www.infinitymarketsystems.com Open in urlscan Pro
35.202.21.90 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://infinitymarketsystems.com/
Effective URL:
https://www.infinitymarketsystems.com/
Submission: On January 30 via api (January 30th 2024, 10:40:35 pm UTC) from US — Scanned from US

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 1 countries across 8 domains to perform 18 HTTP transactions. The main IP is 35.202.21.90, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.infinitymarketsystems.com.
TLS certificate: Issued by R3 on January 6th 2024. Valid for: 3 months.

This is the only time www.infinitymarketsystems.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
2 2	192.124.249.8 192.124.249.8	30148 (SUCURI-SEC) (SUCURI-SEC)
1	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.107.203.240 34.107.203.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f8b0:400... 2607:f8b0:4004:c08::5f	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4004:c1d::84	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c09::5e	15169 (GOOGLE) (GOOGLE)
4	35.192.151.63 35.192.151.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
18	7

2 192.124.249.8 (Menifee, United States) 2 redirects

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10008.sucuri.net

infinitymarketsystems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

www.infinitymarketsystems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com

static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.lpcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c1d::84 (Washington, United States)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 46	285 KB
4	leadpages.io api.leadpages.io — Cisco Umbrella Rank: 40531	2 KB
3	infinitymarketsystems.com 2 redirects infinitymarketsystems.com www.infinitymarketsystems.com	34 KB
2	gstatic.com fonts.gstatic.com	43 KB
2	center.io js.center.io — Cisco Umbrella Rank: 47100	8 KB
1	lpcontent.net embed.lpcontent.net — Cisco Umbrella Rank: 57769	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	946 B
1	leadpages.net static.leadpages.net — Cisco Umbrella Rank: 46777	26 KB
18	8

	Domain	Requested by
6	lh3.googleusercontent.com	www.infinitymarketsystems.com
4	api.leadpages.io	js.center.io embed.lpcontent.net
2	fonts.gstatic.com	fonts.googleapis.com
2	js.center.io	www.infinitymarketsystems.com js.center.io
2	infinitymarketsystems.com	2 redirects
1	embed.lpcontent.net	www.infinitymarketsystems.com
1	fonts.googleapis.com	www.infinitymarketsystems.com
1	static.leadpages.net	www.infinitymarketsystems.com
1	www.infinitymarketsystems.com
18	9

This site contains no links.

Subject Issuer	Validity	Valid
www.infinitymarketsystems.com R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
static.leadpages.net GTS CA 1D4	`2023-12-14` - `2024-03-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
embed.lpcontent.net GTS CA 1D4	`2024-01-28` - `2024-04-27`	3 months	crt.sh
js.center.io GTS CA 1D4	`2024-01-04` - `2024-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.leadpages.io R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.infinitymarketsystems.com/
Frame ID: FC1E6FABDD19E5DAB86668923CCE3660
Requests: 17 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 48B1B7D68CBAE3F92B3639C29E8AE779
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Page URL History Show full URLs

http://infinitymarketsystems.com/ HTTP 301
https://infinitymarketsystems.com/ HTTP 302
https://www.infinitymarketsystems.com/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

18
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

9
Subdomains

7
IPs

1
Countries

412 kB
Transfer

644 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://infinitymarketsystems.com/ HTTP 301
https://infinitymarketsystems.com/ HTTP 302
https://www.infinitymarketsystems.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.infinitymarketsystems.com/
Redirect Chain

http://infinitymarketsystems.com/
https://infinitymarketsystems.com/
https://www.infinitymarketsystems.com/

155 KB
33 KB

394ms
133ms

Document
text/html

35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infinitymarketsystems.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

ac1908afe29de0d21e6196d4065c56480df59a513166ba15302f9b509d4f5a5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Tue, 30 Jan 2024 22:40:26 GMT
etag: W/"8a3b88bcb15dddfb1e03b33b778467b5"
last-modified: Sat, 27 Jan 2024 19:57:04 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

Redirect headers

content-length: 142
content-security-policy: upgrade-insecure-requests;
content-type: text/html
date: Tue, 30 Jan 2024 22:40:25 GMT
location: https://www.infinitymarketsystems.com/
server: nginx
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-sucuri-cache: EXPIRED
x-sucuri-id: 17008
x-xss-protection: 1; mode=block

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/6.4.2/css/ 100 KB
26 KB 143ms
37ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/6.4.2/css/all.min.css
Requested by: Host: www.infinitymarketsystems.com
URL: https://www.infinitymarketsystems.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:34:26 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 2243160
etag: "nt2STQ"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 17fd9359f631a70a75edaebdd497d321
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26836
expires: Fri, 03 Jan 2025 23:34:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
946 B 188ms
68ms Stylesheet
text/css 2607:f8b0:4004:c08::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow:300,400,500,700

Requested by

Host: www.infinitymarketsystems.com
URL: https://www.infinitymarketsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

365f7cfff17501064f6049c1db223f27cac4a20afdb9e2e001743f975f37b5f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.infinitymarketsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 30 Jan 2024 22:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 22:40:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 30 Jan 2024 22:40:26 GMT

GET
H2 200 ORCBC9fjvRl5oUI3_xX5uPFw2a0_RMnwL2PUOxmmfWWQSTdLU5mEF4nMN6JF8GjbKJzKuaqxwvKbgVwxtkrfKI65BjtsZjABFr4=w150
lh3.googleusercontent.com/ 39 KB
40 KB 196ms
77ms Image
image/png 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ORCBC9fjvRl5oUI3_xX5uPFw2a0_RMnwL2PUOxmmfWWQSTdLU5mEF4nMN6JF8GjbKJzKuaqxwvKbgVwxtkrfKI65BjtsZjABFr4=w150

Requested by

Host: www.infinitymarketsystems.com
URL: https://www.infinitymarketsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d5f64063396947d5845bfa4d93dc5bcfdf52ad88acc03142a8263b62006d7941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.infinitymarketsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 22:40:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40391
x-xss-protection: 0
expires: Wed, 31 Jan 2024 22:40:26 GMT

GET
H2 200 embed.js Show response
embed.lpcontent.net/leadboxes/current/ 42 KB
15 KB 151ms
40ms Script
application/javascript 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Requested by: Host: www.infinitymarketsystems.com
URL: https://www.infinitymarketsystems.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.infinitymarketsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 22:38:22 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 124
etag: "EqK-AA"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 7939d5e4ed31a7b9cbca2fc5d2623204
cache-control: public, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14811
expires: Tue, 30 Jan 2024 22:43:22 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
5 KB 178ms
49ms Script
application/javascript 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: www.infinitymarketsystems.com
URL: https://www.infinitymarketsystems.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.infinitymarketsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 22:39:28 GMT
content-encoding: gzip
server: Google Frontend
age: 58
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: 2c296a80718629ed3ebb56654e24ba75
cache-control: public, max-age=300
content-length: 5417
expires: Tue, 30 Jan 2024 22:44:28 GMT

GET
H2 200 S6jubWIuK7sqcSIt_i9Oi9EWuc_tRyhA36_agNkOQL7AhyjC_-hLHF33VRxV8aY0RKwLagaV_1ofWVZBfZ5vfg=s16
lh3.googleusercontent.com/ 512 B
614 B 79ms
77ms Image
image/jpeg 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/S6jubWIuK7sqcSIt_i9Oi9EWuc_tRyhA36_agNkOQL7AhyjC_-hLHF33VRxV8aY0RKwLagaV_1ofWVZBfZ5vfg=s16

Requested by

Host: www.infinitymarketsystems.com
URL: https://www.infinitymarketsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

db35f89b8029326c7c16c9c3e6f6d2c8e1fc2d89abcc1f0164ca5a4fd46f6fd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.infinitymarketsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 22:40:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 512
x-xss-protection: 0
expires: Wed, 31 Jan 2024 22:40:26 GMT

GET
H2 200 PsU_isOhgGLZp5ku66gy6QNJu-_XIPjwdDw3-p9KZMKOqakdKHpNjA_IQiXHTeZQUvVKAQb3Q7XeCcm12OkL5g=w16
lh3.googleusercontent.com/ 414 B
485 B 80ms
79ms Image
image/png 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/PsU_isOhgGLZp5ku66gy6QNJu-_XIPjwdDw3-p9KZMKOqakdKHpNjA_IQiXHTeZQUvVKAQb3Q7XeCcm12OkL5g=w16

Requested by

Host: www.infinitymarketsystems.com
URL: https://www.infinitymarketsystems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8522911591e2748542eeb8ab150487fa2549fbda203c352b2ff127ceeced7e9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.infinitymarketsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 22:40:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 414
x-xss-protection: 0
expires: Wed, 31 Jan 2024 22:40:26 GMT

GET
H2 200 7cHqv4kjgoGqM7E3t-4s51os.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 241ms
112ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.infinitymarketsystems.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 22:33:46 GMT
x-content-type-options: nosniff
age: 400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21724
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 22:33:46 GMT

GET
H2 200 7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ 21 KB
21 KB 188ms
60ms Font
font/woff2 2607:f8b0:4004:c09::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Barlow:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.infinitymarketsystems.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 17:38:48 GMT
x-content-type-options: nosniff
age: 450098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21144
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 17:38:48 GMT

GET
H3 200 S6jubWIuK7sqcSIt_i9Oi9EWuc_tRyhA36_agNkOQL7AhyjC_-hLHF33VRxV8aY0RKwLagaV_1ofWVZBfZ5vfg=w1600
lh3.googleusercontent.com/ 192 KB
192 KB 83ms
82ms Image
image/jpeg 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/S6jubWIuK7sqcSIt_i9Oi9EWuc_tRyhA36_agNkOQL7AhyjC_-hLHF33VRxV8aY0RKwLagaV_1ofWVZBfZ5vfg=w1600

Requested by

Host: www.infinitymarketsystems.com
URL: https://www.infinitymarketsystems.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

44ad02af0a3f1e53d67194c995d38b506551b400194fc60367f454d65407208d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.infinitymarketsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 22:40:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 196953
x-xss-protection: 0
expires: Wed, 31 Jan 2024 22:40:26 GMT

GET
H3 200 PsU_isOhgGLZp5ku66gy6QNJu-_XIPjwdDw3-p9KZMKOqakdKHpNjA_IQiXHTeZQUvVKAQb3Q7XeCcm12OkL5g=w375
lh3.googleusercontent.com/ 12 KB
12 KB 75ms
74ms Image
image/png 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/PsU_isOhgGLZp5ku66gy6QNJu-_XIPjwdDw3-p9KZMKOqakdKHpNjA_IQiXHTeZQUvVKAQb3Q7XeCcm12OkL5g=w375

Requested by

Host: www.infinitymarketsystems.com
URL: https://www.infinitymarketsystems.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7130a20b7b38547c276666843bc49b625406082f5a93a315ec59e2f2792c3dc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.infinitymarketsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 22:40:26 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12533
x-xss-protection: 0
expires: Wed, 31 Jan 2024 22:40:26 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame 48B1 4 KB
2 KB 54ms
46ms Document
text/html 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://www.infinitymarketsystems.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 250
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Tue, 30 Jan 2024 22:36:16 GMT
etag: "OMWYXg"
expires: Tue, 30 Jan 2024 22:41:16 GMT
server: Google Frontend
x-cloud-trace-context: 4af405e285874a063fc8555670842a13

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
690 B 600ms
78ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=site&l=XtCpVe9YaHieYbK9WiG5D3%3A801a6534-510a-6357-e73d-e3acbd11f697&v=&e=&st=&lc=en-US&pid=3cH2XsEdegVBnrF2duHDDG-default-prop&uid=grsZr2WbM9ycobBMvefzPX&sid=w8ZVsN2tQNLtyw7Kxa2U5C&cid=site-XtCpVe9YaHieYbK9WiG5D3%3A801a6534-510a-6357-e73d-e3acbd11f697&uri=https%3A%2F%2Fwww.infinitymarketsystems.com%2F&rf=&rx=1600&ry=1200&tz=-10%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.infinitymarketsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 22:40:27 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://www.infinitymarketsystems.com
X-Forwarded-For: 38.132.118.70
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 0122mam6kjvt5d969e8g

GET
H/1.1 200
OK capture
api.leadpages.io/analytics/v1/observations/ 35 B
355 B 489ms
68ms Image
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=0,216,134,395,7,399,601,606,992,992
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.infinitymarketsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 22:40:27 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 38.132.118.70
Content-Type: image/gif
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 0122mbdgrtgouchr9lug

GET
H3 200 ORCBC9fjvRl5oUI3_xX5uPFw2a0_RMnwL2PUOxmmfWWQSTdLU5mEF4nMN6JF8GjbKJzKuaqxwvKbgVwxtkrfKI65BjtsZjABFr4=w150
lh3.googleusercontent.com/ 39 KB
39 KB 75ms
74ms Image
image/png 2607:f8b0:4004:c1d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ORCBC9fjvRl5oUI3_xX5uPFw2a0_RMnwL2PUOxmmfWWQSTdLU5mEF4nMN6JF8GjbKJzKuaqxwvKbgVwxtkrfKI65BjtsZjABFr4=w150

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d5f64063396947d5845bfa4d93dc5bcfdf52ad88acc03142a8263b62006d7941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.infinitymarketsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 22:40:27 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40391
x-xss-protection: 0
expires: Wed, 31 Jan 2024 22:40:27 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
452 B 235ms
79ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=9N9qYkdLjKhqA6VjXA2ttf&kind=timer&label=lb_embed_embed_script_load&value=339.69999980926514
Requested by: Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.infinitymarketsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 22:40:27 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://www.infinitymarketsystems.com
X-Forwarded-For: 38.132.118.70
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 0121vafqslmr4fjsqbi0

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
452 B 69ms
68ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=3h8oKjaYEDFPYhTFCj4zoJ&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=184.5999994277954,123.80000019073486,1,601.3000001907349
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.infinitymarketsystems.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 30 Jan 2024 22:40:31 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://www.infinitymarketsystems.com
X-Forwarded-For: 38.132.118.70
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 0122mbm2u2uv2ih8ctng

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.api.leadpages.io/analytics/v1/events/capture	1970-01-20 18:05:40	Name: view.3cH2XsEdegVBnrF2duHDDG-default-prop.XtCpVe9YaHieYbK9WiG5D3 Value: 1706654427000
			js.center.io/	1970-01-21 03:40:14	Name: centerVisitorId Value: grsZr2WbM9ycobBMvefzPX

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.leadpages.io
embed.lpcontent.net
fonts.googleapis.com
fonts.gstatic.com
infinitymarketsystems.com
js.center.io
lh3.googleusercontent.com
static.leadpages.net
www.infinitymarketsystems.com
192.124.249.8
2001:4860:4802:32::15
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c1d::84
34.107.203.240
35.192.151.63
35.202.21.90
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
365f7cfff17501064f6049c1db223f27cac4a20afdb9e2e001743f975f37b5f3
44ad02af0a3f1e53d67194c995d38b506551b400194fc60367f454d65407208d
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7130a20b7b38547c276666843bc49b625406082f5a93a315ec59e2f2792c3dc6
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
8522911591e2748542eeb8ab150487fa2549fbda203c352b2ff127ceeced7e9d
ac1908afe29de0d21e6196d4065c56480df59a513166ba15302f9b509d4f5a5d
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
d5f64063396947d5845bfa4d93dc5bcfdf52ad88acc03142a8263b62006d7941
db35f89b8029326c7c16c9c3e6f6d2c8e1fc2d89abcc1f0164ca5a4fd46f6fd5

www.infinitymarketsystems.com Open in urlscan Pro 35.202.21.90 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

50 %IPv6

8 Domains

9 Subdomains

7 IPs

1 Countries

412 kBTransfer

644 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

16 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

www.infinitymarketsystems.com Open in urlscan Pro
35.202.21.90 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

9
Subdomains

7
IPs

1
Countries

412 kB
Transfer

644 kB
Size

2
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!