5433.secure.roofingsalestracker.com Open in urlscan Pro
76.255.199.131  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response 5433.secure.roofingsalestracker.com/	14 KB 15 KB	446ms 144ms	Document text/html	76.255.199.131 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://5433.secure.roofingsalestracker.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 76.255.199.131 Amarillo, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software nginx/1.24.0 / Resource Hash c96d9ac79f74d74d9cd3f710eff6c331d74339723cd094d45c7c1ea0b06bd6eb Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language de-DE,de;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin * Cache-Control no-cache Connection keep-alive Content-Length 14721 Content-Type text/html Date Fri, 29 Mar 2024 20:02:05 GMT Etag 1711577379.948110000 Expires Thu, 01 Jan 1970 00:00:01 GMT Last-Modified Wed, 27 Mar 2024 22:09:39 GMT Server nginx/1.24.0
GET H/1.1	200 OK	greyspots.js Show response 5433.secure.roofingsalestracker.com/js/	3 MB 3 MB	147ms 147ms	Script application/javascript	76.255.199.131 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://5433.secure.roofingsalestracker.com/js/greyspots.js Requested by Host: 5433.secure.roofingsalestracker.com URL: https://5433.secure.roofingsalestracker.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 76.255.199.131 Amarillo, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software nginx/1.24.0 / Resource Hash 1ef3dc68bcfcb9d4d76b174215c1ee404f726019e830e606c69033f0ebce340f Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://5433.secure.roofingsalestracker.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 29 Mar 2024 20:02:05 GMT Last-Modified Tue, 26 Mar 2024 15:26:51 GMT Server nginx/1.24.0 Etag 1711466811.603416000 Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control no-cache Connection keep-alive Content-Length 3652933 Expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	greyspots.css 5433.secure.roofingsalestracker.com/css/	601 KB 601 KB	564ms 282ms	Stylesheet text/css	76.255.199.131 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://5433.secure.roofingsalestracker.com/css/greyspots.css Requested by Host: 5433.secure.roofingsalestracker.com URL: https://5433.secure.roofingsalestracker.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 76.255.199.131 Amarillo, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software nginx/1.24.0 / Resource Hash 73c3c5c1501bfffe2630c11cbb3b9ebd19113c2a86915fc851bc052cd0c09e64 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://5433.secure.roofingsalestracker.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 29 Mar 2024 20:02:05 GMT Last-Modified Tue, 26 Mar 2024 15:26:51 GMT Server nginx/1.24.0 Etag 1711466811.629220000 Content-Type text/css Access-Control-Allow-Origin * Cache-Control no-cache Connection keep-alive Content-Length 615085 Expires Thu, 01 Jan 1970 00:00:01 GMT
POST H/1.1	440 Login Timeout	action_info Show response 5433.secure.roofingsalestracker.com/env/	19 B 407 B	141ms 141ms	XHR text/plain	76.255.199.131 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://5433.secure.roofingsalestracker.com/env/action_info?anticache=689008914 Requested by Host: 5433.secure.roofingsalestracker.com URL: https://5433.secure.roofingsalestracker.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 76.255.199.131 Amarillo, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software nginx/1.24.0 / Resource Hash 249f05898c1d7b425f9fcd1433efa7e002c67c4513bd13dcd9d926be3e30a852 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://5433.secure.roofingsalestracker.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Fri, 29 Mar 2024 20:02:06 GMT Refresh 0; url=/index.html?error=Connection%20timed%20out&redirect=/env/action_info%3Fanticache%3D689008914 Server nginx/1.24.0 Connection keep-alive Content-Length 19 Content-Type text/plain
GET H/1.1	200 OK	favicon.ico 5433.secure.roofingsalestracker.com/	318 B 652 B	267ms 143ms	Other image/vnd.microsoft.icon	76.255.199.131 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://5433.secure.roofingsalestracker.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 76.255.199.131 Amarillo, United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software nginx/1.24.0 / Resource Hash d2d8db2528d10459aa3618a354206d7af004e1c65f6e7ecfc037ef0eb394300e Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://5433.secure.roofingsalestracker.com/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 29 Mar 2024 20:02:06 GMT Last-Modified Fri, 28 Jul 2023 20:43:49 GMT Server nginx/1.24.0 Etag 1690577029.411478000 Content-Type image/vnd.microsoft.icon Access-Control-Allow-Origin * Cache-Control no-cache Connection keep-alive Content-Length 318 Expires Thu, 01 Jan 1970 00:00:01 GMT

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal function| oldRegister function| encodeHTML function| decodeHTML function| ml function| touchDeviceTest function| getDeviceType object| CryptoJS function| reportIssue function| convertPathToAbsolute function| getPageSnapshot function| setPageSnapshot object| arrBoxes object| startBoxPos object| endBoxPos boolean| bolDrawing undefined| boxElem boolean| bolInvertedX boolean| bolInvertedY object| arrBoxColors number| intBoxCounter object| objBoxPush boolean| bolDrawingBound boolean| bolBoxing function| createPageBoxDrawer boolean| bolFirstBox string| strBoxName function| getBoxDescription function| sendSnapshot function| strOpenTestQS number| reconnectNumber undefined| reconnectCheckTimer function| getCoordinates function| getClosestPosition function| getPosition function| gt function| gte function| lt function| lte object| GSDATESingleLineTemplateElement object| GSDATEDeferSingleLineTemplateElement object| GSDATEDeferButtonTemplateElement object| GSDATESingleLineTemplate object| GSDATEDeferSingleLineTemplate object| GSDATEDeferButtonTemplate number| uploadSequence function| clickValue function| XTagElement object| xtag function| FastClick object| doT object| evt object| GS object| shimmed object| functionality object| testtesttest object| gsmemoNew boolean| bolCurl undefined| strUname undefined| strPword function| login function| verify string| strQueryString object| request

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://5433.secure.roofingsalestracker.com/ Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://5433.secure.roofingsalestracker.com/env/action_info?anticache=689008914 Message: Failed to load resource: the server responded with a status of 440 (Login Timeout)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5433.secure.roofingsalestracker.com
76.255.199.131
1ef3dc68bcfcb9d4d76b174215c1ee404f726019e830e606c69033f0ebce340f
249f05898c1d7b425f9fcd1433efa7e002c67c4513bd13dcd9d926be3e30a852
73c3c5c1501bfffe2630c11cbb3b9ebd19113c2a86915fc851bc052cd0c09e64
c96d9ac79f74d74d9cd3f710eff6c331d74339723cd094d45c7c1ea0b06bd6eb
d2d8db2528d10459aa3618a354206d7af004e1c65f6e7ecfc037ef0eb394300e