urlscan.io logo urlscan.io
SecurityTrails logo

pub-228fdfa31e01413f8bba932f2c866711.r2.dev Open in urlscan Pro
2606:4700::6812:323  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html
Effective URL: https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html
Submission: On September 18 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 21 HTTP transactions. The main IP is 2606:4700::6812:323, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-228fdfa31e01413f8bba932f2c866711.r2.dev.
TLS certificate: Issued by E1 on August 13th 2023. Valid for: 3 months.
This is the only time pub-228fdfa31e01413f8bba932f2c866711.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
14 148.251.83.25 24940 (HETZNER-AS)
21 2
Apex Domain
Subdomains		 Transfer
14 manoharlaljewellers.in
www.manoharlaljewellers.in
268 KB
8 r2.dev
pub-228fdfa31e01413f8bba932f2c866711.r2.dev
261 KB
21 2
Domain Requested by
14 www.manoharlaljewellers.in pub-228fdfa31e01413f8bba932f2c866711.r2.dev
www.manoharlaljewellers.in
8 pub-228fdfa31e01413f8bba932f2c866711.r2.dev 1 redirects pub-228fdfa31e01413f8bba932f2c866711.r2.dev
21 2

This site contains no links.

Subject Issuer Validity Valid
*.r2.dev
E1		 2023-08-13 -
2023-11-11		 3 months crt.sh
manoharlaljewellers.in
R3		 2023-07-23 -
2023-10-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html
Frame ID: 03703ADF58D7F176985EF94802DEB12F
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - First National Bank - FNB

Page URL History Show full URLs

  1. http://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html HTTP 307
    https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html Page URL
  2. https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/cdn-cgi/phish-bypass?atok=x3OJFRRfCgaPmzcUh4z5ietW0uJuAGCaCmLWvjmUtwI-169503... HTTP 301
    https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html Page URL

Page Statistics

21
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

528 kB
Transfer

4749 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html HTTP 307
    https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html Page URL
  2. https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/cdn-cgi/phish-bypass?atok=x3OJFRRfCgaPmzcUh4z5ietW0uJuAGCaCmLWvjmUtwI-1695032569-0-%2Fmain.html HTTP 301
    https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html HTTP 307
  • https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
main.html
pub-228fdfa31e01413f8bba932f2c866711.r2.dev/
Redirect Chain
  • http://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html
  • https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43ef3732ddcd32c2c94e1cd73835f45c5f9610521de44689995b36722e462d9e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

CF-RAY
8088deb5b8198d96-MIA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Sep 2023 10:22:49 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html
Non-Authoritative-Reason
HSTS
cf.errors.css
pub-228fdfa31e01413f8bba932f2c866711.r2.dev/cdn-cgi/styles/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/cdn-cgi/styles/cf.errors.css
Requested by
Host: pub-228fdfa31e01413f8bba932f2c866711.r2.dev
URL: https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 10:22:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 12 Sep 2023 15:48:14 GMT
Server
cloudflare
ETag
W/"6500883e-5e44"
Transfer-Encoding
chunked
X-Frame-Options
DENY
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=7200, public
Connection
keep-alive
CF-RAY
8088deb5f86c8d96-MIA
Expires
Mon, 18 Sep 2023 12:22:49 GMT
icon-exclamation.png
pub-228fdfa31e01413f8bba932f2c866711.r2.dev/cdn-cgi/images/ 		452 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: pub-228fdfa31e01413f8bba932f2c866711.r2.dev
URL: https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/cdn-cgi/styles/cf.errors.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 10:22:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 12 Sep 2023 15:48:14 GMT
Server
cloudflare
ETag
"6500883e-1c4"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=7200, public
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8088deb678c18d96-MIA
Content-Length
452
Expires
Mon, 18 Sep 2023 12:22:49 GMT
Primary Request main.html
pub-228fdfa31e01413f8bba932f2c866711.r2.dev/
Redirect Chain
  • https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/cdn-cgi/phish-bypass?atok=x3OJFRRfCgaPmzcUh4z5ietW0uJuAGCaCmLWvjmUtwI-1695032569-0-%2Fmain.html
  • https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html
7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbb029730485fd40489285e1b6355ca7d0c773432aac28b5778ccc9bd77d3ff2

Request headers

Referer
https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

CF-RAY
8088decda95e8d96-MIA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 18 Sep 2023 10:22:53 GMT
ETag
W/"8e31250003ee843d03260869b794a7d7"
Last-Modified
Sat, 09 Sep 2023 19:19:56 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

CF-RAY
8088decd691c8d96-MIA
Cache-Control
private, no-cache
Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Mon, 18 Sep 2023 10:22:53 GMT
Location
https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html
Server
cloudflare
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
app.css
www.manoharlaljewellers.in/word/css/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.manoharlaljewellers.in/word/css/app.css
Requested by
Host: pub-228fdfa31e01413f8bba932f2c866711.r2.dev
URL: https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.83.25 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
athena.indiandns.net
Software
LiteSpeed /
Resource Hash
2135fdd0d5513addc838912a2c4e3db19c79f7962ce462408f4a708c38e2b352

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:22:53 GMT
content-encoding
br
last-modified
Thu, 31 Aug 2023 17:27:30 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
9290
expires
Mon, 25 Sep 2023 10:22:53 GMT
pg1.png
pub-228fdfa31e01413f8bba932f2c866711.r2.dev/images/ 		216 KB
216 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/images/pg1.png
Requested by
Host: pub-228fdfa31e01413f8bba932f2c866711.r2.dev
URL: https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c38b7ad7bc0ff24b22651367cf471de681140f7f6a8bce168985e8c0d6460d04

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 10:22:53 GMT
Last-Modified
Tue, 05 Sep 2023 15:59:57 GMT
Server
cloudflare
ETag
"ed2a9757e36986280d2954c702ebc943"
Vary
Accept-Encoding
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8088decf0a618d96-MIA
Content-Length
221357
login.jpg
pub-228fdfa31e01413f8bba932f2c866711.r2.dev/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/images/login.jpg
Requested by
Host: pub-228fdfa31e01413f8bba932f2c866711.r2.dev
URL: https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdc7f46103c785ec2f8320be9178320529885cee3d863c632153a972e1d08ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 10:22:53 GMT
Last-Modified
Tue, 05 Sep 2023 15:59:47 GMT
Server
cloudflare
ETag
"cb34a8101ec1a7da54d0c70d4c26330d"
Vary
Accept-Encoding
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8088decf7cb42577-MIA
Content-Length
16926
app.min-blessed14.css
www.manoharlaljewellers.in/word/css/blessed/ 		286 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.manoharlaljewellers.in/word/css/blessed/app.min-blessed14.css?z=1541089678609
Requested by
Host: www.manoharlaljewellers.in
URL: https://www.manoharlaljewellers.in/word/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.83.25 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
athena.indiandns.net
Software
LiteSpeed /
Resource Hash
cc1dfafb451e1afe041eb55279b87be4dea1e7596385a6d2f20f07a3b8e33f97

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.manoharlaljewellers.in/word/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:22:53 GMT
content-encoding
br
last-modified
Thu, 31 Aug 2023 17:27:40 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
29454
expires
Mon, 25 Sep 2023 10:22:53 GMT
app.min-blessed13.css
www.manoharlaljewellers.in/word/css/blessed/ 		164 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.manoharlaljewellers.in/word/css/blessed/app.min-blessed13.css?z=1541089678609
Requested by
Host: www.manoharlaljewellers.in
URL: https://www.manoharlaljewellers.in/word/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.83.25 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
athena.indiandns.net
Software
LiteSpeed /
Resource Hash
8d1a939bfdd2323107be4cbacd50073e5220eccf1bfc4185bcdb0aff72871dba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.manoharlaljewellers.in/word/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:22:53 GMT
content-encoding
br
last-modified
Thu, 31 Aug 2023 17:27:40 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7629
expires
Mon, 25 Sep 2023 10:22:53 GMT
app.min-blessed12.css
www.manoharlaljewellers.in/word/css/blessed/ 		220 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.manoharlaljewellers.in/word/css/blessed/app.min-blessed12.css?z=1541089678609
Requested by
Host: www.manoharlaljewellers.in
URL: https://www.manoharlaljewellers.in/word/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.83.25 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
athena.indiandns.net
Software
LiteSpeed /
Resource Hash
5e696e91201269e7c2ae030fea54074f00971da28293c3f8c8d1dcaa947194bd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.manoharlaljewellers.in/word/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:22:53 GMT
content-encoding
br
last-modified
Thu, 31 Aug 2023 17:27:40 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
10460
expires
Mon, 25 Sep 2023 10:22:53 GMT
app.min-blessed11.css
www.manoharlaljewellers.in/word/css/blessed/ 		277 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.manoharlaljewellers.in/word/css/blessed/app.min-blessed11.css?z=1541089678609
Requested by
Host: www.manoharlaljewellers.in
URL: https://www.manoharlaljewellers.in/word/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.83.25 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
athena.indiandns.net
Software
LiteSpeed /
Resource Hash
b6a46d8a1dd1e7a9992f67b1d852c3f6ccc1e59d632236bde90bb6ee751d0518

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.manoharlaljewellers.in/word/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:22:53 GMT
content-encoding
br
last-modified
Thu, 31 Aug 2023 17:27:40 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12847
expires
Mon, 25 Sep 2023 10:22:53 GMT
app.min-blessed10.css
www.manoharlaljewellers.in/word/css/blessed/ 		310 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.manoharlaljewellers.in/word/css/blessed/app.min-blessed10.css?z=1541089678609
Requested by
Host: www.manoharlaljewellers.in
URL: https://www.manoharlaljewellers.in/word/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.83.25 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
athena.indiandns.net
Software
LiteSpeed /
Resource Hash
c5739f3304650d32714e427d28f7d9b2cd2d5b1d72248ae817ebe008266d5295

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.manoharlaljewellers.in/word/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:22:53 GMT
content-encoding
br
last-modified
Thu, 31 Aug 2023 17:27:40 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
17788
expires
Mon, 25 Sep 2023 10:22:53 GMT
app.min-blessed8.css
www.manoharlaljewellers.in/word/css/blessed/ 		341 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.manoharlaljewellers.in/word/css/blessed/app.min-blessed8.css?z=1541089678609
Requested by
Host: www.manoharlaljewellers.in
URL: https://www.manoharlaljewellers.in/word/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.83.25 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
athena.indiandns.net
Software
LiteSpeed /
Resource Hash
411593ab1a3349dc402a811c80eff87d7cbe2a6f48a7c59e98c26eda19e3d4ff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.manoharlaljewellers.in/word/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:22:53 GMT
content-encoding
br
last-modified
Thu, 31 Aug 2023 17:27:38 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
30948
expires
Mon, 25 Sep 2023 10:22:53 GMT
app.min-blessed7.css
www.manoharlaljewellers.in/word/css/blessed/ 		283 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.manoharlaljewellers.in/word/css/blessed/app.min-blessed7.css?z=1541089678609
Requested by
Host: www.manoharlaljewellers.in
URL: https://www.manoharlaljewellers.in/word/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.83.25 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
athena.indiandns.net
Software
LiteSpeed /
Resource Hash
11385b5fbe86379e5ef5f3e74c5e2e938fb0ef39a899bc684187c80b3e34a1f1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.manoharlaljewellers.in/word/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:22:53 GMT
content-encoding
br
last-modified
Thu, 31 Aug 2023 17:27:38 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
25098
expires
Mon, 25 Sep 2023 10:22:53 GMT
app.min-blessed6.css
www.manoharlaljewellers.in/word/css/blessed/ 		515 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.manoharlaljewellers.in/word/css/blessed/app.min-blessed6.css?z=1541089678609
Requested by
Host: www.manoharlaljewellers.in
URL: https://www.manoharlaljewellers.in/word/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.83.25 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
athena.indiandns.net
Software
LiteSpeed /
Resource Hash
407e6c09aa049f48313e40aa35e8433405f5399624ae9d57ed199006ec398529

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.manoharlaljewellers.in/word/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:22:53 GMT
content-encoding
br
last-modified
Thu, 31 Aug 2023 17:27:38 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
18015
expires
Mon, 25 Sep 2023 10:22:53 GMT
app.min-blessed5.css
www.manoharlaljewellers.in/word/css/blessed/ 		533 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.manoharlaljewellers.in/word/css/blessed/app.min-blessed5.css?z=1541089678609
Requested by
Host: www.manoharlaljewellers.in
URL: https://www.manoharlaljewellers.in/word/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.83.25 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
athena.indiandns.net
Software
LiteSpeed /
Resource Hash
e778b8f3a99aa916cdda4cc8f93f6d33bcb5b5745624b46bbf02833627f5867b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.manoharlaljewellers.in/word/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:22:53 GMT
content-encoding
br
last-modified
Thu, 31 Aug 2023 17:27:38 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
17136
expires
Mon, 25 Sep 2023 10:22:53 GMT
app.min-blessed4.css
www.manoharlaljewellers.in/word/css/blessed/ 		452 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.manoharlaljewellers.in/word/css/blessed/app.min-blessed4.css?z=1541089678609
Requested by
Host: www.manoharlaljewellers.in
URL: https://www.manoharlaljewellers.in/word/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.83.25 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
athena.indiandns.net
Software
LiteSpeed /
Resource Hash
c2a736e58523407bbcbd22def7070fd59d9cd4aa3fa3f34200d47d9afccd1a01

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.manoharlaljewellers.in/word/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:22:53 GMT
content-encoding
br
last-modified
Thu, 31 Aug 2023 17:27:40 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
21553
expires
Mon, 25 Sep 2023 10:22:53 GMT
app.min-blessed3.css
www.manoharlaljewellers.in/word/css/blessed/ 		327 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.manoharlaljewellers.in/word/css/blessed/app.min-blessed3.css?z=1541089678609
Requested by
Host: www.manoharlaljewellers.in
URL: https://www.manoharlaljewellers.in/word/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.83.25 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
athena.indiandns.net
Software
LiteSpeed /
Resource Hash
2913be31136edbc16e417b821cef6f13e2575ea796a532c8f064fc240e0ae2c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.manoharlaljewellers.in/word/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:22:53 GMT
content-encoding
br
last-modified
Thu, 31 Aug 2023 17:27:40 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
25155
expires
Mon, 25 Sep 2023 10:22:53 GMT
app.min-blessed2.css
www.manoharlaljewellers.in/word/css/blessed/ 		378 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.manoharlaljewellers.in/word/css/blessed/app.min-blessed2.css?z=1541089678609
Requested by
Host: www.manoharlaljewellers.in
URL: https://www.manoharlaljewellers.in/word/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.83.25 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
athena.indiandns.net
Software
LiteSpeed /
Resource Hash
3f34f08085abdb01b590c8a02bd6d304b09361e6d26f387fac1e146a5fa802fa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.manoharlaljewellers.in/word/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:22:53 GMT
content-encoding
br
last-modified
Thu, 31 Aug 2023 17:27:40 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
20496
expires
Mon, 25 Sep 2023 10:22:53 GMT
app.min-blessed1.css
www.manoharlaljewellers.in/word/css/blessed/ 		296 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.manoharlaljewellers.in/word/css/blessed/app.min-blessed1.css?z=1541089678609
Requested by
Host: www.manoharlaljewellers.in
URL: https://www.manoharlaljewellers.in/word/css/app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.251.83.25 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
athena.indiandns.net
Software
LiteSpeed /
Resource Hash
78e53212c9d60a4f9f4ea40cce865838e690e7c12f3d1ad4e39d93157bc6438a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.manoharlaljewellers.in/word/css/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:22:54 GMT
content-encoding
br
last-modified
Thu, 31 Aug 2023 17:27:40 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
27605
expires
Mon, 25 Sep 2023 10:22:54 GMT
login.jpg
pub-228fdfa31e01413f8bba932f2c866711.r2.dev/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/images/login.jpg
Requested by
Host: pub-228fdfa31e01413f8bba932f2c866711.r2.dev
URL: https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdc7f46103c785ec2f8320be9178320529885cee3d863c632153a972e1d08ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pub-228fdfa31e01413f8bba932f2c866711.r2.dev/main.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 10:22:54 GMT
Last-Modified
Tue, 05 Sep 2023 15:59:47 GMT
Server
cloudflare
ETag
"cb34a8101ec1a7da54d0c70d4c26330d"
Vary
Accept-Encoding
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8088ded69ff48d96-MIA
Content-Length
16926

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Domain/Path Name / Value
.pub-228fdfa31e01413f8bba932f2c866711.r2.dev/ Name: __cf_mw_byp
Value: x3OJFRRfCgaPmzcUh4z5ietW0uJuAGCaCmLWvjmUtwI-1695032569-0-/main.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pub-228fdfa31e01413f8bba932f2c866711.r2.dev
www.manoharlaljewellers.in
148.251.83.25
2606:4700::6812:323
1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
11385b5fbe86379e5ef5f3e74c5e2e938fb0ef39a899bc684187c80b3e34a1f1
2135fdd0d5513addc838912a2c4e3db19c79f7962ce462408f4a708c38e2b352
2913be31136edbc16e417b821cef6f13e2575ea796a532c8f064fc240e0ae2c7
3f34f08085abdb01b590c8a02bd6d304b09361e6d26f387fac1e146a5fa802fa
407e6c09aa049f48313e40aa35e8433405f5399624ae9d57ed199006ec398529
411593ab1a3349dc402a811c80eff87d7cbe2a6f48a7c59e98c26eda19e3d4ff
43ef3732ddcd32c2c94e1cd73835f45c5f9610521de44689995b36722e462d9e
5e696e91201269e7c2ae030fea54074f00971da28293c3f8c8d1dcaa947194bd
78e53212c9d60a4f9f4ea40cce865838e690e7c12f3d1ad4e39d93157bc6438a
8d1a939bfdd2323107be4cbacd50073e5220eccf1bfc4185bcdb0aff72871dba
b6a46d8a1dd1e7a9992f67b1d852c3f6ccc1e59d632236bde90bb6ee751d0518
bdc7f46103c785ec2f8320be9178320529885cee3d863c632153a972e1d08ffd
c2a736e58523407bbcbd22def7070fd59d9cd4aa3fa3f34200d47d9afccd1a01
c38b7ad7bc0ff24b22651367cf471de681140f7f6a8bce168985e8c0d6460d04
c5739f3304650d32714e427d28f7d9b2cd2d5b1d72248ae817ebe008266d5295
cc1dfafb451e1afe041eb55279b87be4dea1e7596385a6d2f20f07a3b8e33f97
e778b8f3a99aa916cdda4cc8f93f6d33bcb5b5745624b46bbf02833627f5867b
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
fbb029730485fd40489285e1b6355ca7d0c773432aac28b5778ccc9bd77d3ff2