dbafoundsecurity.gq Open in urlscan Pro
2606:4700:30::681b:9232  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://dbafoundsecurity.gq/ Page URL
2. https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response dbafoundsecurity.gq/	1 KB 727 B	299ms 215ms	Document text/html	2606:4700:30::681b:9232 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://dbafoundsecurity.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:9232 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PHP/7.3.9 Resource Hash 7b96dbaa2dda6320bc312e720370a5aa3e0c3a6de96055a5c7f97b85dddb642c Request headers :method GET :authority dbafoundsecurity.gq :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode navigate sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Response headers status 200 date Wed, 02 Oct 2019 18:03:36 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d13915e50a63c21302a506fba2d80805c1570039416; expires=Thu, 01-Oct-20 18:03:36 GMT; path=/; domain=.dbafoundsecurity.gq; HttpOnly x-powered-by PHP/7.3.9 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 51f8980f2bf2cbb0-VIE content-encoding br
GET H2	200	Primary Request / Show response dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/	11 KB 4 KB	226ms 226ms	Document text/html	2606:4700:30::681b:9232 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ Requested by Host: dbafoundsecurity.gq URL: https://dbafoundsecurity.gq/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:9232 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 3ed09adc2b4430d38b32ec35f28728c3285c3eee00c47ebea1e5a740b62b464f Request headers :method GET :authority dbafoundsecurity.gq :scheme https :path /AMsdsdsXsdfsdfvfX/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode navigate accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site same-origin referer https://dbafoundsecurity.gq/ accept-encoding gzip, deflate, br cookie __cfduid=d13915e50a63c21302a506fba2d80805c1570039416 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode navigate Referer https://dbafoundsecurity.gq/ Response headers status 200 date Wed, 02 Oct 2019 18:03:36 GMT content-type text/html last-modified Wed, 02 Oct 2019 17:55:35 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 51f8981089a3cbb0-VIE content-encoding br
GET H2	200	s.js Show response waust.at/	7 KB 3 KB	21ms 5ms	Script application/x-javascript	185.225.208.133 UK2NET-AS
General Check archive.org Show headers Download Go to Full URL https://waust.at/s.js Requested by Host: dbafoundsecurity.gq URL: https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB), Reverse DNS Software / Resource Hash 04c7297aae5bf898e148eda262a7d464f2ceaebfe1ccfcdbb9fde562ce210372 Request headers Sec-Fetch-Mode no-cors Referer https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 02 Oct 2019 18:03:36 GMT content-encoding gzip last-modified Thu, 11 Jul 2019 20:01:12 GMT etag W/"5d279588-1d8e" status 200 content-type application/x-javascript access-control-allow-origin * cache-control max-age=86400, private expires Thu, 03 Oct 2019 18:03:36 GMT
GET H2	200	style.min.css dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/	4 KB 1 KB	223ms 222ms	Stylesheet text/css	2606:4700:30::681b:9232 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/style.min.css Requested by Host: dbafoundsecurity.gq URL: https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:9232 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 4a74d6b33324b196502c0736ad5237f9f4a4fe1707aee8f7c916d3828a1ccca5 Request headers Sec-Fetch-Mode no-cors Referer https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 02 Oct 2019 18:03:36 GMT content-encoding br cf-cache-status MISS last-modified Wed, 02 Oct 2019 17:55:32 GMT server cloudflare etag W/"5d94e494-11d3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=2592000 cf-ray 51f89811ff91cbb0-VIE expires Fri, 01 Nov 2019 18:03:36 GMT
GET H2	200	index.css dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/	2 KB 685 B	214ms 213ms	Stylesheet text/css	2606:4700:30::681b:9232 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/index.css Requested by Host: dbafoundsecurity.gq URL: https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:9232 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 96ebd43ad060daa3755cd441a936cd36371732d7a74b2ae4df30183eb128df9a Request headers Sec-Fetch-Mode no-cors Referer https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 02 Oct 2019 18:03:36 GMT content-encoding br cf-cache-status MISS last-modified Wed, 02 Oct 2019 17:55:38 GMT server cloudflare etag W/"5d94e49a-7bf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=2592000 cf-ray 51f89811ff93cbb0-VIE expires Fri, 01 Nov 2019 18:03:36 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.3.1/	85 KB 30 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:81e::200a Google LLC
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: dbafoundsecurity.gq URL: https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Sec-Fetch-Mode no-cors Referer https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Tue, 27 Aug 2019 16:53:27 GMT content-encoding gzip x-content-type-options nosniff age 3114609 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 30399 x-xss-protection 0 last-modified Thu, 25 Jan 2018 15:33:24 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 26 Aug 2020 16:53:27 GMT
GET H2	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/	37 KB 10 KB	40ms 24ms	Script text/javascript	2001:4de0:ac19::1:b:2b Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/bootstrap.min.js Requested by Host: dbafoundsecurity.gq URL: https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS Software / Resource Hash 909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4 Request headers Sec-Fetch-Mode no-cors Referer https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 02 Oct 2019 18:03:36 GMT content-encoding gzip last-modified Fri, 14 Dec 2018 05:14:43 GMT status 200 etag "1544764483" vary Accept-Encoding x-cache HIT content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 x-hello-human Say hello back! @getBootstrapCDN on Twitter accept-ranges bytes timing-allow-origin * content-length 10035
GET H2	200	apple.png dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/	4 KB 4 KB	209ms 209ms	Image image/png	2606:4700:30::681b:9232 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/apple.png Requested by Host: dbafoundsecurity.gq URL: https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:9232 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash c9cf33e9e57d1c944d430b98133aaf0cb30c24a735b1106c6a0800d58b10f023 Request headers Sec-Fetch-Mode no-cors Referer https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 02 Oct 2019 18:03:36 GMT cf-cache-status MISS last-modified Wed, 02 Oct 2019 17:55:39 GMT server cloudflare etag "5d94e49b-e57" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=2592000 accept-ranges bytes cf-ray 51f89811ff98cbb0-VIE content-length 3671 expires Fri, 01 Nov 2019 18:03:36 GMT
GET H2	200	main.js Show response dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/js/	3 KB 1 KB	231ms 230ms	Script application/javascript	2606:4700:30::681b:9232 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/js/main.js Requested by Host: dbafoundsecurity.gq URL: https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:9232 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 035f18de6a2e149d4d657accc183abff4e1b1dc1526190123123d1ec5d3574ff Request headers Sec-Fetch-Mode no-cors Referer https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 02 Oct 2019 18:03:36 GMT content-encoding br cf-cache-status MISS last-modified Wed, 02 Oct 2019 17:56:09 GMT server cloudflare etag W/"5d94e4b9-ccf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=2592000 cf-ray 51f89812181dcbb0-VIE expires Fri, 01 Nov 2019 18:03:36 GMT
GET DATA	200 OK	truncated /	239 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bd08b9849632e73574f62ca80572a17f9bbd9bb1010fe8c6380e641460abd96c Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET H2	200	background.png dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/	43 KB 43 KB	396ms 395ms	Image image/png	2606:4700:30::681b:9232 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/background.png Requested by Host: dbafoundsecurity.gq URL: https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:9232 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 8534415eb2e954341a5e1cf6d4dff503817a6a59868dc3762065c8d6b9e1382d Request headers Sec-Fetch-Mode no-cors Referer https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 02 Oct 2019 18:03:37 GMT cf-cache-status MISS last-modified Wed, 02 Oct 2019 17:55:39 GMT server cloudflare etag "5d94e49b-ac6c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=2592000 accept-ranges bytes cf-ray 51f898136da4cbb0-VIE content-length 44140 expires Fri, 01 Nov 2019 18:03:37 GMT
GET H2	206	err.mp3 dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/	98 KB 0	215ms 215ms	Media audio/mpeg	2606:4700:30::681b:9232 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/err.mp3 Requested by Host: dbafoundsecurity.gq URL: https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:9232 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers Sec-Fetch-Mode no-cors Referer https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Range bytes=0- Response headers date Wed, 02 Oct 2019 18:03:37 GMT last-modified Wed, 02 Oct 2019 17:55:37 GMT server cloudflare etag "5d94e499-3d5ce" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 206 content-type audio/mpeg content-range bytes 0-251341/251342 cf-ray 51f898138e03cbb0-VIE content-length 251342
GET H2	206	beep.mp3 dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/	8 KB 8 KB	226ms 226ms	Media audio/mpeg	2606:4700:30::681b:9232 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/beep.mp3 Requested by Host: dbafoundsecurity.gq URL: https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:9232 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1 Request headers Sec-Fetch-Mode no-cors Referer https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Range bytes=0- Response headers date Wed, 02 Oct 2019 18:03:37 GMT last-modified Wed, 02 Oct 2019 17:55:41 GMT server cloudflare etag "5d94e49d-20d5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 206 content-type audio/mpeg content-range bytes 0-8404/8405 cf-ray 51f898138e07cbb0-VIE content-length 8405
GET H2	200	beep.mp3 dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ Frame 2307	0 0	229ms 229ms	Document audio/mpeg	2606:4700:30::681b:9232 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/beep.mp3 Requested by Host: dbafoundsecurity.gq URL: https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:9232 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers :method GET :authority dbafoundsecurity.gq :scheme https :path /AMsdsdsXsdfsdfvfX/beep.mp3 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-mode nested-navigate accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site same-origin referer https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ accept-encoding gzip, deflate, br cookie __cfduid=d13915e50a63c21302a506fba2d80805c1570039416 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ Response headers status 200 date Wed, 02 Oct 2019 18:03:37 GMT content-type audio/mpeg content-length 8405 last-modified Wed, 02 Oct 2019 17:55:41 GMT etag "5d94e49d-20d5" accept-ranges bytes expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 51f898138e32cbb0-VIE
GET H2	200	/ Show response whos.amung.us/pingjs/	28 B 142 B	319ms 107ms	Script text/javascript	67.202.94.94 Steadfast
General Check archive.org Show headers Download Go to Full URL https://whos.amung.us/pingjs/?k=mhpunm6b66&t=Official%20Help%20and%20Services&c=s&y=https%3A%2F%2Fdbafoundsecurity.gq%2F&a=0&d=0.486&v=22&r=5099 Requested by Host: waust.at URL: https://waust.at/s.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.202.94.94 Chicago, United States, ASN32748 (STEADFAST - Steadfast, US), Reverse DNS amung.us Software / Resource Hash 2b1d2208507488ab98d213e50b8c2507856e1d867b50baa7b98cca8d750bfc3f Request headers Sec-Fetch-Mode no-cors Referer https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 200 date Wed, 02 Oct 2019 18:03:37 GMT content-encoding gzip content-type text/javascript;charset=UTF-8
GET H2	206	beep.mp3 dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ Frame 2307	8 KB 8 KB	112ms 111ms	Media audio/mpeg	2606:4700:30::681b:9232 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/beep.mp3 Requested by Host: dbafoundsecurity.gq URL: https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:30::681b:9232 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1 Request headers Sec-Fetch-Mode no-cors Referer https://dbafoundsecurity.gq/AMsdsdsXsdfsdfvfX/beep.mp3 Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Range bytes=0- Response headers date Wed, 02 Oct 2019 18:03:37 GMT last-modified Wed, 02 Oct 2019 17:55:41 GMT server cloudflare etag "5d94e49d-20d5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 206 content-type audio/mpeg content-range bytes 0-8404/8405 cf-ray 51f898153d76cbb0-VIE content-length 8405
GET DATA	200 OK	truncated /	439 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/gif

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online) Tech Support Scam (Consumer)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| _wau function| gtag object| dataLayer object| WAU_ren function| WAU_small function| WAU_small_request function| WAU_r_s function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_cps function| docReady function| $ function| jQuery object| modal object| btn undefined| span function| addEvent number| _i function| newLine function| toggleFullScreen object| x string| x1 string| x2

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dbafoundsecurity.gq/	1970-01-19 12:52:55	Name: __cfduid Value: d13915e50a63c21302a506fba2d80805c1570039416

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
dbafoundsecurity.gq
maxcdn.bootstrapcdn.com
waust.at
whos.amung.us
185.225.208.133
2001:4de0:ac19::1:b:2b
2606:4700:30::681b:9232
2a00:1450:4001:81e::200a
67.202.94.94
035f18de6a2e149d4d657accc183abff4e1b1dc1526190123123d1ec5d3574ff
04c7297aae5bf898e148eda262a7d464f2ceaebfe1ccfcdbb9fde562ce210372
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2b1d2208507488ab98d213e50b8c2507856e1d867b50baa7b98cca8d750bfc3f
3ed09adc2b4430d38b32ec35f28728c3285c3eee00c47ebea1e5a740b62b464f
4a74d6b33324b196502c0736ad5237f9f4a4fe1707aee8f7c916d3828a1ccca5
7b96dbaa2dda6320bc312e720370a5aa3e0c3a6de96055a5c7f97b85dddb642c
8534415eb2e954341a5e1cf6d4dff503817a6a59868dc3762065c8d6b9e1382d
909ae563eb34f7e4285a3a643ab5d7c21c5e6a80f3f455b949ac45f08d0389b4
96ebd43ad060daa3755cd441a936cd36371732d7a74b2ae4df30183eb128df9a
bd08b9849632e73574f62ca80572a17f9bbd9bb1010fe8c6380e641460abd96c
c9cf33e9e57d1c944d430b98133aaf0cb30c24a735b1106c6a0800d58b10f023
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac