urlscan.io logo urlscan.io
SecurityTrails logo

plains.cloudns.be Open in urlscan Pro
162.240.168.222  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://plains.cloudns.be/login
Submission: On June 21 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 21 HTTP transactions. The main IP is 162.240.168.222, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is plains.cloudns.be.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on June 19th 2024. Valid for: 3 months.
This is the only time plains.cloudns.be was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Chase (Banking)

Domain & IP information

IP Address AS Autonomous System
4 162.240.168.222 46606 (UNIFIEDLA...)
1 2a00:1450:400... 15169 (GOOGLE)
5 104.17.25.14 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
4 45.130.231.204 47583 (AS-HOSTINGER)
2 2a00:1450:400... 15169 (GOOGLE)
1 23.222.16.139 20940 (AKAMAI-ASN1)
21 8
4    162.240.168.222 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-240-168-222.unifiedlayer.com
plains.cloudns.be
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
4    45.130.231.204 (Singapore, Singapore)

ASN47583 (AS-HOSTINGER, CY)
PTR: srv102.niagahoster.com
idevcorner.com
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    23.222.16.139 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-16-139.deploy.static.akamaitechnologies.com
static.chasecdn.com
Apex Domain
Subdomains		 Transfer
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
105 KB
4 idevcorner.com
idevcorner.com
57 KB
4 cloudns.be
plains.cloudns.be
505 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1381
93 KB
2 gstatic.com
fonts.gstatic.com
32 KB
1 chasecdn.com
static.chasecdn.com — Cisco Umbrella Rank: 8320
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
1 KB
21 7
Domain Requested by
5 cdnjs.cloudflare.com plains.cloudns.be
cdnjs.cloudflare.com
4 idevcorner.com plains.cloudns.be
4 plains.cloudns.be plains.cloudns.be
3 use.fontawesome.com plains.cloudns.be
use.fontawesome.com
2 fonts.gstatic.com fonts.googleapis.com
1 static.chasecdn.com
1 fonts.googleapis.com plains.cloudns.be
21 7

This site contains no links.

Subject Issuer Validity Valid
plains.cloudns.be
ZeroSSL ECC Domain Secure Site CA		 2024-06-19 -
2024-09-17		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
idevcorner.com
R3		 2024-05-27 -
2024-08-25		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
static2.chasecdn.com
Entrust Certification Authority - L1M		 2024-04-08 -
2025-04-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://plains.cloudns.be/login
Frame ID: 1E198F26321ED5A6DFA0B9E7FB4952CB
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in - chase.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href="[^"]*material(?:\.[\w]+-[\w]+)?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

95 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

8
IPs

4
Countries

794 kB
Transfer

1585 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
plains.cloudns.be/ 		13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plains.cloudns.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.240.168.222 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-240-168-222.unifiedlayer.com
Software
Apache /
Resource Hash
8eff9b0b7084b22e3a7d415bb7d13679745b635d4158e664aef5cc89c3895d25

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=UTF-8
date
Fri, 21 Jun 2024 12:23:02 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Requested by
Host: plains.cloudns.be
URL: https://plains.cloudns.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://plains.cloudns.be/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 21 Jun 2024 12:23:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 21 Jun 2024 10:56:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Jun 2024 12:23:04 GMT
ionicons.css
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.5/css/ 		52 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.5/css/ionicons.css
Requested by
Host: plains.cloudns.be
URL: https://plains.cloudns.be/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
406ed1bddec46761296968983c8c3ceabf4238ef7c4d3e65eca6a4c443fb0367
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://plains.cloudns.be/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:23:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
15829
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5383
last-modified
Mon, 04 May 2020 16:11:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03eae-d18c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PhV8%2BVQsf7bfLcquSsZc4FNCcHcbE7K6wKXL%2BUbrjlyUqp7eTYQ62fU0mszQZaSulVMr20PSwtCtDR7pZ46qRHOEFScwh73f%2BR%2Fznx4MYPjYjJbukdjrdHighBFkIdZkg%2FPCQvS7"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8973f7b9ddab4da1-FRA
expires
Wed, 11 Jun 2025 12:23:03 GMT
all.css
use.fontawesome.com/releases/v5.13.0/css/ 		57 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.13.0/css/all.css
Requested by
Host: plains.cloudns.be
URL: https://plains.cloudns.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://plains.cloudns.be/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:23:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2648043
etag
W/"76cb46c10b6c0293433b371bae2414b2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BhSOjw8BkdxaXpOj2kEpIeEmkAYZyLWXH5h9y6GEvcrdsPcKBgTUUDO6cSmsEevnQkcZiAH7Ws3H39BpSvUTt6KMhG6b8p4Bm7b2dSSttmu3M%2B8kyJLihdM%2FRZbp0CXizkBxd4kzOUhTx4V%2FnT8oRI6E"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
8973f7ba1d1a65c7-FRA
alt-svc
h3=":443"; ma=86400
v4-shims.css
use.fontawesome.com/releases/v5.13.0/css/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.13.0/css/v4-shims.css
Requested by
Host: plains.cloudns.be
URL: https://plains.cloudns.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0ded025aa80c10d37920521c8de04536a6145d0e42eb4186c57b412fa50eb45

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://plains.cloudns.be/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:23:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:45:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2484893
etag
W/"fb073a92592d70e5aa6e3cce1cf93a11"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S9pztSE4LXR44hRNAfqWik7oG8%2F7rjlHXvC8agczgQa5iFm2admh%2F6MhWFkXkF410GtD9w64avp4aAU3UcfL%2BbZu18pPy8fuWf2QXfvPg9UFeJVwePOQ3F%2F0wQj5TxHyUwhiW5QBofCJzwXrkhmieZtI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
8973f7ba1d1465c7-FRA
alt-svc
h3=":443"; ma=86400
bootstrap-material.css
idevcorner.com/cdn/css/ 		188 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://idevcorner.com/cdn/css/bootstrap-material.css
Requested by
Host: plains.cloudns.be
URL: https://plains.cloudns.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.130.231.204 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv102.niagahoster.com
Software
LiteSpeed /
Resource Hash
1c395880a354fb46690f8c5c89a9c7ea9b19e6de637f6736370b93e4d041e43e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://plains.cloudns.be/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:23:05 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Sun, 07 Apr 2019 06:48:00 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
20563
x-xss-protection
1; mode=block
expires
Fri, 28 Jun 2024 12:23:05 GMT
shreerang-material.css
idevcorner.com/cdn/css/ 		326 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://idevcorner.com/cdn/css/shreerang-material.css
Requested by
Host: plains.cloudns.be
URL: https://plains.cloudns.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.130.231.204 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv102.niagahoster.com
Software
LiteSpeed /
Resource Hash
b47ab02133f6d6b98efa31588b443a9ff9f8a7d2ebb0af0a95f203033b97c720
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://plains.cloudns.be/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:23:05 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Sun, 07 Apr 2019 06:49:12 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
32351
x-xss-protection
1; mode=block
expires
Fri, 28 Jun 2024 12:23:05 GMT
perfect-scrollbar.css
cdnjs.cloudflare.com/ajax/libs/jquery.perfect-scrollbar/1.4.0/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.perfect-scrollbar/1.4.0/css/perfect-scrollbar.css
Requested by
Host: plains.cloudns.be
URL: https://plains.cloudns.be/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b6508c9e8e04de8ebfec5de2ce1c4303bc46a0a279283eff7e248c1c900a91b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://plains.cloudns.be/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:23:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
361391
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
515
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-a26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eBjL6JQMxmgJgkUzk6M%2FUaIZg9Sr%2Ftv7SRCDLQynya%2FRffIPqicpQ8gaRqe%2FXYynJ2nL3GnnTn5HB75%2FFHbXAcugAWcEEm7DWHYbMwp6FXeVdG%2FcnEtbmjhqMWIOFET4wloMiJGe"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8973f7b9dda74da1-FRA
expires
Wed, 11 Jun 2025 12:23:03 GMT
authentication.css
plains.cloudns.be/assets/CSS/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://plains.cloudns.be/assets/CSS/authentication.css
Requested by
Host: plains.cloudns.be
URL: https://plains.cloudns.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.240.168.222 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-240-168-222.unifiedlayer.com
Software
Apache /
Resource Hash
2d9913a0cc8a5804e861b9f6589443a67b22e652cc7a3b599850abb95cc057ad

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://plains.cloudns.be/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:23:03 GMT
last-modified
Wed, 13 Mar 2019 17:38:50 GMT
server
Apache
accept-ranges
bytes
content-length
1772
content-type
text/css
logo-white.svg
plains.cloudns.be/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plains.cloudns.be/img/logo-white.svg
Requested by
Host: plains.cloudns.be
URL: https://plains.cloudns.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.240.168.222 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-240-168-222.unifiedlayer.com
Software
Apache /
Resource Hash
5db4371141d3ca5d533912e3ae1133c9f26d8dc34b09bb8d5087a2b8666a804b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://plains.cloudns.be/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:23:03 GMT
last-modified
Fri, 22 Feb 2019 08:26:44 GMT
server
Apache
accept-ranges
bytes
content-length
1424
content-type
image/svg+xml
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: plains.cloudns.be
URL: https://plains.cloudns.be/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://plains.cloudns.be/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:23:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
65302
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27433
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HnDvmECqopAeNioy6yOMcSsGpk3nkcoroHOP7t1jKT38Lpx%2B7pTda4Iq0zZMkXg2EVYhwBuz5mTvsM%2BvK90g7Fx3aYMZS9LKWo22vbkRuC310v%2B4Lr8tloiMZ5O6kqW%2BDkFFQdkV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8973f7babec74da1-FRA
expires
Wed, 11 Jun 2025 12:23:04 GMT
bootstrap.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/ 		129 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/bootstrap.js
Requested by
Host: plains.cloudns.be
URL: https://plains.cloudns.be/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a65d5b4abb65aad37f302c96f1751362e2422a8869f7f889112556d77e384813
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://plains.cloudns.be/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:23:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
71566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20115
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-20235"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ef9sOhZs%2FLERWXT39rKXNBmBPFiSwwb%2FoUJo8o7qnDN1mHfPGYnBCfbuOX%2B4pw98X5X1sfhZdhpYdQnOLq1o7H4iv4oVTLdXktkVEGnHiPksv4JLcRg0tXb4Dl77LLPaMQwhs0hW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8973f7babec84da1-FRA
expires
Wed, 11 Jun 2025 12:23:04 GMT
script_frontend.js
idevcorner.com/cdn/js/ 		3 KB
533 B 		Script
General
Check archive.org
Download Go to
Full URL
https://idevcorner.com/cdn/js/script_frontend.js
Requested by
Host: plains.cloudns.be
URL: https://plains.cloudns.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.130.231.204 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv102.niagahoster.com
Software
LiteSpeed /
Resource Hash
19f150cf1e8aefc4674a88255d2f085da4b84b779fc7b75308a43512eb86a8d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://plains.cloudns.be/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:23:05 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Sun, 07 Apr 2019 07:40:08 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
472
x-xss-protection
1; mode=block
expires
Fri, 28 Jun 2024 12:23:05 GMT
sidenav.js
idevcorner.com/cdn/js/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://idevcorner.com/cdn/js/sidenav.js
Requested by
Host: plains.cloudns.be
URL: https://plains.cloudns.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.130.231.204 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv102.niagahoster.com
Software
LiteSpeed /
Resource Hash
8e6aca61ef7ae907707da4e2eab6e98cd4b3d80e0996adaee6b3fcb627ee5a1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://plains.cloudns.be/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:23:05 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Sun, 07 Apr 2019 07:48:40 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4173
x-xss-protection
1; mode=block
expires
Fri, 28 Jun 2024 12:23:05 GMT
background-1.jpeg
plains.cloudns.be/img/Day/ 		488 KB
488 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://plains.cloudns.be/img/Day/background-1.jpeg
Requested by
Host: plains.cloudns.be
URL: https://plains.cloudns.be/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.240.168.222 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-240-168-222.unifiedlayer.com
Software
Apache /
Resource Hash
31361db9d38026e3ed85a2bc7f71148e3e91fbbe41539357fddac9670de33a77

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://plains.cloudns.be/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:23:05 GMT
last-modified
Sat, 23 Feb 2019 17:12:36 GMT
server
Apache
accept-ranges
bytes
content-length
499558
content-type
image/jpeg
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://plains.cloudns.be
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 14:43:19 GMT
x-content-type-options
nosniff
age
250787
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 14:43:19 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://plains.cloudns.be
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 15:21:51 GMT
x-content-type-options
nosniff
age
248475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Jun 2025 15:21:51 GMT
ionicons.woff2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.5/fonts/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.5/fonts/ionicons.woff2?v=4.5.4
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.5/css/ionicons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d02d165cb720aec2fde78a93113a459729e0503951353f719076bc5b4a7a845
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.5/css/ionicons.css
Origin
https://plains.cloudns.be
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:23:06 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
64411
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
50556
last-modified
Mon, 04 May 2020 16:11:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03eae-c57c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LH%2FpqEqFTH%2FrEzKbfGrbT38P7OL5MsjrzoZm1Rc01D7GFjpBWj%2FQ1FHFHI2HBDXqIch8xyR3QMIkoQae6FU7TmJMJcbD3TDqXGx5fRlW0X4MkA%2BloCX8bvlDtWnkz5IiLOQ2M619"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8973f7c77e9571bb-FRA
expires
Wed, 11 Jun 2025 12:23:06 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.13.0/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.13.0/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://use.fontawesome.com/releases/v5.13.0/css/all.css
Origin
https://plains.cloudns.be
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:23:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12416
alt-svc
h3=":443"; ma=86400
content-length
76612
last-modified
Fri, 22 Sep 2023 01:45:10 GMT
server
cloudflare
etag
"a06da7f0950f9dd366fc9db9d56d618a"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MyWfNf7Nx%2FEsQ6l5%2BDGDC0KdkEMtbB5FWuSdneoXQqaXgrMyA8OHQ6X7iaMlaUrncJcRGVc7m3KCaN08G8Il1MNULB5V7tBGYfCK%2BcKVlSGDD%2B4QEcLZinMhQBYNZvLX0AbpH5u0Mum96UufFzIDlU33"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
8973f7c7bdbd3655-FRA
script_frontend.js
idevcorner.com/cdn/js/ 		0
0
chasefavicon.ico
static.chasecdn.com/content/dam/cpo-static/images/ 		31 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.chasecdn.com/content/dam/cpo-static/images/chasefavicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.16.139 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-222-16-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
625816f80596303e9de8e68695973369faa462b416202825b03899c781464fb9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://plains.cloudns.be/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-dispatcher
dispatcher7useast1-28539364
date
Fri, 21 Jun 2024 12:23:07 GMT
content-encoding
gzip
strict-transport-security
max-age=86400 ; preload
last-modified
Sat, 06 Apr 2024 05:26:43 GMT
x-ams-migration
TRUE
x-amzn-trace-id
0.8710de17.1718972587.27c3a3cb
x-vhost
private-publish
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
cache-control
max-age=2592000,s-maxage=2592000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1718972587435_400429191_667132875_28_5584_130_267_219";dur=1
accept-ranges
bytes
content-length
2460

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
idevcorner.com
URL
http://idevcorner.com/cdn/js/script_frontend.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Chase (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery object| bootstrap function| SideNav

1 Cookies

Domain/Path Name / Value
plains.cloudns.be/ Name: PHPSESSID
Value: de411fd4545d57c89bbcdfc23eb9ad5d

2 Console Messages

Source Level URL
Text
security error URL: https://plains.cloudns.be/login
Message:
Mixed Content: The page at 'https://plains.cloudns.be/login' was loaded over HTTPS, but requested an insecure script 'http://idevcorner.com/cdn/js/script_frontend.js'. This request has been blocked; the content must be served over HTTPS.
recommendation verbose URL: https://plains.cloudns.be/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
idevcorner.com
plains.cloudns.be
static.chasecdn.com
use.fontawesome.com
idevcorner.com
104.17.25.14
162.240.168.222
23.222.16.139
2606:4700:3036::6815:1b98
2a00:1450:4001:808::2003
2a00:1450:4001:810::200a
45.130.231.204
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
19f150cf1e8aefc4674a88255d2f085da4b84b779fc7b75308a43512eb86a8d6
1c395880a354fb46690f8c5c89a9c7ea9b19e6de637f6736370b93e4d041e43e
2d02d165cb720aec2fde78a93113a459729e0503951353f719076bc5b4a7a845
2d9913a0cc8a5804e861b9f6589443a67b22e652cc7a3b599850abb95cc057ad
31361db9d38026e3ed85a2bc7f71148e3e91fbbe41539357fddac9670de33a77
406ed1bddec46761296968983c8c3ceabf4238ef7c4d3e65eca6a4c443fb0367
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
5db4371141d3ca5d533912e3ae1133c9f26d8dc34b09bb8d5087a2b8666a804b
625816f80596303e9de8e68695973369faa462b416202825b03899c781464fb9
7b6508c9e8e04de8ebfec5de2ce1c4303bc46a0a279283eff7e248c1c900a91b
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
8e6aca61ef7ae907707da4e2eab6e98cd4b3d80e0996adaee6b3fcb627ee5a1f
8eff9b0b7084b22e3a7d415bb7d13679745b635d4158e664aef5cc89c3895d25
a65d5b4abb65aad37f302c96f1751362e2422a8869f7f889112556d77e384813
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b47ab02133f6d6b98efa31588b443a9ff9f8a7d2ebb0af0a95f203033b97c720
c0ded025aa80c10d37920521c8de04536a6145d0e42eb4186c57b412fa50eb45
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615