tfn41.s3.amazonaws.com Open in urlscan Pro
3.5.16.172  Malicious Activity! Public Scan

URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Submission Tags: https://phish.report @phish_report Search All
Submission: On August 01 via api from FI — Scanned from FI

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 26 HTTP transactions. The main IP is 3.5.16.172, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is tfn41.s3.amazonaws.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on March 21st 2023. Valid for: 9 months.
This is the only time tfn41.s3.amazonaws.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Tech Support Scam (Consumer)

Domain & IP information

Apex Domain
Subdomains
Transfer
18 amazonaws.com
tfn41.s3.amazonaws.com
2 MB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 58
region1.google-analytics.com — Cisco Umbrella Rank: 1914
21 KB
2 gstatic.com
fonts.gstatic.com
43 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
141 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 79
1 KB
26 5
Domain Requested by
18 tfn41.s3.amazonaws.com tfn41.s3.amazonaws.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com tfn41.s3.amazonaws.com
2 www.googletagmanager.com tfn41.s3.amazonaws.com
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com tfn41.s3.amazonaws.com
26 6

This site contains no links.

Subject Issuer Validity Valid
*.s3.amazonaws.com
Amazon RSA 2048 M01
2023-03-21 -
2023-12-19
9 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-07-10 -
2023-10-02
3 months crt.sh

This page contains 1 frames:

Primary Page: https://tfn41.s3.amazonaws.com/Win38/index.html
Frame ID: 71C991B1B42BD6C52D35656E95463477
Requests: 26 HTTP requests in this frame

Screenshot

Page Title

Microsoft Help Support Assistance c0de #D2xdvi7

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

1903 kB
Transfer

2182 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.html
tfn41.s3.amazonaws.com/Win38/
87 KB
88 KB
Document
General
Full URL
https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.16.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
63c9e4c1df0754d12f34763743b2b27f3feb148f5794ee39ee66381883ffbaf7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
89232
Content-Type
text/html
Date
Tue, 01 Aug 2023 16:07:13 GMT
ETag
"57c800fc0ce5976c3d4744cc498141e8"
Last-Modified
Tue, 01 Aug 2023 15:54:39 GMT
Server
AmazonS3
x-amz-id-2
vjKBdSlPteUOgG7Z1ycGELRr5t6J7Y02NGy+zbL9Uha7X/v6GcpCynjaV/doaOI31WA3S0nq8azqv1UjD16+FQ==
x-amz-request-id
J1EJC7M06TEGR17T
x-amz-server-side-encryption
AES256
styles.css
tfn41.s3.amazonaws.com/Win38/
8 KB
8 KB
Stylesheet
General
Full URL
https://tfn41.s3.amazonaws.com/Win38/styles.css
Requested by
Host: tfn41.s3.amazonaws.com
URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.16.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d300d2edd62dfe7de6be807f0979477e27e4add5f70423e1da0f7a58d058ca42

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tfn41.s3.amazonaws.com/Win38/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 16:07:13 GMT
Last-Modified
Tue, 01 Aug 2023 15:54:41 GMT
Server
AmazonS3
x-amz-request-id
J1EW34MB3FYQN24C
ETag
"b86e82488e16e659e7eacaf7a65f6d8a"
x-amz-server-side-encryption
AES256
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
8162
x-amz-id-2
AMaclTU+MMM0HJ8Zj7gWbaL+7mcjh1j1BmoQxEmTZvWMazgSNWbHDtJkQObfvVRQ6kCsVcyxcEarHNmZNx5erQ==
scripts.js
tfn41.s3.amazonaws.com/Win38/
7 KB
7 KB
Script
General
Full URL
https://tfn41.s3.amazonaws.com/Win38/scripts.js
Requested by
Host: tfn41.s3.amazonaws.com
URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.16.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
03ca7651cf34b5547fee4460d33c1b33cec3a7f78af5e29c985af90772a2dcac

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tfn41.s3.amazonaws.com/Win38/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 16:07:13 GMT
Last-Modified
Tue, 01 Aug 2023 15:54:49 GMT
Server
AmazonS3
x-amz-request-id
J1EWB8HCQ5GMAZ0A
ETag
"355af096f8e51d9c689d8124dd6ddbd2"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
7082
x-amz-id-2
t9yQf1P6pO94U+Q7uoYiRZy1RiIwjoDNrPmHNYOsrRrmDnhj3+xo/J/3SNxAHlPW34gTjdpP9rqi9bivPyon8w==
jquery.min.js
tfn41.s3.amazonaws.com/Win38/
82 KB
83 KB
Script
General
Full URL
https://tfn41.s3.amazonaws.com/Win38/jquery.min.js
Requested by
Host: tfn41.s3.amazonaws.com
URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.16.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tfn41.s3.amazonaws.com/Win38/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 16:07:13 GMT
Last-Modified
Tue, 01 Aug 2023 15:54:46 GMT
Server
AmazonS3
x-amz-request-id
J1ETKWNWE5YEB85N
ETag
"7f9fb969ce353c5d77707836391eb28d"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
84355
x-amz-id-2
vKz7PImT4sA6/9XiiahX0oTDg2NfqWn9IBseTZs5HInL/XPTL1d0E71YM4/uookyFnG0E7DIjFUMVKadGgQf0w==
bootstrap.min.js
tfn41.s3.amazonaws.com/Win38/
59 KB
59 KB
Script
General
Full URL
https://tfn41.s3.amazonaws.com/Win38/bootstrap.min.js
Requested by
Host: tfn41.s3.amazonaws.com
URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.16.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

Request headers

Referer
https://tfn41.s3.amazonaws.com/Win38/index.html
Origin
https://tfn41.s3.amazonaws.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 16:07:13 GMT
Last-Modified
Tue, 01 Aug 2023 15:54:47 GMT
Server
AmazonS3
x-amz-request-id
J1ERH6X53Q0NC66B
ETag
"02d223393e00c273efdcb1ade8f4f8b1"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
60044
x-amz-id-2
mgNXlMFw1MyF6li0Pncubmb1+rsEIkYGnZYJ2/GwmRx6uSgBUbp8X0WObGltpmDJ3TvERi8x9YFsf1a5k9XZbw==
font-awesome.min.css
tfn41.s3.amazonaws.com/Win38/
27 KB
28 KB
Stylesheet
General
Full URL
https://tfn41.s3.amazonaws.com/Win38/font-awesome.min.css
Requested by
Host: tfn41.s3.amazonaws.com
URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.16.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c1782a8e7e3ff0043f0b4312520e07f8477299e2ac89a11ec473f847c1bc3dc3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tfn41.s3.amazonaws.com/Win38/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 16:07:13 GMT
Last-Modified
Tue, 01 Aug 2023 15:54:52 GMT
Server
AmazonS3
x-amz-request-id
J1EHABJTPYM0QC4N
ETag
"835820949e29e350f15768fda86f3df2"
x-amz-server-side-encryption
AES256
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
27754
x-amz-id-2
tsfa5MvG+8giSHEuBBTb/Qi4sjRSg6vwBIoTwp0KeJI9Fp+FA5LtVvMqP0tYn3G2CtAE+3HX/FDLPmNOBb7e2g==
css2
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Google+Sans+Text:wght@400;500;700&display=swap
Requested by
Host: tfn41.s3.amazonaws.com
URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f68fb56eeb438c92833959df23da707039fda73f6938fc3c34ac74283559c217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tfn41.s3.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 01 Aug 2023 16:07:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 15:16:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 01 Aug 2023 16:07:12 GMT
bg.png
tfn41.s3.amazonaws.com/Win38/
819 KB
819 KB
Image
General
Full URL
https://tfn41.s3.amazonaws.com/Win38/bg.png
Requested by
Host: tfn41.s3.amazonaws.com
URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.16.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ee94f46aecf6fbed409cc7575ec3beca259bc1d8863401fe9325959426e0d270

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tfn41.s3.amazonaws.com/Win38/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 16:07:14 GMT
Last-Modified
Tue, 01 Aug 2023 15:54:58 GMT
Server
AmazonS3
x-amz-request-id
6GCV5PC10J4CE8P2
ETag
"400502ee2726928f1b2314404b53dafa"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
838375
x-amz-id-2
gRrdgbN65XEH6FG3jj5bhdqI32tc3gFo7Wt57uwqkvs871oE0gGsH2X1z+TLDrLEjKNaYrIvTV9JU3/6x2gxrA==
minimize.jpg
tfn41.s3.amazonaws.com/Win38/
17 KB
17 KB
Image
General
Full URL
https://tfn41.s3.amazonaws.com/Win38/minimize.jpg
Requested by
Host: tfn41.s3.amazonaws.com
URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.16.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a85f1e749a829c5c909837844c6b53ce0a9ae2adb7c8eac0e7b96c372c679a0d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tfn41.s3.amazonaws.com/Win38/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 16:07:14 GMT
Last-Modified
Tue, 01 Aug 2023 15:54:40 GMT
Server
AmazonS3
x-amz-request-id
6GCYJC48H931EEKD
ETag
"4bf52eb9b3efce840add1a90d83a40e5"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
17173
x-amz-id-2
kOJdK6tHLIw9+LhG/GZod38oZH5NOeTZgZ0Ic4zUXitvAIo19XbDQ3pWF+NUVVdcRFLIvz+899Bg/Gut+yzP8g==
microsoft.png
tfn41.s3.amazonaws.com/Win38/
1 KB
1 KB
Image
General
Full URL
https://tfn41.s3.amazonaws.com/Win38/microsoft.png
Requested by
Host: tfn41.s3.amazonaws.com
URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.16.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tfn41.s3.amazonaws.com/Win38/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 16:07:14 GMT
Last-Modified
Tue, 01 Aug 2023 15:54:44 GMT
Server
AmazonS3
x-amz-request-id
6GCH64FDE9SERYJG
ETag
"bf2b460590fbb9d8e9611a6e9006b816"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1045
x-amz-id-2
TfC8LjmheWXPKUP1DMouNwgdsotGu+64W34cgT18vasYONt1950mIwSQklHpJHpw5Kb07RauJyAM8/0D6Zxx7w==
qsbs-firewall.png
tfn41.s3.amazonaws.com/Win38/
920 B
1 KB
Image
General
Full URL
https://tfn41.s3.amazonaws.com/Win38/qsbs-firewall.png
Requested by
Host: tfn41.s3.amazonaws.com
URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.16.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
52b762d47c066e16300675d56cc359b504ffd3239438c96eb973864311bb7b79

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tfn41.s3.amazonaws.com/Win38/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 16:07:14 GMT
Last-Modified
Tue, 01 Aug 2023 15:54:42 GMT
Server
AmazonS3
x-amz-request-id
6GCY5287SKP5XF0C
ETag
"b0495ede4c875843fec037c794e9ff9a"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
920
x-amz-id-2
mInxwtlTaVUNbKjuRHh9NSw5Nexp4JjqTi8UK5A88u8tGfX9MXbkZEb2ZZSFeo8tYtShgsK0ezcMpfNyztH9IA==
s-S4-acc.png
tfn41.s3.amazonaws.com/Win38/
813 B
1 KB
Image
General
Full URL
https://tfn41.s3.amazonaws.com/Win38/s-S4-acc.png
Requested by
Host: tfn41.s3.amazonaws.com
URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.16.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
9edbf56b360080f5d6765dce77353b8130e9f8316ad34c68f6c2792cdc446321

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tfn41.s3.amazonaws.com/Win38/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 16:07:14 GMT
Last-Modified
Tue, 01 Aug 2023 15:54:56 GMT
Server
AmazonS3
x-amz-request-id
6GCK5FNHNEHTWG0Y
ETag
"d648c1837d01495eccd63e053491f72a"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
813
x-amz-id-2
qjDR69I38mCceA2D8k7W6RMzPHVWiMKavxY2EFdeOhsUYQqxbr0RDfc+kTd1eg9cv+yiMc2vvHq57SrtTFgsww==
Z5BR-network.png
tfn41.s3.amazonaws.com/Win38/
607 B
1013 B
Image
General
Full URL
https://tfn41.s3.amazonaws.com/Win38/Z5BR-network.png
Requested by
Host: tfn41.s3.amazonaws.com
URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.16.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c56a8ae4818963e0d71eda4ebf46b4f2cdd3a238537dc8e99711fb690d272a73

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tfn41.s3.amazonaws.com/Win38/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 16:07:14 GMT
Last-Modified
Tue, 01 Aug 2023 15:54:38 GMT
Server
AmazonS3
x-amz-request-id
6GCYQF129J3BFNEY
ETag
"2cd03a547f00cad010f9038619df45de"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
607
x-amz-id-2
m7hPQQKh81sf9K+Ufm24RZ2R0VOh2/+yb2ofqkKQwF3TyLbSwzo93F1P2rHgqQLw52as9O7udfECOMmuW2QkRQ==
uZbx-si.png
tfn41.s3.amazonaws.com/Win38/
5 KB
6 KB
Image
General
Full URL
https://tfn41.s3.amazonaws.com/Win38/uZbx-si.png
Requested by
Host: tfn41.s3.amazonaws.com
URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.16.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
92d8510869b3d581401a93130fa72e4b54c5bf28dc8005994c5248d9afbfc37b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tfn41.s3.amazonaws.com/Win38/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 16:07:14 GMT
Last-Modified
Tue, 01 Aug 2023 15:54:53 GMT
Server
AmazonS3
x-amz-request-id
6GCS7YWDA9K8TH63
ETag
"51147eb9734c3c0caf22aa77a80d96f0"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
5377
x-amz-id-2
4yQLIH037NyabOzBIQAKkIxn+u3XYfBsTb2lOckVwxr9cmVZoWvKY2ba/J26KKrmasaJWP0QUjhk5GSzPGpbqA==
-EBq-current.png
tfn41.s3.amazonaws.com/Win38/
1 KB
2 KB
Image
General
Full URL
https://tfn41.s3.amazonaws.com/Win38/-EBq-current.png
Requested by
Host: tfn41.s3.amazonaws.com
URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.16.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c1d52e31f7fc13cbb3efca8b0ec937ddd97a5ec545c4dad26193429db10d8662

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tfn41.s3.amazonaws.com/Win38/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 16:07:14 GMT
Last-Modified
Tue, 01 Aug 2023 15:54:43 GMT
Server
AmazonS3
x-amz-request-id
6GCS83GTMJN77N0S
ETag
"35629cc2adc804353a548305f1217206"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1162
x-amz-id-2
75g6nRSv6TnZflTNTfp7WA/ZWoWaeepAkRtp+bycVuhJuxFB650u9fBF7l5fVXFndzJgO13cwc/Z/vBiYWaCvw==
nOxp-sett.png
tfn41.s3.amazonaws.com/Win38/
463 B
869 B
Image
General
Full URL
https://tfn41.s3.amazonaws.com/Win38/nOxp-sett.png
Requested by
Host: tfn41.s3.amazonaws.com
URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.16.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
9cffd13c2ce05ebe032709a88fa59504e1218a12b175ec40d5aab280c18be51e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tfn41.s3.amazonaws.com/Win38/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 16:07:14 GMT
Last-Modified
Tue, 01 Aug 2023 15:54:45 GMT
Server
AmazonS3
x-amz-request-id
6GCZ3DDJ8PSXNVKT
ETag
"905d91c276116928fa306ea732723fa9"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
463
x-amz-id-2
2of1C75l51lp9qFHZHXj3EtQ2gC6LnACyCXGzpVG6RfEqHrgokgxCiC4pZUwSHDyYn0tDryUuXT/08Im6FoC1Q==
cross.png
tfn41.s3.amazonaws.com/Win38/
377 KB
378 KB
Image
General
Full URL
https://tfn41.s3.amazonaws.com/Win38/cross.png
Requested by
Host: tfn41.s3.amazonaws.com
URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.16.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c3ad6aa1c03fd108854f008cfec2753ba623e1470a4d61798b5d8c050e474868

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tfn41.s3.amazonaws.com/Win38/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Tue, 01 Aug 2023 16:07:14 GMT
Last-Modified
Tue, 01 Aug 2023 15:54:51 GMT
Server
AmazonS3
x-amz-request-id
6GCYF0XTKV87A8BP
ETag
"be42ad7752720327d28bf52dbdbb64c2"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
386359
x-amz-id-2
b249x5DmMrkk6nYCtZANoHOoSB0SxKwCSOyiTg3m9nbVpdjsNMKymVXfcEMBFeNBOCq94DUDxmK0Qg5qSBYwJw==
js
www.googletagmanager.com/gtag/
178 KB
65 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-164919641-1
Requested by
Host: tfn41.s3.amazonaws.com
URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
772c72ce84fd0ed89126c3582e1f4f7638402ed75052db54c3f3bff7ec638f7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tfn41.s3.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 16:07:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65930
x-xss-protection
0
last-modified
Tue, 01 Aug 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 01 Aug 2023 16:07:13 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v16/
21 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v16/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: tfn41.s3.amazonaws.com
URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tfn41.s3.amazonaws.com/
Origin
https://tfn41.s3.amazonaws.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 08:57:56 GMT
x-content-type-options
nosniff
age
284957
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21552
x-xss-protection
0
last-modified
Wed, 04 Dec 2019 18:44:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 08:57:56 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v16/
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v16/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: tfn41.s3.amazonaws.com
URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tfn41.s3.amazonaws.com/
Origin
https://tfn41.s3.amazonaws.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 07:33:52 GMT
x-content-type-options
nosniff
age
290001
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21716
x-xss-protection
0
last-modified
Wed, 04 Dec 2019 18:44:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 07:33:52 GMT
_Fm7-alert.mp3
tfn41.s3.amazonaws.com/Win38/
196 KB
197 KB
Media
General
Full URL
https://tfn41.s3.amazonaws.com/Win38/_Fm7-alert.mp3
Requested by
Host: tfn41.s3.amazonaws.com
URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.16.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65

Request headers

Referer
https://tfn41.s3.amazonaws.com/Win38/index.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 01 Aug 2023 16:07:14 GMT
Last-Modified
Tue, 01 Aug 2023 15:54:54 GMT
Server
AmazonS3
x-amz-request-id
6GCVR13VBG03ABMK
ETag
"0116152611dd51432e852781f8cc7e82"
x-amz-server-side-encryption
AES256
Content-Type
audio/mp3
Content-Range
bytes 0-200831/200832
Accept-Ranges
bytes
Content-Length
200832
x-amz-id-2
djTjnvPmPXLaIAopovnN2XdujYKMGBiTmhPCZX6Cp+HvNidaNWQRrfcq/wqIrb9xCt2gSJ0Unp7PlQDNgWz2Cg==
a0ler0tm0s.mp3
tfn41.s3.amazonaws.com/Win38/
255 B
544 B
Media
General
Full URL
https://tfn41.s3.amazonaws.com/Win38/a0ler0tm0s.mp3
Requested by
Host: tfn41.s3.amazonaws.com
URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.16.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f92d993f18f031bf17ecd320fb02a63b4b4c6361d80a64a539aef1b1015d9823

Request headers

Referer
https://tfn41.s3.amazonaws.com/Win38/index.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 01 Aug 2023 16:07:12 GMT
Server
AmazonS3
x-amz-request-id
6GCSB0Q6GE6PN6FN
x-amz-id-2
w3pfZrWTv+gElWZpSq5fOuoNooPMAz6DIKD/21Zdud8iGicaytcOgRrXBANGeYmIPqQd0CQA6hRTHlMALOEziw==
Transfer-Encoding
chunked
Content-Type
application/xml
js
www.googletagmanager.com/gtag/
215 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0K4M53BF1F&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-164919641-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
242352e87d1bfc9de76551b6cf56ea9d2482dea58da42806357f645df44729c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tfn41.s3.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 16:07:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77675
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 01 Aug 2023 16:07:13 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-164919641-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tfn41.s3.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 01 Aug 2023 15:49:45 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1048
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 01 Aug 2023 17:49:45 GMT
collect
region1.google-analytics.com/g/
0
250 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0K4M53BF1F&gtm=45je37q0&_p=285955641&cid=1241553823.1690906034&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1690906033&sct=1&seg=0&dl=https%3A%2F%2Ftfn41.s3.amazonaws.com%2FWin38%2Findex.html&dt=Microsoft%20Help%20Support%20Assistance%20c0de%20%23D2xdvi7&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0K4M53BF1F&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://tfn41.s3.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 16:07:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tfn41.s3.amazonaws.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
211 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=285955641&t=pageview&_s=1&dl=https%3A%2F%2Ftfn41.s3.amazonaws.com%2FWin38%2Findex.html&ul=en-us&de=UTF-8&dt=Microsoft%20Help%20Support%20Assistance%20c0de%20%23D2xdvi7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=77076814&gjid=889554182&cid=1241553823.1690906034&tid=UA-164919641-1&_gid=1056752380.1690906034&_r=1&gtm=457e37q0&jsscut=1&z=2041671645
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tfn41.s3.amazonaws.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 01 Aug 2023 16:07:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tfn41.s3.amazonaws.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Tech Support Scam (Consumer)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| startScan function| playSound object| date string| current_date string| current_time string| date_time function| $ function| jQuery object| bootstrap object| elem function| openFullscreen function| closeFullscreen string| lang function| showmess object| Helper function| addEvent function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData

4 Cookies

Domain/Path Name / Value
.tfn41.s3.amazonaws.com/ Name: _ga_0K4M53BF1F
Value: GS1.1.1690906033.1.0.1690906033.0.0.0
.tfn41.s3.amazonaws.com/ Name: _ga
Value: GA1.4.1241553823.1690906034
.tfn41.s3.amazonaws.com/ Name: _gid
Value: GA1.4.1056752380.1690906034
.tfn41.s3.amazonaws.com/ Name: _gat_gtag_UA_164919641_1
Value: 1

2 Console Messages

Source Level URL
Text
network error URL: https://tfn41.s3.amazonaws.com/Win38/a0ler0tm0s.mp3
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://tfn41.s3.amazonaws.com/Win38/index.html
Message:
The resource https://fonts.googleapis.com/css2?family=Google+Sans+Text:wght@400;500;700&display=swap was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
tfn41.s3.amazonaws.com
www.google-analytics.com
www.googletagmanager.com
2001:4860:4802:34::36
2a00:1450:4001:808::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2003
2a00:1450:4001:831::200e
3.5.16.172
03ca7651cf34b5547fee4460d33c1b33cec3a7f78af5e29c985af90772a2dcac
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
242352e87d1bfc9de76551b6cf56ea9d2482dea58da42806357f645df44729c2
52b762d47c066e16300675d56cc359b504ffd3239438c96eb973864311bb7b79
63c9e4c1df0754d12f34763743b2b27f3feb148f5794ee39ee66381883ffbaf7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
772c72ce84fd0ed89126c3582e1f4f7638402ed75052db54c3f3bff7ec638f7c
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
92d8510869b3d581401a93130fa72e4b54c5bf28dc8005994c5248d9afbfc37b
9cffd13c2ce05ebe032709a88fa59504e1218a12b175ec40d5aab280c18be51e
9edbf56b360080f5d6765dce77353b8130e9f8316ad34c68f6c2792cdc446321
a85f1e749a829c5c909837844c6b53ce0a9ae2adb7c8eac0e7b96c372c679a0d
c1782a8e7e3ff0043f0b4312520e07f8477299e2ac89a11ec473f847c1bc3dc3
c1d52e31f7fc13cbb3efca8b0ec937ddd97a5ec545c4dad26193429db10d8662
c3ad6aa1c03fd108854f008cfec2753ba623e1470a4d61798b5d8c050e474868
c56a8ae4818963e0d71eda4ebf46b4f2cdd3a238537dc8e99711fb690d272a73
d300d2edd62dfe7de6be807f0979477e27e4add5f70423e1da0f7a58d058ca42
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
ee94f46aecf6fbed409cc7575ec3beca259bc1d8863401fe9325959426e0d270
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f68fb56eeb438c92833959df23da707039fda73f6938fc3c34ac74283559c217
f92d993f18f031bf17ecd320fb02a63b4b4c6361d80a64a539aef1b1015d9823
fc59bbb18f923747b9cd3f3b23537ff09c5ad2fdfc1505a4800a3f269a234e65