mypsswrd.com Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request e8f55be Show response mypsswrd.com/	545 B 881 B	112ms 55ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mypsswrd.com/e8f55be Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash a415a90b4d64cbe04ad0aca1bd697dcb32e564dc028c9d98dcda632e0433a836 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7148892198f891d5-FRA content-encoding br content-type text/html; charset=UTF-8 date Wed, 01 Jun 2022 14:10:56 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9FIY%2B07s6VUygzSBn2gKHDPnekHDDq9OGbb%2BuPCiXDVmee6Nu0feMPSWB%2F4sMrP36msw4v%2FGP4NGOAIs8TaJwXSC6WDmqPE1KjtgiqUHEYxxlslD%2BXw4JVnHd91pAE0L1Tc6fpoVirmbzg%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.4.16
GET H2	200	NiITq1.js Show response dby7kx9z9yzse.cloudfront.net/	23 KB 7 KB	210ms 183ms	Script application/javascript	2600:9000:223e:9600:d:dc73:ab80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dby7kx9z9yzse.cloudfront.net/NiITq1.js Requested by Host: mypsswrd.com URL: https://mypsswrd.com/e8f55be Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:9600:d:dc73:ab80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8dbcaa593b1d8871e34a605b1a7563d873198b8c4ebfb7b15571eae7af190919 Request headers accept-language de-DE,de;q=0.9 Referer https://mypsswrd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 00:36:52 GMT content-encoding br last-modified Fri, 20 May 2022 16:18:58 GMT server AmazonS3 age 75668 etag W/"5bb52bce4cdc6f88a087fba73d251b85" vary Accept-Encoding x-cache Error from cloudfront content-type application/javascript via 1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 x-amz-cf-id wyTkSvoru8vziZgZy_TfxLF1jAII7DjhAa35qrLIFVwO6PdJsrpXGg==
GET H2	200	html.1248917.da4ec.0.js Show response d3t3bxixsojwre.cloudfront.net/public/external/v2/	9 KB 10 KB	199ms 171ms	Script application/javascript	2600:9000:225e:7000:11:ff71:2680:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3t3bxixsojwre.cloudfront.net/public/external/v2/html.1248917.da4ec.0.js Requested by Host: dby7kx9z9yzse.cloudfront.net URL: https://dby7kx9z9yzse.cloudfront.net/NiITq1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:7000:11:ff71:2680:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 38dde900a46372180a7710c0e982ee7d619f99f0810fb987bf314c5bcc8a4978 Request headers accept-language de-DE,de;q=0.9 Referer https://mypsswrd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 14:10:57 GMT via 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id AOVls2yrVqeXiMZ4GzdNTiuGIdzgejjWH58Tqy-YrhDftUkg1WVCgg==
GET H2	200	css_front.css d3t3bxixsojwre.cloudfront.net/public/external/	6 KB 7 KB	189ms 160ms	Stylesheet text/css	2600:9000:225e:7000:11:ff71:2680:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3t3bxixsojwre.cloudfront.net/public/external/css_front.css Requested by Host: dby7kx9z9yzse.cloudfront.net URL: https://dby7kx9z9yzse.cloudfront.net/NiITq1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:7000:11:ff71:2680:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec Request headers accept-language de-DE,de;q=0.9 Referer https://mypsswrd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 14:10:57 GMT via 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront) last-modified Tue, 23 Jun 2020 20:06:47 GMT server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 etag "19c4-5a8c5e62e9d0a" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 6596 x-amz-cf-id 90FAL3cOmm3ShsGIzs6_dv5MjYyH3uBoRCzpqasiN0lnr2c3PQ5bsw==
GET H2	200	css.css d3t3bxixsojwre.cloudfront.net/public/clockers/CustomButton/	1010 B 1 KB	157ms 157ms	Stylesheet text/css	2600:9000:225e:7000:11:ff71:2680:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3t3bxixsojwre.cloudfront.net/public/clockers/CustomButton/css.css Requested by Host: dby7kx9z9yzse.cloudfront.net URL: https://dby7kx9z9yzse.cloudfront.net/NiITq1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:7000:11:ff71:2680:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de Request headers accept-language de-DE,de;q=0.9 Referer https://mypsswrd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 14:10:57 GMT via 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront) last-modified Fri, 10 Apr 2020 22:29:00 GMT server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 etag "3f2-5a2f7428ae907" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 1010 x-amz-cf-id 18m0qaQpFtPrp35Wtfah1nCLzfI2VBV9b7tWJEDHloieCWXsOG88kQ==
GET H2	200	ct Show response d3t3bxixsojwre.cloudfront.net/public/ Frame 3851	25 KB 25 KB	379ms 379ms	Document text/html	2600:9000:225e:7000:11:ff71:2680:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3t3bxixsojwre.cloudfront.net/public/ct?cpguid=qs477ml4y&it=1248917&w=1600&h=1200&key=da4ec&m=0&r= Requested by Host: dby7kx9z9yzse.cloudfront.net URL: https://dby7kx9z9yzse.cloudfront.net/NiITq1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:7000:11:ff71:2680:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 71041822eb549b2767c9cdcbaf61a880aa0d9eb471701d1401c5048fb02fe38a Request headers Referer https://mypsswrd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, no-transform content-type text/html; charset=UTF-8 date Wed, 01 Jun 2022 14:10:58 GMT expires Sat, 26 Jul 1997 05:00:00 GMT pragma no-cache server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 via 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront) x-amz-cf-id 0Xch700Zv8M7EoMAcp5qr5WF04E9IRTRVgzKU-f3o_SIqBRmPCGfaw== x-amz-cf-pop FRA60-P4 x-cache Miss from cloudfront x-powered-by PHP/7.4.11
GET H2	200	guid Show response d3t3bxixsojwre.cloudfront.net/public/	0 286 B	161ms 161ms	Script text/html	2600:9000:225e:7000:11:ff71:2680:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3t3bxixsojwre.cloudfront.net/public/guid?cpguid=qs477ml4y&e=ll&t=1654092658164 Requested by Host: dby7kx9z9yzse.cloudfront.net URL: https://dby7kx9z9yzse.cloudfront.net/NiITq1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:7000:11:ff71:2680:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://mypsswrd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 14:10:58 GMT via 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 0 x-amz-cf-id ocCPsU8toiz29EnLCJwgphr7yN4FI0hduRmVNRFH_fHDKO4waS4vZw==
GET H2	200	font-awesome.min.css d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/fa/css/ Frame 3851	28 KB 29 KB	52ms 9ms	Stylesheet text/css	2600:9000:223e:1000:1c:b3e3:eb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/fa/css/font-awesome.min.css Requested by Host: d3t3bxixsojwre.cloudfront.net URL: https://d3t3bxixsojwre.cloudfront.net/public/ct?cpguid=qs477ml4y&it=1248917&w=1600&h=1200&key=da4ec&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:1000:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-amz-version-id null via 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront) last-modified Mon, 30 Jan 2017 06:33:55 GMT server AmazonS3 age 43363 etag "4083f5d376eb849a458cc790b53ba080" x-cache Hit from cloudfront content-type text/css date Wed, 01 Jun 2022 02:09:02 GMT x-amz-cf-pop FRA56-P4 accept-ranges bytes content-length 29063 x-amz-cf-id euJL52ndc2pSXmrmhAo3Js6cMMb2Aak2YYqz0ptLTRRzJYdw1tWd5w==
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 3851	49 KB 20 KB	116ms 36ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: d3t3bxixsojwre.cloudfront.net URL: https://d3t3bxixsojwre.cloudfront.net/public/ct?cpguid=qs477ml4y&it=1248917&w=1600&h=1200&key=da4ec&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 2172 date Wed, 01 Jun 2022 13:34:46 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Wed, 01 Jun 2022 15:34:46 GMT
GET H2	200	icon fonts.googleapis.com/ Frame 3851	569 B 869 B	131ms 46ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: d3t3bxixsojwre.cloudfront.net URL: https://d3t3bxixsojwre.cloudfront.net/public/ct?cpguid=qs477ml4y&it=1248917&w=1600&h=1200&key=da4ec&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7107aabf60743d01b5e28d3bcc9f9e285aace410a27567cbb7a8b69f35658c05 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 01 Jun 2022 14:10:58 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Wed, 01 Jun 2022 14:10:58 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 01 Jun 2022 14:10:58 GMT
GET H2	200	1609684417aa7c7acd54da8f8ca27765f9f42e56cd.png d13pxqgp3ixdbh.cloudfront.net/uploads/ Frame 3851	33 KB 33 KB	19ms 18ms	Image image/png	2600:9000:223e:1000:1c:b3e3:eb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d13pxqgp3ixdbh.cloudfront.net/uploads/1609684417aa7c7acd54da8f8ca27765f9f42e56cd.png Requested by Host: d3t3bxixsojwre.cloudfront.net URL: https://d3t3bxixsojwre.cloudfront.net/public/ct?cpguid=qs477ml4y&it=1248917&w=1600&h=1200&key=da4ec&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:1000:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 657c5ce71dfedc3e97bd65befc4d72be4ff10dfa920fa1ead74075b321034775 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-amz-version-id IZwJ5DeFJpu984Ko0QxdAzplKsGEYsGC via 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront) last-modified Sun, 03 Jan 2021 14:33:39 GMT server AmazonS3 age 18340 etag "764a40a494370c191a10a8a7d51dafb2" x-cache Hit from cloudfront content-type image/png date Wed, 01 Jun 2022 09:05:19 GMT x-amz-cf-pop FRA56-P4 accept-ranges bytes content-length 33512 x-amz-cf-id S3MOSxSjH4KX39BkBIzyoqV6CgBBLhfwfSGxcl8SWiNjztVXtpTHGg==
GET H2	200	guid.js Show response d3t3bxixsojwre.cloudfront.net/public/external/ Frame 3851	862 B 1 KB	160ms 160ms	Script application/javascript	2600:9000:225e:7000:11:ff71:2680:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3t3bxixsojwre.cloudfront.net/public/external/guid.js Requested by Host: d3t3bxixsojwre.cloudfront.net URL: https://d3t3bxixsojwre.cloudfront.net/public/ct?cpguid=qs477ml4y&it=1248917&w=1600&h=1200&key=da4ec&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:7000:11:ff71:2680:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash e1996013bea18595368a7d2452d2a96a8a66b59bd08cde2935e36ffa0f985fda Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 14:10:58 GMT via 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront) last-modified Tue, 11 Aug 2020 19:47:27 GMT server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 etag "35e-5ac9f574655f4" x-cache Miss from cloudfront content-type application/javascript accept-ranges bytes content-length 862 x-amz-cf-id gZPJ6IA0FPdLTyvDZFUQXJXwmIs0IL9iqaB_MPkWS3EE5O8qcm0abQ==
GET H2	200	t.js Show response d3t3bxixsojwre.cloudfront.net/public/external/ Frame 3851	2 KB 2 KB	307ms 307ms	Script application/javascript	2600:9000:225e:7000:11:ff71:2680:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3t3bxixsojwre.cloudfront.net/public/external/t.js Requested by Host: d3t3bxixsojwre.cloudfront.net URL: https://d3t3bxixsojwre.cloudfront.net/public/ct?cpguid=qs477ml4y&it=1248917&w=1600&h=1200&key=da4ec&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:7000:11:ff71:2680:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash fff2c7e238400b24472e5d6c529d7f625ec50ec4383ac23d33ca05d9c1f07a7d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 14:10:58 GMT via 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront) last-modified Tue, 21 Jul 2020 08:43:38 GMT server Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 etag "696-5aaef9ea142f5" x-cache Miss from cloudfront content-type application/javascript accept-ranges bytes content-length 1686 x-amz-cf-id IhCYpoLV_vRsfSPU3JPRdu72cb7LoGpTJ-lHhA9GeJ9Jjs93StYbOQ==
GET H2	200	jquery.js Show response d13pxqgp3ixdbh.cloudfront.net/assets/content_lockers/ Frame 3851	95 KB 95 KB	9ms 9ms	Script application/x-javascript	2600:9000:223e:1000:1c:b3e3:eb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d13pxqgp3ixdbh.cloudfront.net/assets/content_lockers/jquery.js Requested by Host: d3t3bxixsojwre.cloudfront.net URL: https://d3t3bxixsojwre.cloudfront.net/public/ct?cpguid=qs477ml4y&it=1248917&w=1600&h=1200&key=da4ec&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:1000:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1711e89a5ab3f0e2d009ab6b171bc8869acd8dd0da785e0dfe60c9c0bca48c6c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers x-amz-version-id null via 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront) last-modified Mon, 30 Jan 2017 06:33:55 GMT server AmazonS3 age 40544 etag "7faa5fa0b997277a94a3c3b02d8be514" x-cache Hit from cloudfront content-type application/x-javascript date Wed, 01 Jun 2022 02:55:36 GMT x-amz-cf-pop FRA56-P4 accept-ranges bytes content-length 97174 x-amz-cf-id MlXiZWsi9F-DK6btGLR5VjB517BZMdwiKX_YFL4vn7oWOJLDJmqS_g==
GET H2	200	check.php Show response d3t3bxixsojwre.cloudfront.net/public/external/ Frame 3851	78 B 373 B	310ms 310ms	Script application/javascript	2600:9000:225e:7000:11:ff71:2680:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3t3bxixsojwre.cloudfront.net/public/external/check.php?time=1654092658539&it=1248917 Requested by Host: d3t3bxixsojwre.cloudfront.net URL: https://d3t3bxixsojwre.cloudfront.net/public/ct?cpguid=qs477ml4y&it=1248917&w=1600&h=1200&key=da4ec&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:7000:11:ff71:2680:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 14:10:58 GMT via 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 78 x-amz-cf-id b4bC_Y5-5Ks0zTZYVk6IfcNMB6RZkQdQgPJbBvoNwh6fyPI28DnZ-w==
GET H2	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 fonts.gstatic.com/s/materialicons/v129/ Frame 3851	124 KB 125 KB	118ms 39ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v129/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/icon?family=Material+Icons Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2d8fbe04b63d3e31f3316706bf9ee8ad684beb9e85739d793e49013b99bd9bb2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://d3t3bxixsojwre.cloudfront.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 31 May 2022 19:59:51 GMT x-content-type-options nosniff age 65467 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 127244 x-xss-protection 0 last-modified Tue, 24 May 2022 18:27:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 31 May 2023 19:59:51 GMT
GET H2	200	impression.php Show response d3t3bxixsojwre.cloudfront.net/public/external/	10 B 307 B	158ms 158ms	Script text/html	2600:9000:225e:7000:11:ff71:2680:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3t3bxixsojwre.cloudfront.net/public/external/impression.php?it=1248917&time=1654092658878 Requested by Host: dby7kx9z9yzse.cloudfront.net URL: https://dby7kx9z9yzse.cloudfront.net/NiITq1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:7000:11:ff71:2680:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 3efc61bcf3a2a65c875e501412e9db8b00b4b554e4351e01fab46c2793e87b3d Request headers accept-language de-DE,de;q=0.9 Referer https://mypsswrd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 14:10:58 GMT via 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 10 x-amz-cf-id FrwfTCLffzwY1rWZstXqDEBY9k1mS_dl4U7VQeL56U-uPc9XMUjxtA==
GET H2	200	guid Show response d3t3bxixsojwre.cloudfront.net/public/	0 287 B	308ms 308ms	Script text/html	2600:9000:225e:7000:11:ff71:2680:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3t3bxixsojwre.cloudfront.net/public/guid?cpguid=qs477ml4y&e=opl&t=1654092658878 Requested by Host: dby7kx9z9yzse.cloudfront.net URL: https://dby7kx9z9yzse.cloudfront.net/NiITq1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:7000:11:ff71:2680:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://mypsswrd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 14:10:59 GMT via 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 0 x-amz-cf-id VXJCipPc9KFBDzCPRWOFj8Ru7iR19rbK4WAJrk8RsCOakutqDUkaCw==
GET H2	200	check.php Show response d3t3bxixsojwre.cloudfront.net/public/external/	78 B 371 B	161ms 161ms	Script application/javascript	2600:9000:225e:7000:11:ff71:2680:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3t3bxixsojwre.cloudfront.net/public/external/check.php?it=1248917&time=1654092659378 Requested by Host: dby7kx9z9yzse.cloudfront.net URL: https://dby7kx9z9yzse.cloudfront.net/NiITq1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:7000:11:ff71:2680:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b Request headers accept-language de-DE,de;q=0.9 Referer https://mypsswrd.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Wed, 01 Jun 2022 14:10:59 GMT via 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 78 x-amz-cf-id 9oyVo-V3asKJx88LB170mMbDWMlFykb0tLKM9ZiyjQp1ze1RcdeKFg==

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mypsswrd.com/	1970-01-20 03:42:36	Name: _cpguid Value: qs477ml4y

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d13pxqgp3ixdbh.cloudfront.net
d3t3bxixsojwre.cloudfront.net
dby7kx9z9yzse.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
mypsswrd.com
www.google-analytics.com
2600:9000:223e:1000:1c:b3e3:eb40:21
2600:9000:223e:9600:d:dc73:ab80:21
2600:9000:225e:7000:11:ff71:2680:21
2a00:1450:4001:800::200e
2a00:1450:4001:812::2003
2a00:1450:4001:82b::200a
2a06:98c1:3121::3
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
1711e89a5ab3f0e2d009ab6b171bc8869acd8dd0da785e0dfe60c9c0bca48c6c
2d8fbe04b63d3e31f3316706bf9ee8ad684beb9e85739d793e49013b99bd9bb2
38dde900a46372180a7710c0e982ee7d619f99f0810fb987bf314c5bcc8a4978
3efc61bcf3a2a65c875e501412e9db8b00b4b554e4351e01fab46c2793e87b3d
657c5ce71dfedc3e97bd65befc4d72be4ff10dfa920fa1ead74075b321034775
71041822eb549b2767c9cdcbaf61a880aa0d9eb471701d1401c5048fb02fe38a
7107aabf60743d01b5e28d3bcc9f9e285aace410a27567cbb7a8b69f35658c05
8dbcaa593b1d8871e34a605b1a7563d873198b8c4ebfb7b15571eae7af190919
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a415a90b4d64cbe04ad0aca1bd697dcb32e564dc028c9d98dcda632e0433a836
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
e1996013bea18595368a7d2452d2a96a8a66b59bd08cde2935e36ffa0f985fda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fff2c7e238400b24472e5d6c529d7f625ec50ec4383ac23d33ca05d9c1f07a7d