urlscan.io logo urlscan.io
SecurityTrails logo

static-ru.insales.ru Open in urlscan Pro
78.155.216.205  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s...
Effective URL: https://static-ru.insales.ru/files/1/72/14426184/original/WEAWEQARER__2_.html
Submission: On November 18 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 9 domains to perform 18 HTTP transactions. The main IP is 78.155.216.205, located in Russian Federation and belongs to SELECTEL-MSK, RU. The main domain is static-ru.insales.ru.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 7th 2020. Valid for: 3 months.
This is the only time static-ru.insales.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.201.56 16509 (AMAZON-02)
5 143.204.201.108 16509 (AMAZON-02)
1 143.204.201.107 16509 (AMAZON-02)
1 2a04:4e42:1b:... 54113 (FASTLY)
1 151.101.14.49 54113 (FASTLY)
1 2a04:4e42:1b:... 54113 (FASTLY)
1 78.155.216.205 50340 (SELECTEL-MSK)
1 3 94.242.61.143 43317 (FISHNET-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 67.202.94.93 32748 (STEADFAST)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
18 13
1    2606:4700::6812:6c24 (United States)

ASN13335 (CLOUDFLARENET, US)
selena7.selz.com
1    143.204.201.56 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-56.fra53.r.cloudfront.net
stores.selzstatic.com
5    143.204.201.108 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-108.fra53.r.cloudfront.net
selzstatic.com
1    143.204.201.107 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-107.fra53.r.cloudfront.net
cdn.selzstatic.com
1    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.polyfill.io
1    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.shr.one
1    2a04:4e42:1b::442 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.plyr.io
1    78.155.216.205 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
static-ru.insales.ru
3    94.242.61.143 (Russian Federation)

ASN43317 (FISHNET-AS, RU)
PTR: server3.server-sz.com
ohhalexnew.shop
1    2606:4700:20::681a:64 (United States)

ASN13335 (CLOUDFLARENET, US)
get.geojs.io
2    67.202.94.93 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
1    2606:4700:10::6816:4bab (United States)

ASN13335 (CLOUDFLARENET, US)
widgets.amung.us
Domain Requested by
5 selzstatic.com selena7.selz.com
3 ohhalexnew.shop 1 redirects static-ru.insales.ru
2 whos.amung.us 1 redirects
1 widgets.amung.us
1 get.geojs.io selena7.selz.com
1 static-ru.insales.ru selena7.selz.com
1 cdn.plyr.io selena7.selz.com
1 cdn.shr.one selena7.selz.com
1 cdn.polyfill.io selena7.selz.com
1 cdn.selzstatic.com selena7.selz.com
1 stores.selzstatic.com selena7.selz.com
1 selena7.selz.com
18 12

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-21 -
2021-07-21		 a year crt.sh
*.selzstatic.com
Amazon		 2020-06-10 -
2021-07-10		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-26 -
2021-04-17		 6 months crt.sh
cdn.shr.one
GlobalSign Atlas R3 DV TLS CA 2020		 2020-11-03 -
2021-12-05		 a year crt.sh
v.ssl.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-11-03 -
2021-04-25		 6 months crt.sh
insales.ru
Let's Encrypt Authority X3		 2020-10-07 -
2021-01-05		 3 months crt.sh
ohhalexnew.shop
cPanel, Inc. Certification Authority		 2020-11-16 -
2021-02-14		 3 months crt.sh
whos.amung.us
Sectigo RSA Domain Validation Secure Server CA		 2020-05-21 -
2022-05-21		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://static-ru.insales.ru/files/1/72/14426184/original/WEAWEQARER__2_.html
Frame ID: 923F4032C96CB30F8D0CFDD144115268
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0n... Page URL
  2. https://static-ru.insales.ru/files/1/72/14426184/original/WEAWEQARER__2_.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

18
Requests

94 %
HTTPS

42 %
IPv6

9
Domains

12
Subdomains

13
IPs

4
Countries

708 kB
Transfer

1503 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg Page URL
  2. https://static-ru.insales.ru/files/1/72/14426184/original/WEAWEQARER__2_.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://ohhalexnew.shop/location HTTP 301
  • https://ohhalexnew.shop/location/
Request Chain 16
  • https://whos.amung.us/widget/mg6z22mgce HTTP 307
  • https://widgets.amung.us/classic/03/314.png

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
selena7.selz.com/ 		59 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6c24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51b39573db4ff92e11f554d07fe4dbb9c2e61ed4bbe7aeed39246cca287cd1e8
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; block-all-mixed-content; form-action https:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
selena7.selz.com
:scheme
https
:path
/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 18 Nov 2020 20:02:04 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=da3fb2c7276e825e869363003640ea61f1605729723; expires=Fri, 18-Dec-20 20:02:03 GMT; path=/; domain=.selz.com; HttpOnly; SameSite=Lax; Secure selz_tracker=rZvHVrBAYkDPiX3RU67qrXe9yT7xWAEK/8dj6P/oH4mM90pS17Lgk3lhIWcxEOhURktKGk1qPYKGZEhHXdn9xY/Fi5Cf2fmHoV/edWuWrLVr4NnzHAK1bTUm9MDBsgCkqR+Vn6CmhUTSmLb0KbSTEB2MQcwWfA5+cZI3tMMIgO/K26n9atyGhilIKBB+vVMkdr55WARv6qdCURZjG0wXJeTKQ/UlOQWaBO9Ulck28H+0ZM4b8uD3LA3ueCYqi9vQhOkfaz6Jb8g4QeCVXiAjZi4Od2BemzVckKqIkJAZXLcLmnnIbWhzBXefWFt2DbixkNudNyyFVE+ctYCIDwft27GbsjlKTu7H3uhjvVyUm7Gx0WcY3HqQ3CQ0UK1of7P9FZ/O9P/YvSAC1iHsKdqm5as2rV0oDrYfCnS+Jm4y260Qcrq7JB1Q6FnPqOYWljyiiUtIO/q2UN19zow1qPSqeyB9qE8w5GmKge0AmycaVcbqYNZluXIGOCiNAm7C4SSWgtkBmkQGozqnFAd0B84p8xF/10sybF8GJtXOo+y+XRyY4LJRr7s7STCSXC8cHEM6/qQesuhNlLlUSmJf+I0OiCe9wr0=; domain=selz.com; path=/; secure; HttpOnly
cache-control
private
content-security-policy
base-uri 'self'; block-all-mixed-content; form-action https:
p3p
CP="This site does not have a p3p policy."
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-selz-cache
MISS
x-selz-shop-id
256145
x-server-name
2196
x-ua-compatible
IE=Edge,chrome=1
x-xss-protection
1; mode=block
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 9b3a0b2647b64bb06aa470977314bbb3.cloudfront.net (CloudFront)
x-amz-cf-pop
TLV50-C1
x-amz-cf-id
9s15SDdpMHAsHjMu-d2wq2A-qsO4-w_pwunwI6FQgk6Li5wAD8h3Gw==
cf-cache-status
DYNAMIC
cf-request-id
067e8c3c0c000063f5b0adf000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5f4449734eaf63f5-FRA
content-encoding
gzip
store.css
stores.selzstatic.com/5a6eaaf8ca4c9d06c0a5538e/1.7.1/assets/ 		80 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stores.selzstatic.com/5a6eaaf8ca4c9d06c0a5538e/1.7.1/assets/store.css
Requested by
Host: selena7.selz.com
URL: https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.56 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-56.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1cc6aba90408b87fa0c657ac660eb52eeebfce8cb80f700b2330cb64efc044d4

Request headers

Referer
https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 10 Aug 2020 00:47:53 GMT
content-encoding
gzip
last-modified
Mon, 10 Aug 2020 00:13:36 GMT
server
AmazonS3
age
8709252
etag
"17a17c742d8bc3ca07aeed5995cb4a6b"
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
15371
via
1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
x-amz-cf-id
UbwrYt1IltPQpdW8pM3TDuGhpmM9i2727vsa1knslaQAY5Qv92TOBw==
store.css
selzstatic.com/assets/20201112-14-[master]/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://selzstatic.com/assets/20201112-14-[master]/css/store.css
Requested by
Host: selena7.selz.com
URL: https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 04:08:39 GMT
content-encoding
gzip
last-modified
Thu, 12 Nov 2020 03:40:03 GMT
server
AmazonS3
age
575607
etag
W/"a43c048c118c71317e26d1b9cc8d4905"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
7hFWL7RybYEett-60apN5pipinlg85NVPNLOHfDg2dIIeH18zHljYA==
via
1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
user.svg
cdn.selzstatic.com/img/defaults/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.selzstatic.com/img/defaults/user.svg
Requested by
Host: selena7.selz.com
URL: https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-107.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8fcbf80d76f8746abc1db6f26940a89fd49a0b140f01e8a4b12e1471e6fbd549

Request headers

Referer
https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Sep 2020 06:05:46 GMT
content-encoding
gzip
last-modified
Mon, 25 Nov 2019 06:22:34 GMT
server
AmazonS3
age
5406979
etag
W/"42864ce427e0a256b81f418aff052470"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
WaeokewF4OzVgB7uzj33CyQJaML_PgPrxecjVRtPEJDLNetI5O2QIQ==
via
1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
polyfill.min.js
cdn.polyfill.io/v3/ 		72 B
484 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v3/polyfill.min.js?features=Promise,CustomEvent,URL,Set,IntersectionObserver,requestAnimationFrame,navigator.sendBeacon,Array.prototype.includes,Array.prototype.find,Array.prototype.findIndex,Array.prototype.fill,Array.prototype.keys,Array.from,Element.prototype.closest,Element.prototype.classlist,Element.prototype.matches,String.prototype.endsWith,String.prototype.startsWith,String.prototype.includes,Number.isNaN,Object.assign,Object.entries,Object.keys,Object.values,Intl.~locale.en&flags=gated
Requested by
Host: selena7.selz.com
URL: https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
251708
detected-user-agent
Chrome/83.0.4103
status
200
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
74
referrer-policy
origin-when-cross-origin
last-modified
Sun, 15 Nov 2020 11:26:15 GMT
date
Wed, 18 Nov 2020 20:02:05 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/83.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
vendor.js
selzstatic.com/assets/20201112-14-[master]/js/ 		122 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://selzstatic.com/assets/20201112-14-[master]/js/vendor.js
Requested by
Host: selena7.selz.com
URL: https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 04:08:39 GMT
content-encoding
gzip
last-modified
Thu, 12 Nov 2020 03:40:08 GMT
server
AmazonS3
age
575607
etag
W/"08c82bdd7a777e34f8d0aacc9345a0b5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
lfPvZ728H_2fv8NEamxxUFJFZC-OlIlpOXLJjeWXhBZB7l55MDdFVg==
via
1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
locale.en.js
selzstatic.com/assets/20201112-14-[master]/js/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://selzstatic.com/assets/20201112-14-[master]/js/locale.en.js
Requested by
Host: selena7.selz.com
URL: https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 04:08:39 GMT
content-encoding
gzip
last-modified
Thu, 12 Nov 2020 03:40:06 GMT
server
AmazonS3
age
575607
etag
W/"36278906a8479b6a25e3123d6f2e74c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
Sw73p52LFzdAxP3FvFw_v4r619Nq-NNu4U1XjEHJK5NlOarIpVVP0g==
via
1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
core.js
selzstatic.com/assets/20201112-14-[master]/js/ 		175 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://selzstatic.com/assets/20201112-14-[master]/js/core.js
Requested by
Host: selena7.selz.com
URL: https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 04:08:39 GMT
content-encoding
gzip
last-modified
Thu, 12 Nov 2020 03:40:04 GMT
server
AmazonS3
age
575607
etag
W/"f1793c42105dcb06355b4032a16a84a9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
jByCn2gMKMS2lRibh6mICNjJxvJEX-hszlSF6eRNfKKUkeIfu9tRoQ==
via
1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
store.js
selzstatic.com/assets/20201112-14-[master]/js/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://selzstatic.com/assets/20201112-14-[master]/js/store.js
Requested by
Host: selena7.selz.com
URL: https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.108 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-108.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 12 Nov 2020 04:08:39 GMT
content-encoding
gzip
last-modified
Thu, 12 Nov 2020 03:40:08 GMT
server
AmazonS3
age
575607
etag
W/"a663d07ca3e7e7996f22ce8c2f68d739"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
pXUdAT74y8D6Rpc8tCaGL3dgPeRKyWgzdmtLOtBCQQUFNhFirmkzsA==
via
1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
shr.js
cdn.shr.one/2.0.3/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shr.one/2.0.3/shr.js
Requested by
Host: selena7.selz.com
URL: https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 20:02:05 GMT
content-encoding
gzip
age
536712
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
status
200
content-length
3821
x-amz-id-2
vNr3ESAXg7Gl5UHooHJ0Dsxy/s1C+ZxXX49YPwmYgHDCSgnKl0HggPGGGtngOFqo9LnjB8UVk/4=
x-served-by
cache-dca17764-DCA, cache-fra19131-FRA
last-modified
Thu, 20 Jun 2019 22:51:07 GMT
server
AmazonS3
x-timer
S1605729725.477056,VS0,VE1
etag
"20d8027b1e0f378acd2f22ee4a187ce8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-request-id
DP8PFVDK7H0XDK6R
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 1
plyr.polyfilled.js
cdn.plyr.io/3.6.2/ 		188 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.plyr.io/3.6.2/plyr.polyfilled.js
Requested by
Host: selena7.selz.com
URL: https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::442 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 20:02:05 GMT
content-encoding
gzip
age
17046128
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
status
200
content-length
59193
x-amz-id-2
sE1kUxFqp02NFZKnMr7ZH7SQtzUru7iMWixv2Wsn+EPAjccSYte3CFEkCsGdJreQRAlPhYqToHk=
x-served-by
cache-dca17766-DCA, cache-hhn4061-HHN
last-modified
Mon, 04 May 2020 11:36:28 GMT
server
AmazonS3
x-timer
S1605729725.451517,VS0,VE0
etag
"f6c87d6145f0c018fb06f1c3ce8f27e6"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
x-amz-request-id
386DE21213877F1F
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Date, Cache-Control, Content-Type, Accept, Origin, Accept
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 2221
bundle.js
stores.selzstatic.com/5a6eaaf8ca4c9d06c0a5538e/1.7.1/assets/ 		0
0
Primary Request WEAWEQARER__2_.html
static-ru.insales.ru/files/1/72/14426184/original/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static-ru.insales.ru/files/1/72/14426184/original/WEAWEQARER__2_.html
Requested by
Host: selena7.selz.com
URL: https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.155.216.205 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software
nginx /
Resource Hash
5a3a49ea8ff3a8a3d382088e3a5ae96eb86b09219a055a3eed2cb4300471795a

Request headers

:method
GET
:authority
static-ru.insales.ru
:scheme
https
:path
/files/1/72/14426184/original/WEAWEQARER__2_.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg

Response headers

status
200
server
nginx
date
Wed, 18 Nov 2020 20:02:05 GMT
content-type
text/html; charset=utf-8
cache-control
max-age=315360000
etag
W/"8fc5e468edba73d36303d00a0f3991d9"
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Tue, 17 Nov 2020 11:08:49 GMT
x-amz-request-id
6f41ed62d9c3672f
x-amz-version-id
null
x-yc-s3-cloud-id
b1gt21sq1b4mg9du3i18
x-yc-s3-folder-id
b1g6eaur254uopocucgl
cache-status
HIT
fallback-to
another-cache
content-encoding
gzip
/
ohhalexnew.shop/ 		717 KB
499 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ohhalexnew.shop/?api=1&lan=facebooknew&ht=1&counter0=mg6z22mgce
Requested by
Host: static-ru.insales.ru
URL: https://static-ru.insales.ru/files/1/72/14426184/original/WEAWEQARER__2_.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.242.61.143 , Russian Federation, ASN43317 (FISHNET-AS, RU),
Reverse DNS
server3.server-sz.com
Software
LiteSpeed /
Resource Hash
cd7e59f796026dfd2bc434342ecae966cbe50eebe02f08159f0aafcc76686e2e

Request headers

Referer
https://static-ru.insales.ru/files/1/72/14426184/original/WEAWEQARER__2_.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Nov 2020 20:02:02 GMT
content-encoding
br
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
no-store, no-cache, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
ohhalexnew.shop/location/
Redirect Chain
  • https://ohhalexnew.shop/location
  • https://ohhalexnew.shop/location/
1 KB
552 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ohhalexnew.shop/location/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
94.242.61.143 , Russian Federation, ASN43317 (FISHNET-AS, RU),
Reverse DNS
server3.server-sz.com
Software
LiteSpeed /
Resource Hash
1137c9698743959bbb479a8bf47e98f731d8a15f5396ecf095f732e260372a24

Request headers

Referer
https://static-ru.insales.ru/files/1/72/14426184/original/WEAWEQARER__2_.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 20:02:03 GMT
content-encoding
br
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=604800
content-length
435
expires
Wed, 25 Nov 2020 20:02:03 GMT

Redirect headers

status
301
date
Wed, 18 Nov 2020 20:02:02 GMT
server
LiteSpeed
content-length
706
location
https://ohhalexnew.shop/location/
content-type
text/html
geo.json
get.geojs.io/v1/ip/ 		304 B
965 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://get.geojs.io/v1/ip/geo.json
Requested by
Host: selena7.selz.com
URL: https://selena7.selz.com/?fbclid=IwAR2CpiuvV_ry3qXMG-lNIjcg4Az_zeLntsDUL5Kc7GO3OVCuyom3lZi4FcQ&h=AT0nZhnQAiWf54P3UwTjiD3s3LwAJyy61GSKiHMks2xcUBgG-8zAwUrfaTypJae7vQ7IWNqjqyXwhvtoLQEiXQlmmv_Z4SYvIkzWM4Vb07y--GoNjscukg6KD6EzbkHQrdOGyg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f8a51a3627d47f033bb3e8baee3ab6b74a07781b930a5204b1ede5f1975b55e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://static-ru.insales.ru/files/1/72/14426184/original/WEAWEQARER__2_.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 20:02:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
status
200
access-control-allow-methods
GET
cf-request-id
067e8c46a400000614c73ed000000001
x-request-id
cb0411e952a5c02a63559c3d379ea1cc-AMS
x-geojs-location
AMS
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yHPPql1j3EvA3gQneKhH5n4EeUnRq8ekwEoYxkzo1OuysH3L566wrSjUqEwPl%2FkunvPbk5Pj3b5vl6Tb1fHK5iH8DyOacSMZOVfgWcNaKCho7%2BB3UapnCt4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
cf-ray
5f4449843f280614-FRA
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
314.png
widgets.amung.us/classic/03/
Redirect Chain
  • https://whos.amung.us/widget/mg6z22mgce
  • https://widgets.amung.us/classic/03/314.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/classic/03/314.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb0da80986ca698b37f56a230d33580e72f159d60a4a08e016f756a6bbbdcef8

Request headers

Referer
https://static-ru.insales.ru/files/1/72/14426184/original/WEAWEQARER__2_.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 18 Nov 2020 20:02:06 GMT
cf-cache-status
HIT
age
126824
status
200
content-length
1566
cf-request-id
067e8c48460000d6c94b2ce000000001
last-modified
Sun, 13 Jun 2010 09:03:09 GMT
server
cloudflare
etag
"4c149ecd-61e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
cf-ray
5f444986dcc0d6c9-FRA
expires
Wed, 18 Nov 2020 08:48:22 GMT

Redirect headers

status
307
date
Wed, 18 Nov 2020 20:02:06 GMT
cache-control
no-cache, no-store, must-revalidate
location
https://widgets.amung.us/classic/03/314.png
content-type
text/html; charset=UTF-8
xxx
whos.amung.us/widget/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://whos.amung.us/widget/xxx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.94.93 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://static-ru.insales.ru/files/1/72/14426184/original/WEAWEQARER__2_.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
truncated
/ 		51 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7281941fed81ed9caf5728727e05da4a94b442c36796e1a5b1d6106f242ed11f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stores.selzstatic.com
URL
https://stores.selzstatic.com/5a6eaaf8ca4c9d06c0a5538e/1.7.1/assets/bundle.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| bannedips string| ip object| handleips function| sh boolean| IS_MOBILE number| limit_bot string| object string| type string| OUTPUT object| ___ object| params number| tt undefined| to_object string| a function| checking function| creatingInput function| searchingForms

0 Cookies

6 Console Messages

Source Level URL
Text
console-api log URL: https://ohhalexnew.shop/?api=1&lan=facebooknew&ht=1&counter0=mg6z22mgce(Line 89)
Message:
[object HTMLScriptElement]
console-api log URL: https://ohhalexnew.shop/?api=1&lan=facebooknew&ht=1&counter0=mg6z22mgce(Line 89)
Message:
[object HTMLScriptElement]
console-api log URL: https://ohhalexnew.shop/?api=1&lan=facebooknew&ht=1&counter0=mg6z22mgce(Line 89)
Message:
[object HTMLScriptElement]
console-api log URL: https://ohhalexnew.shop/?api=1&lan=facebooknew&ht=1&counter0=mg6z22mgce(Line 89)
Message:
[object HTMLScriptElement]
console-api log URL: https://ohhalexnew.shop/?api=1&lan=facebooknew&ht=1&counter0=mg6z22mgce(Line 89)
Message:
[object HTMLScriptElement]
console-api log URL: https://ohhalexnew.shop/?api=1&lan=facebooknew&ht=1&counter0=mg6z22mgce(Line 89)
Message:
[object HTMLScriptElement]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self'; block-all-mixed-content; form-action https:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block