4107987645733706a799.r2.dev/
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:51:15 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
4855665
x-cache
HIT, HIT
content-length
30957
x-served-by
cache-lga13629-LGA, cache-bma1638-BMA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1718999476.645457,VS0,VE0
etag
W/"28feccc0-15e40"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
39, 23459
transparent-outlook-icon-2.png
www.freepnglogos.com/uploads/logo-outlook/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.freepnglogos.com/uploads/logo-outlook/transparent-outlook-icon-2.png
Requested by
Host: pub-9aac200f71ed4107987645733706a799.r2.dev
URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
78.46.22.25 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.25.22.46.78.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7ea09b560f4ee78eef3bd17346ad544176f524866ebc3d4a954f554afa50d149

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pub-9aac200f71ed4107987645733706a799.r2.dev/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:51:15 GMT
last-modified
Sat, 20 Aug 2022 14:09:53 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"6300eb31-1480d"
content-type
image/png
cache-control
no-cache, must-revalidate
accept-ranges
bytes
content-length
83981
microsoft-office-2013-symbol-logo-png-6.png
www.freepnglogos.com/uploads/microsoft-office-png-logo/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.freepnglogos.com/uploads/microsoft-office-png-logo/microsoft-office-2013-symbol-logo-png-6.png
Requested by
Host: pub-9aac200f71ed4107987645733706a799.r2.dev
URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
78.46.22.25 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.25.22.46.78.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1b0e467247b9dab100ff77807af502e4277f72f721241c3f5b2eb483971aa9fa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pub-9aac200f71ed4107987645733706a799.r2.dev/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:51:15 GMT
last-modified
Sat, 20 Aug 2022 14:09:56 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"6300eb34-30d5"
content-type
image/png
cache-control
no-cache, must-revalidate
accept-ranges
bytes
content-length
12501
1599px-AOL_logo.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/b/b6/AOL_logo.svg/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/b/b6/AOL_logo.svg/1599px-AOL_logo.svg.png
Requested by
Host: pub-9aac200f71ed4107987645733706a799.r2.dev
URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.15.59.240 , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
upload-lb.esams.wikimedia.org
Software
envoy /
Resource Hash
eb8487a513bc473ada8e9a2876531d18d81108d0982a81c1476484094c3a6aa6
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pub-9aac200f71ed4107987645733706a799.r2.dev/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 20 Jun 2024 21:15:18 GMT
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-content-type-options
nosniff
nel
{ "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age
81357
x-cache-status
hit-local
x-cache
cp3080 hit, cp3080 miss
content-disposition
inline;filename*=UTF-8''AOL_logo.svg.png
server-timing
cache;desc="hit-local", host;desc="cp3080"
content-length
22531
x-client-ip
169.150.208.134
last-modified
Tue, 11 Jul 2023 15:23:30 GMT
server
envoy
etag
83fa484e18358506167a9bb624702cb1
report-to
{ "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges
bytes
timing-allow-origin
*
yahoo-logo-png-free-download-3.png
www.freepnglogos.com/uploads/yahoo-logo-png/ 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.freepnglogos.com/uploads/yahoo-logo-png/yahoo-logo-png-free-download-3.png
Requested by
Host: pub-9aac200f71ed4107987645733706a799.r2.dev
URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
78.46.22.25 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.25.22.46.78.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5dceec0355eda7880dead5e13d22d394b8a1e79101a93bf96447557997d93e86

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pub-9aac200f71ed4107987645733706a799.r2.dev/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:51:15 GMT
last-modified
Sat, 20 Aug 2022 14:09:51 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"6300eb2f-1d621"
content-type
image/png
cache-control
no-cache, must-revalidate
accept-ranges
bytes
content-length
120353
email-logo-png-33.png
www.freepnglogos.com/uploads/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.freepnglogos.com/uploads/email-logo-png-33.png
Requested by
Host: pub-9aac200f71ed4107987645733706a799.r2.dev
URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
78.46.22.25 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.25.22.46.78.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d9a3473ec58a884a38a3356602b33d053692a1e821a3f14b5b6e27d97d575ff7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pub-9aac200f71ed4107987645733706a799.r2.dev/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:51:15 GMT
last-modified
Sat, 20 Aug 2022 14:09:47 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"6300eb2b-100d85"
content-type
image/png
cache-control
no-cache, must-revalidate
accept-ranges
bytes
content-length
1052037
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js
Requested by
Host: pub-9aac200f71ed4107987645733706a799.r2.dev
URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pub-9aac200f71ed4107987645733706a799.r2.dev/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:51:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
284979
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6098
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4a59"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OapFSebyDlvBP6hOB9ePq1xkJemdF1Sg8Ii8rWjUa5yQnQtOmlT642ht00x%2FgrFtEvip4c0oSGjHnYXO902pWHAtHmCYobSLrYAhGU9WbFXD%2BT%2BDHlsqajT%2FLJjWd5JS04MxlXLb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
897688429819991b-ARN
expires
Wed, 11 Jun 2025 19:51:15 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/js/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/js/bootstrap.min.js
Requested by
Host: pub-9aac200f71ed4107987645733706a799.r2.dev
URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pub-9aac200f71ed4107987645733706a799.r2.dev/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:51:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
755
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
12643818
cdn-cachedat
08/27/2023 01:33:28
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"baaadea4492b059f284187d75af46063"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
c0f8d33ad4d1f37d9c2c293a1f18b83d
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
89768842892d0a35-ARN
cdn-requestpullsuccess
True
b9bdbd120a.js
use.fontawesome.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/b9bdbd120a.js
Requested by
Host: pub-9aac200f71ed4107987645733706a799.r2.dev
URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1693f38122d60b07323f33e1cb24e3488d291eefbce95f1d144efadcb512b4b1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pub-9aac200f71ed4107987645733706a799.r2.dev/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:51:15 GMT
content-encoding
zstd
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:18:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1068
etag
W/"db26306464ae227fbe50207468bde9b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nqvQTf7aoi1dJA142JeZiCnLb3yHvVgwFTg5t3cSsGHh8q32BYhd3Tp6LnIM5IJE0fuHPt9LmfdfXPekWxgMExQtLyrKhKwuxNPJc4%2FCWBIimZOrhEm2YIgyPko%2FC870LieU5r%2BA"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
89768842f9f4be35-CPH
alt-svc
h3=":443"; ma=86400
dropbox_nzhw.1200.png
sm.pcmag.com/t/pcmag_au/gallery/d/dropbox/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sm.pcmag.com/t/pcmag_au/gallery/d/dropbox/dropbox_nzhw.1200.png
Requested by
Host: pub-9aac200f71ed4107987645733706a799.r2.dev
URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.251.24 Cape Town, South Africa, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-251-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20145c74297de3c73dabe61765a3eba939c9ffb572b6fb6df5a7a1f105af2adb
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pub-9aac200f71ed4107987645733706a799.r2.dev/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:51:16 GMT
strict-transport-security
max-age=86400 ; preload
last-modified
Wed, 23 Sep 2020 20:04:53 GMT
etag
"6eda20284eec75db437f86b9a10eabf3"
content-type
image/webp
cache-control
private, max-age=29623861
accept-ranges
bytes
x-webp
/im.ziffdavisinternational.com/t/pcmag_au/gallery/d/dropbox/dropbox_nzhw.1200.png.webp
alt-svc
h3=":443"; ma=93600
content-length
26564
expires
Fri, 30 May 2025 16:42:17 GMT
/
fontawesome.com/
Redirect Chain
  • https://cdn.fontawesome.com/js/stats.js
  • https://fontawesome.com/
0
0
webfontloader.js
use.fontawesome.com/webfontloader/1.6.24/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/webfontloader/1.6.24/webfontloader.js
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/b9bdbd120a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pub-9aac200f71ed4107987645733706a799.r2.dev/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:51:15 GMT
content-encoding
zstd
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:46:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3435
etag
W/"9064ce12d2c81f68123c93bc1a8b0cad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5CDU1NuFvz9z%2FsIoEuSmqdJcO3f7517cNdGXswZdciUGUDo5yZLkdSk3OqUnbyukZht4ygQOGxkHfl1lAiRAg9gqFXMmGSMFfg4iXld%2FDMYzN41xBaeNN0Y%2FgKvjh3HEObcs1hFX"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31556926
cf-ray
897688436a7bbe35-CPH
alt-svc
h3=":443"; ma=86400
b9bdbd120a.css
use.fontawesome.com/ 		1 KB
692 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/b9bdbd120a.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/webfontloader/1.6.24/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
129576009d7636639b5d851ad8b7456b31d9082a015f6dbf606345e54f6a3de7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://pub-9aac200f71ed4107987645733706a799.r2.dev/
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:51:15 GMT
content-encoding
zstd
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:18:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1067
etag
W/"6935c7bbafe5de4ba1ef4cf6ef1e9f53"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mFPv9nfPBW8cI2QYrAMZoSulPT5526NIiXS1yFzcI4WEPB2%2BGfh7AfHeaVSAi1EKMqfu2rLgbWEAFpl39ex5cTcF3ml%2FunfspPHiI7d3dVFz4iQocpIQVBGM%2FAgNs80hnh%2FEI9su"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
89768843baf8be35-CPH
alt-svc
h3=":443"; ma=86400
font-awesome-css.min.css
use.fontawesome.com/releases/v4.6.3/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.6.3/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/b9bdbd120a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://use.fontawesome.com/b9bdbd120a.css
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:51:15 GMT
content-encoding
zstd
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:44:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1727088
etag
W/"7937bc10f6c59ceed1ff6e6bbebfcd8d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rZ7BY9O065bhA0cy%2Bbwx7Qv9Jtw%2FWIwMPGWwMpRyxvFL%2Fb0QDfGUkDaNE6BUUzhOagwnwsYZzvzj0IrkCR5NRvLzsu3M6DWJvcc%2FpRx2Ti8FACcZoMjJTf2c1zpuJqvt8TCYDOnF"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
897688441b68be35-CPH
alt-svc
h3=":443"; ma=86400
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.6.3/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.6.3/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/b9bdbd120a.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://use.fontawesome.com/b9bdbd120a.css
Origin
https://pub-9aac200f71ed4107987645733706a799.r2.dev
Accept-Language
se-SE,se;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 19:51:16 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:44:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e6cf7c6ec7c2d6f670ae9d762604cb0b"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zQVQFeHVvsxMD5RUij4byHODgxjukwIiaVLkqWgNqxFhHc3%2BYXVdf99s%2BB5ghw2w2nYMrtoHzAEDp1yKbAioYo1560xfax7f4lMvkeWPVVnQ%2FdCTHsztXTpd3fnXiDRoLZPMJgM1"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
897688450a67930b-CPH
alt-svc
h3=":443"; ma=86400
content-length
71896

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fontawesome.com
URL
https://fontawesome.com/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Dropbox (Consumer) Generic Cloudflare (Online)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery function| Popper object| FontAwesomeCdnConfig object| WebFontConfig function| validateEmail object| WebFont

1 Cookies

Domain/Path Name / Value
.pub-9aac200f71ed4107987645733706a799.r2.dev/ Name: __cf_mw_byp
Value: i.7t4scJPKRog3rNuPSP7eWKA0XYJ0d3Rd7.GxsjwWU-1718999470-0.0.1.1-/30.html

8 Console Messages

Source Level URL
Text
network error URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.11.0/umd/popper.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/js/bootstrap.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://use.fontawesome.com/b9bdbd120a.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
recommendation warning URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Message:
[DOM] Found 2 elements with non-unique id #recipient-name: (More info: https://goo.gl/9p2vKq) %o %o
recommendation verbose URL: https://pub-9aac200f71ed4107987645733706a799.r2.dev/30.html
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
fontawesome.com
maxcdn.bootstrapcdn.com
pub-9aac200f71ed4107987645733706a799.r2.dev
sm.pcmag.com
upload.wikimedia.org
use.fontawesome.com
www.freepnglogos.com
fontawesome.com
104.17.25.14
104.18.10.207
104.18.3.35
151.101.130.137
172.67.142.245
185.15.59.240
2.19.251.24
78.46.22.25
0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b
129576009d7636639b5d851ad8b7456b31d9082a015f6dbf606345e54f6a3de7
1693f38122d60b07323f33e1cb24e3488d291eefbce95f1d144efadcb512b4b1
1b0e467247b9dab100ff77807af502e4277f72f721241c3f5b2eb483971aa9fa
20145c74297de3c73dabe61765a3eba939c9ffb572b6fb6df5a7a1f105af2adb
2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac
2bb6e2b52ebd0bb36ba61aba050fed74814a6cf36a629a69558a55a23201130b
5292e677fe712c80863414e9e73f3678d86d409f751392b6803b70a949fc1017
570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499
5dceec0355eda7880dead5e13d22d394b8a1e79101a93bf96447557997d93e86
61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7ea09b560f4ee78eef3bd17346ad544176f524866ebc3d4a954f554afa50d149
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
9bf87f7140c085febf881462c536ee73cf9183670811342d3dc1fd0f7a762a0d
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
b48c49e9a2e3492032f9f599c459e495dbedd053e6bd9eeb3bdf1140037bdff0
d9a3473ec58a884a38a3356602b33d053692a1e821a3f14b5b6e27d97d575ff7
eb8487a513bc473ada8e9a2876531d18d81108d0982a81c1476484094c3a6aa6
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016