mirrors.cpabuild.com Open in urlscan Pro
2606:4700:20::681a:daf  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request locker.php Show response mirrors.cpabuild.com/public/	514 B 908 B	700ms 676ms	Document text/html	2606:4700:20::681a:daf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mirrors.cpabuild.com/public/locker.php?it=1294420&key=6faf4&preview=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:daf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.11 Resource Hash 5d0aa1c178d9562db3e14025753328ff2e880ed67bdccd0cb5366c58c24d1438 Request headers :method GET :authority mirrors.cpabuild.com :scheme https :path /public/locker.php?it=1294420&key=6faf4&preview=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 11:59:04 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=da1ae6df70c2648d7959b36fac1cabafd1618142344; expires=Tue, 11-May-21 11:59:04 GMT; path=/; domain=.cpabuild.com; HttpOnly; SameSite=Lax x-powered-by PHP/7.4.11 cf-cache-status DYNAMIC cf-request-id 096265cc6f0000536983283000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yZ2oHhFj3brOdYM2X%2FRDRcUTXEfOgPCuvpaHNQBs5j%2BSC1P6JWPJOJyTavLqOCF2yJ8k%2Bs2fR9awkcRk1ijpW%2Bu8VP51%2B9RpuLHApGNE8P%2BkeX2%2BwF2uSQYtdJYKXmlnyA%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"max_age":604800,"report_to":"cf-nel"} server cloudflare cf-ray 63e40bf3ef375369-FRA content-encoding br
GET H2	200	locker.js Show response mirrors.cpabuild.com/public/external/	23 KB 7 KB	17ms 17ms	Script application/javascript	2606:4700:20::681a:daf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mirrors.cpabuild.com/public/external/locker.js Requested by Host: mirrors.cpabuild.com URL: https://mirrors.cpabuild.com/public/locker.php?it=1294420&key=6faf4&preview=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:daf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae1df32f028cc1ab83471711b69773c079ad4fe2bb80cc510e5a1c7d15de5831 Request headers Referer https://mirrors.cpabuild.com/public/locker.php?it=1294420&key=6faf4&preview=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 11:59:04 GMT content-encoding br cf-cache-status HIT last-modified Sun, 25 Oct 2020 08:45:14 GMT server cloudflare age 7112 etag W/"5b8f-5b27ad51d4b1c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dyrxHkCfIII3GdeDGzqCNK5hl5Ey630y4P5dgAYek5JzDZiUCJNKHXU%2FERrYeDgO57dhU8O4qjFHzygHTXDGWjdGxFZ78bsZO1T17XSK%2F8OmTgk6HEceOuxOvyclw9ZLLA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=691200 nel {"max_age":604800,"report_to":"cf-nel"} cf-ray 63e40bf82f045369-FRA cf-request-id 096265cf16000053693b282000000001
GET H2	200	preview.1294420.6faf4.0.js Show response d1xkyo9j4r7vnn.cloudfront.net/public/external/v2/	20 KB 20 KB	374ms 335ms	Script application/javascript	2600:9000:2104:9400:1a:60a5:c0c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1xkyo9j4r7vnn.cloudfront.net/public/external/v2/preview.1294420.6faf4.0.js?t=1618142345003 Requested by Host: mirrors.cpabuild.com URL: https://mirrors.cpabuild.com/public/external/locker.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:9400:1a:60a5:c0c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 38cd341f720a241af44ec584076470d5d21e5877942e3b46e6007270e646063a Request headers Referer https://mirrors.cpabuild.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 11:59:05 GMT via 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront) server Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop AMS1-C1 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id 28P_xXFTqg875e1NLv_38SEgLA-eWP3mJduFqZTon8hyXox9097KtQ==
GET H2	200	css_front.css d1xkyo9j4r7vnn.cloudfront.net/public/external/	6 KB 7 KB	338ms 298ms	Stylesheet text/css	2600:9000:2104:9400:1a:60a5:c0c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1xkyo9j4r7vnn.cloudfront.net/public/external/css_front.css Requested by Host: mirrors.cpabuild.com URL: https://mirrors.cpabuild.com/public/external/locker.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:9400:1a:60a5:c0c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec Request headers Referer https://mirrors.cpabuild.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 11:59:05 GMT via 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront) last-modified Tue, 23 Jun 2020 20:06:50 GMT server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop AMS1-C1 etag "19c4-5a8c5e6567f21" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 6596 x-amz-cf-id RO66fHjj4kE1FDYBDHTIOyTrFltYv6tNmLCgCCN7OhvoRCLOjmv0Lg==
GET H2	200	css.css d1xkyo9j4r7vnn.cloudfront.net/public/clockers/CustomButton/	1010 B 1 KB	156ms 155ms	Stylesheet text/css	2600:9000:2104:9400:1a:60a5:c0c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1xkyo9j4r7vnn.cloudfront.net/public/clockers/CustomButton/css.css Requested by Host: mirrors.cpabuild.com URL: https://mirrors.cpabuild.com/public/external/locker.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:9400:1a:60a5:c0c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de Request headers Referer https://mirrors.cpabuild.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 11:59:05 GMT via 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront) last-modified Fri, 10 Apr 2020 22:29:00 GMT server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop AMS1-C1 etag "3f2-5a2f7428ae907" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 1010 x-amz-cf-id gIAQKbQKtMGKkavHCCtrSQMqtJ1T91_KN-_UXD2SokVsiRV_6_dZzw==
GET H2	200	ct Show response d1xkyo9j4r7vnn.cloudfront.net/public/ Frame 7CE4	44 KB 45 KB	261ms 261ms	Document text/html	2600:9000:2104:9400:1a:60a5:c0c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1xkyo9j4r7vnn.cloudfront.net/public/ct?cpguid=ej1gg9llb&it=1294420&w=1600&h=1200&key=6faf4&m=0&r= Requested by Host: mirrors.cpabuild.com URL: https://mirrors.cpabuild.com/public/external/locker.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:9400:1a:60a5:c0c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash a251401955293822d96329c24a9e94ecf7c3ecfc876ac05a050b32ad4437bdca Request headers :method GET :authority d1xkyo9j4r7vnn.cloudfront.net :scheme https :path /public/ct?cpguid=ej1gg9llb&it=1294420&w=1600&h=1200&key=6faf4&m=0&r= pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://mirrors.cpabuild.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mirrors.cpabuild.com/ Response headers content-type text/html; charset=UTF-8 date Sun, 11 Apr 2021 11:59:06 GMT server Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-powered-by PHP/7.4.11 set-cookie BUILD_VISITOR_RAND=48a251c8; expires=Mon, 12-Apr-2021 11:59:06 GMT; Max-Age=86400; path=/; secure; HttpOnly; SameSite=None BUILD_VISITOR_ID=820793950; expires=Mon, 12-Apr-2021 11:59:06 GMT; Max-Age=86400; path=/; secure; HttpOnly; SameSite=None BUILD_VISITOR_ID_KEY=88bac14f1e376c2a530dc28ca1975634; expires=Mon, 12-Apr-2021 11:59:06 GMT; Max-Age=86400; path=/; secure; HttpOnly; SameSite=None BUILD_VISITOR_IT_ID=1294420; expires=Mon, 12-Apr-2021 11:59:06 GMT; Max-Age=86400; path=/; secure; HttpOnly; SameSite=None BUILD_VISITOR_IT_ID_KEY=6faf4; expires=Mon, 12-Apr-2021 11:59:06 GMT; Max-Age=86400; path=/; secure; HttpOnly; SameSite=None cache-control no-cache, no-transform pragma no-cache expires Sat, 26 Jul 1997 05:00:00 GMT x-cache Miss from cloudfront via 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront) x-amz-cf-pop AMS1-C1 x-amz-cf-id lVFB_ZJ6oJ5KJOv4mLg48BQT0WVQPjSEjKfCUOUz9_YLVZXqFyTMsw==
GET H2	200	guid Show response d1xkyo9j4r7vnn.cloudfront.net/public/	0 283 B	299ms 299ms	Script text/html	2600:9000:2104:9400:1a:60a5:c0c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1xkyo9j4r7vnn.cloudfront.net/public/guid?cpguid=ej1gg9llb&e=ll&t=1618142346005 Requested by Host: mirrors.cpabuild.com URL: https://mirrors.cpabuild.com/public/external/locker.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:9400:1a:60a5:c0c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://mirrors.cpabuild.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 11:59:06 GMT via 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront) server Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop AMS1-C1 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 0 x-amz-cf-id wtPt9ZSnkXwT2O1R9y1295mfii_zqiyFGQeQ35mhHPDVdUO8r01ISA==
GET H2	200	font-awesome.min.css d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/fa/css/ Frame 7CE4	28 KB 29 KB	45ms 17ms	Stylesheet text/css	2600:9000:2182:d600:1c:b3e3:eb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/fa/css/font-awesome.min.css Requested by Host: d1xkyo9j4r7vnn.cloudfront.net URL: https://d1xkyo9j4r7vnn.cloudfront.net/public/ct?cpguid=ej1gg9llb&it=1294420&w=1600&h=1200&key=6faf4&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:d600:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id null via 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront) last-modified Mon, 30 Jan 2017 06:33:55 GMT server AmazonS3 age 141679 etag "4083f5d376eb849a458cc790b53ba080" x-cache Hit from cloudfront content-type text/css date Sat, 10 Apr 2021 20:35:00 GMT x-amz-cf-pop DUS51-C1 accept-ranges bytes content-length 29063 x-amz-cf-id R5Hj6WElxkY4tRXlsk5HJucQ7q1tArOaFZFjTz82iDo_4LttWNS7Eg==
GET H2	200	guid.js Show response d1xkyo9j4r7vnn.cloudfront.net/public/external/ Frame 7CE4	862 B 1 KB	157ms 156ms	Script application/javascript	2600:9000:2104:9400:1a:60a5:c0c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1xkyo9j4r7vnn.cloudfront.net/public/external/guid.js Requested by Host: d1xkyo9j4r7vnn.cloudfront.net URL: https://d1xkyo9j4r7vnn.cloudfront.net/public/ct?cpguid=ej1gg9llb&it=1294420&w=1600&h=1200&key=6faf4&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:9400:1a:60a5:c0c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash e1996013bea18595368a7d2452d2a96a8a66b59bd08cde2935e36ffa0f985fda Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 11:59:06 GMT via 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront) last-modified Tue, 11 Aug 2020 19:47:27 GMT server Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop AMS1-C1 etag "35e-5ac9f574655f4" x-cache Miss from cloudfront content-type application/javascript accept-ranges bytes content-length 862 x-amz-cf-id _ftZgfkTjmuZBznD6eP2XR6xNMA-FoH7dwRUJoDusnDVpmpd43qGjg==
GET H2	200	t.js Show response d1xkyo9j4r7vnn.cloudfront.net/public/external/ Frame 7CE4	2 KB 2 KB	298ms 297ms	Script application/javascript	2600:9000:2104:9400:1a:60a5:c0c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1xkyo9j4r7vnn.cloudfront.net/public/external/t.js Requested by Host: d1xkyo9j4r7vnn.cloudfront.net URL: https://d1xkyo9j4r7vnn.cloudfront.net/public/ct?cpguid=ej1gg9llb&it=1294420&w=1600&h=1200&key=6faf4&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:9400:1a:60a5:c0c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash fff2c7e238400b24472e5d6c529d7f625ec50ec4383ac23d33ca05d9c1f07a7d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 11:59:06 GMT via 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront) last-modified Tue, 21 Jul 2020 08:43:39 GMT server Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop AMS1-C1 etag "696-5aaef9ead3e51" x-cache Miss from cloudfront content-type application/javascript accept-ranges bytes content-length 1686 x-amz-cf-id 10L8ctdHVWOnS_Ekh67l4-miunQwux5uSA17XmOfRWHTVZGhody2cg==
GET H2	200	jquery.js Show response d13pxqgp3ixdbh.cloudfront.net/assets/content_lockers/ Frame 7CE4	95 KB 95 KB	12ms 11ms	Script application/x-javascript	2600:9000:2182:d600:1c:b3e3:eb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d13pxqgp3ixdbh.cloudfront.net/assets/content_lockers/jquery.js Requested by Host: d1xkyo9j4r7vnn.cloudfront.net URL: https://d1xkyo9j4r7vnn.cloudfront.net/public/ct?cpguid=ej1gg9llb&it=1294420&w=1600&h=1200&key=6faf4&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2182:d600:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1711e89a5ab3f0e2d009ab6b171bc8869acd8dd0da785e0dfe60c9c0bca48c6c Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id null via 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront) last-modified Mon, 30 Jan 2017 06:33:55 GMT server AmazonS3 age 74377 etag "7faa5fa0b997277a94a3c3b02d8be514" x-cache Hit from cloudfront content-type application/x-javascript date Sat, 10 Apr 2021 20:58:41 GMT x-amz-cf-pop DUS51-C1 accept-ranges bytes content-length 97174 x-amz-cf-id SlKv9BSFfwgh9_CMlEOzZJCPXILsUBAXGr6nbFbUzzTEk-zyvUijoA==
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 7CE4	48 KB 19 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: d1xkyo9j4r7vnn.cloudfront.net URL: https://d1xkyo9j4r7vnn.cloudfront.net/public/ct?cpguid=ej1gg9llb&it=1294420&w=1600&h=1200&key=6faf4&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 19 Mar 2021 19:22:18 GMT server Golfe2 age 607 date Sun, 11 Apr 2021 11:48:59 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19463 expires Sun, 11 Apr 2021 13:48:59 GMT
GET H2	200	check.php Show response d1xkyo9j4r7vnn.cloudfront.net/public/external/ Frame 7CE4	80 B 371 B	309ms 309ms	Script application/javascript	2600:9000:2104:9400:1a:60a5:c0c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1xkyo9j4r7vnn.cloudfront.net/public/external/check.php?time=1618142346407&it=1294420 Requested by Host: d1xkyo9j4r7vnn.cloudfront.net URL: https://d1xkyo9j4r7vnn.cloudfront.net/public/ct?cpguid=ej1gg9llb&it=1294420&w=1600&h=1200&key=6faf4&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:9400:1a:60a5:c0c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash d80fd8de2134e075b2c818858129aff0c7744940f7f9a41e475265b8eccd207a Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 11:59:06 GMT via 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop AMS1-C1 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 80 x-amz-cf-id qM3Ilb9KbjoUeNfYdRWF7BLhv2iacP3MAPwhWEbdGoEYmc2QA73o2g==
GET H2	200	k7f9nA7.png i.imgur.com/ Frame 7CE4	64 KB 64 KB	91ms 29ms	Image image/png	151.101.112.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/k7f9nA7.png Requested by Host: d1xkyo9j4r7vnn.cloudfront.net URL: https://d1xkyo9j4r7vnn.cloudfront.net/public/ct?cpguid=ej1gg9llb&it=1294420&w=1600&h=1200&key=6faf4&m=0&r= Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 924d7335e7e5fcd4d63a8370c85d119be44a750e09f4895ac6b2018139b1c99b Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 11:59:06 GMT x-content-type-options nosniff age 3812059 x-cache HIT, HIT content-length 65276 x-served-by cache-bwi5180-BWI, cache-hhn4022-HHN last-modified Tue, 21 Jul 2020 22:59:18 GMT server cat factory 1.0 x-timer S1618142346.497221,VS0,VE0 etag "da5121c8cb1c53e257649aba46f9156a" strict-transport-security max-age=300 access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 2
GET H2	200	ct d1xkyo9j4r7vnn.cloudfront.net/public/ Frame 7CE4	14 KB 14 KB	335ms 335ms	Image text/html	2600:9000:2104:9400:1a:60a5:c0c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1xkyo9j4r7vnn.cloudfront.net/public/ct?cpguid=ej1gg9llb&it=1294420&w=1600&h=1200&key=6faf4&m=0&r= Requested by Host: d1xkyo9j4r7vnn.cloudfront.net URL: https://d1xkyo9j4r7vnn.cloudfront.net/public/ct?cpguid=ej1gg9llb&it=1294420&w=1600&h=1200&key=6faf4&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:9400:1a:60a5:c0c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sun, 11 Apr 2021 11:59:06 GMT via 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront) server Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop AMS1-C1 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 cache-control no-cache, no-transform x-amz-cf-id GafTJV-_zQJqgq6yxyh3XXgsCZyfUtEXU6NVARwlDKhYaxk-GnbtIQ== expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	impression.php Show response d1xkyo9j4r7vnn.cloudfront.net/public/external/	10 B 304 B	159ms 157ms	Script application/javascript	2600:9000:2104:9400:1a:60a5:c0c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1xkyo9j4r7vnn.cloudfront.net/public/external/impression.php?it=1294420&time=1618142346997 Requested by Host: mirrors.cpabuild.com URL: https://mirrors.cpabuild.com/public/external/locker.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:9400:1a:60a5:c0c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 3efc61bcf3a2a65c875e501412e9db8b00b4b554e4351e01fab46c2793e87b3d Request headers Referer https://mirrors.cpabuild.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 11:59:07 GMT via 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop AMS1-C1 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 10 x-amz-cf-id OkIH9iNFgOpQ9pBUzZHDDSvgL_AxiNjN7hHC-9hKSzZMqFlQp3tXnw==
GET H2	200	guid Show response d1xkyo9j4r7vnn.cloudfront.net/public/	0 283 B	300ms 298ms	Script text/html	2600:9000:2104:9400:1a:60a5:c0c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1xkyo9j4r7vnn.cloudfront.net/public/guid?cpguid=ej1gg9llb&e=opl&t=1618142346998 Requested by Host: mirrors.cpabuild.com URL: https://mirrors.cpabuild.com/public/external/locker.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:9400:1a:60a5:c0c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://mirrors.cpabuild.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 11:59:07 GMT via 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop AMS1-C1 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 0 x-amz-cf-id V3hcZ5fr3gQ0y6uA3TtHoov38JeFUenOtkM_T4vmoDfpJ7w97rq4Fg==
GET H2	200	check.php Show response d1xkyo9j4r7vnn.cloudfront.net/public/external/	80 B 372 B	301ms 301ms	Script application/javascript	2600:9000:2104:9400:1a:60a5:c0c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1xkyo9j4r7vnn.cloudfront.net/public/external/check.php?it=1294420&time=1618142347492 Requested by Host: mirrors.cpabuild.com URL: https://mirrors.cpabuild.com/public/external/locker.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:9400:1a:60a5:c0c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash d80fd8de2134e075b2c818858129aff0c7744940f7f9a41e475265b8eccd207a Request headers Referer https://mirrors.cpabuild.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 11 Apr 2021 11:59:07 GMT via 1.1 043fc2faaa02eeb59193e3fa300adb6b.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop AMS1-C1 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 80 x-amz-cf-id Yyvv8_NKulbzFx-pEzZ1_gviyHTgfwmjODGgenk1sH32jYr-JKeX9Q==

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mirrors.cpabuild.com/	1970-01-19 17:43:26	Name: _cpguid Value: ej1gg9llb
			.cpabuild.com/	1970-01-19 18:12:14	Name: __cfduid Value: da1ae6df70c2648d7959b36fac1cabafd1618142344

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d13pxqgp3ixdbh.cloudfront.net
d1xkyo9j4r7vnn.cloudfront.net
i.imgur.com
mirrors.cpabuild.com
www.google-analytics.com
151.101.112.193
2600:9000:2104:9400:1a:60a5:c0c0:21
2600:9000:2182:d600:1c:b3e3:eb40:21
2606:4700:20::681a:daf
2a00:1450:4001:80f::200e
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
1711e89a5ab3f0e2d009ab6b171bc8869acd8dd0da785e0dfe60c9c0bca48c6c
38cd341f720a241af44ec584076470d5d21e5877942e3b46e6007270e646063a
3efc61bcf3a2a65c875e501412e9db8b00b4b554e4351e01fab46c2793e87b3d
5d0aa1c178d9562db3e14025753328ff2e880ed67bdccd0cb5366c58c24d1438
924d7335e7e5fcd4d63a8370c85d119be44a750e09f4895ac6b2018139b1c99b
a251401955293822d96329c24a9e94ecf7c3ecfc876ac05a050b32ad4437bdca
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
ae1df32f028cc1ab83471711b69773c079ad4fe2bb80cc510e5a1c7d15de5831
d80fd8de2134e075b2c818858129aff0c7744940f7f9a41e475265b8eccd207a
e1996013bea18595368a7d2452d2a96a8a66b59bd08cde2935e36ffa0f985fda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fff2c7e238400b24472e5d6c529d7f625ec50ec4383ac23d33ca05d9c1f07a7d