structureui.com Open in urlscan Pro
2606:4700:3035::6815:2f59  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set settings.php Show response structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/	41 KB 6 KB	470ms 455ms	Document text/html	2606:4700:3035::6815:2f59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php Protocol HTTP/1.1 Server 2606:4700:3035::6815:2f59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.11 Resource Hash 030178adec358aa05180be373000a0ff317362f589c622c184a69faca1606849 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Host structureui.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 20 Apr 2021 12:12:11 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=dfed5c4b156f1339408401f68418caf171618920731; expires=Thu, 20-May-21 12:12:11 GMT; path=/; domain=.structureui.com; HttpOnly; SameSite=Lax PHPSESSID=f74c9b7273af69b76ebff947c110a99c; path=/ X-Powered-By PHP/7.4.11 Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Vary Accept-Encoding X-Content-Type nosniff X_FORWARDED_FOR 104.16.77.187 REMOTE_ADDR 104.16.77.187 Host www.fbi.gov Origin https://www.fbi.gov Referer https://www.fbi.gov X-Forwarded-Host www.fbi.gov X-Forwarded-Proto https X-XSS-Protection 1; mode=block X-Turbo-Charged-By LiteSpeed CF-Cache-Status DYNAMIC cf-request-id 0990cb09b000004a9761127000000001 Report-To {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hezjSgQuo40kvsu8JAJBRPIwC38FfKT8u4N1vgP8SurOjoRQnezD7qnJ%2B5O5qh6CJfiBBBM58UZXmS5r6RIS0BKKXqRGv5QMnWxOpybJFkJNwYKsbDnnjWPc7bE%3D"}]} NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 642e478919b14a97-FRA Content-Encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	bootstrap.js Show response www.paypalobjects.com/tagmgmt/	19 B 245 B	147ms 32ms	Script application/javascript	151.101.114.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/tagmgmt/bootstrap.js Requested by Host: structureui.com URL: http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash be5c4f71eea822cbdcaefcf92963ab573e903f75a60b8bc0793e4eec935a1187 Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff Request headers Referer http://structureui.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 20 Apr 2021 12:12:11 GMT content-encoding gzip x-content-type-options nosniff age 8372603 x-cache HIT, HIT paypal-debug-id 6265ce5a480fa dc phx-origin-www-1.paypal.com vary Accept-Encoding content-length 39 via 1.1 varnish, 1.1 varnish x-served-by cache-sjc10065-SJC, cache-hhn4059-HHN last-modified Thu, 01 Oct 2020 22:15:27 GMT x-timer S1618920732.647530,VS0,VE0 etag "5f7654ff-13" strict-transport-security max-age=31557600 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes access-control-allow-headers x-csrf-token x-cache-hits 2814, 13
GET H/1.1	200 OK	Mnine.css structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mfiles/	4 KB 2 KB	230ms 229ms	Stylesheet text/css	2606:4700:3035::6815:2f59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mfiles/Mnine.css Requested by Host: structureui.com URL: http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php Protocol HTTP/1.1 Server 2606:4700:3035::6815:2f59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1598dbf18a68b1cfd8bf8119582aed8ee50e6cae71b0b20aa2cac606c6807b8 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Pragma no-cache Accept-Encoding gzip, deflate Host structureui.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php Cookie __cfduid=dfed5c4b156f1339408401f68418caf171618920731; PHPSESSID=f74c9b7273af69b76ebff947c110a99c Connection keep-alive Cache-Control no-cache Referer http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 20 Apr 2021 12:12:11 GMT Content-Encoding gzip Origin https://www.fbi.gov CF-Cache-Status MISS NEL {"report_to":"cf-nel","max_age":604800} X-Forwarded-Host www.fbi.gov Connection keep-alive X_FORWARDED_FOR 104.16.77.187 X-Forwarded-Proto https alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 1275 X-XSS-Protection 1; mode=block X-Content-Type nosniff Accept-Ranges bytes REMOTE_ADDR 104.16.77.187 Last-Modified Tue, 30 Mar 2021 10:36:32 GMT Server cloudflare Host www.fbi.gov Etag "10f5-6062ff30-fcb0ea93f4b9ece;gz" Vary Accept-Encoding Report-To {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G%2F3WnIggRj0WRRtcPODOazs5tLSjFUFnezwtLqDJnX0cg4V6u6OHfYrhRI68ZsMoIq3PHMnn97hAd%2Fw7q8d70Dlvo0NugQnV2M%2FTAWAPu%2FCtwLtdTJqmGXevrt4%3D"}]} Content-Type text/css Cache-Control public, max-age=86400 X-Turbo-Charged-By LiteSpeed cf-request-id 0990cb0b7e00004a974103a000000001 Referer https://www.fbi.gov CF-RAY 642e478bffc24a97-FRA Expires Wed, 21 Apr 2021 12:12:11 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.3.1/	85 KB 30 KB	8ms 5ms	Script text/javascript	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: structureui.com URL: http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://structureui.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 20 Apr 2021 12:09:58 GMT content-encoding gzip x-content-type-options nosniff age 133 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30399 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Apr 2022 12:09:58 GMT
GET H/1.1	200 OK	Meightx.css structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mfiles/	3 KB 1 KB	243ms 236ms	Stylesheet text/css	2606:4700:3035::6815:2f59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mfiles/Meightx.css Requested by Host: structureui.com URL: http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php Protocol HTTP/1.1 Server 2606:4700:3035::6815:2f59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4d96d6f4875c408829b1232d458ef55416c2a092b17825ef7ad31534082e4d1 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Pragma no-cache Accept-Encoding gzip, deflate Host structureui.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php Cookie __cfduid=dfed5c4b156f1339408401f68418caf171618920731; PHPSESSID=f74c9b7273af69b76ebff947c110a99c Connection keep-alive Cache-Control no-cache Referer http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 20 Apr 2021 12:12:11 GMT Content-Encoding gzip Origin https://www.fbi.gov CF-Cache-Status MISS NEL {"max_age":604800,"report_to":"cf-nel"} X-Forwarded-Host www.fbi.gov Connection keep-alive X_FORWARDED_FOR 104.16.77.187 X-Forwarded-Proto https alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 384 X-XSS-Protection 1; mode=block X-Content-Type nosniff Accept-Ranges bytes REMOTE_ADDR 104.16.77.187 Last-Modified Tue, 30 Mar 2021 10:36:32 GMT Server cloudflare Host www.fbi.gov Etag "a2d-6062ff30-d4bbc536af58a233;gz" Vary Accept-Encoding Report-To {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LJe76hiozDoNLR%2FNA2NqxjxZmUrxVWbtKvKlTs65oQlLwFvqpr%2Btggb1tDYutfnZ69eAWUrbXDmrJLPLPCcSQpEq1WMd4CeBaCYRbcyLhLS6%2FwiI6ppQqgvmttw%3D"}]} Content-Type text/css Cache-Control public, max-age=86400 X-Turbo-Charged-By LiteSpeed cf-request-id 0990cb0b84000064ebe23d2000000001 Referer https://www.fbi.gov CF-RAY 642e478c0c1b64eb-FRA Expires Wed, 21 Apr 2021 12:12:11 GMT
GET H2	200	styles.css www.paypalobjects.com/web/res/b68/a04c217f6513295c043c0faf19ab1/css/	361 KB 59 KB	146ms 32ms	Stylesheet text/css	151.101.114.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/web/res/b68/a04c217f6513295c043c0faf19ab1/css/styles.css Requested by Host: structureui.com URL: http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 540503e73fddf12b8ef60938b17c79f489c3febbc33b91ce7bce9a5796b3211d Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff Request headers Referer http://structureui.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 20 Apr 2021 12:12:11 GMT content-encoding gzip x-content-type-options nosniff age 4426802 x-cache HIT, HIT paypal-debug-id b33132b7f06ef x-cache-hits 1, 1 dc ccg11-origin-www-2.paypal.com vary Accept-Encoding content-length 59840 via 1.1 varnish, 1.1 varnish x-served-by cache-sjc10063-SJC, cache-hhn4059-HHN last-modified Mon, 13 Aug 2018 20:04:45 GMT x-timer S1618920732.647525,VS0,VE1 etag W/"5b71e45d-5a48c" strict-transport-security max-age=31557600 access-control-allow-methods GET content-type text/css access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes access-control-allow-headers x-csrf-token expires Mon, 28 Feb 2022 06:22:41 GMT
GET H/1.1	200 OK	Mthree.js Show response structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mfiles/	18 KB 6 KB	253ms 246ms	Script application/x-javascript	2606:4700:3035::6815:2f59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mfiles/Mthree.js Requested by Host: structureui.com URL: http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php Protocol HTTP/1.1 Server 2606:4700:3035::6815:2f59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Pragma no-cache Accept-Encoding gzip, deflate Host structureui.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept */* Referer http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php Cookie __cfduid=dfed5c4b156f1339408401f68418caf171618920731; PHPSESSID=f74c9b7273af69b76ebff947c110a99c Connection keep-alive Cache-Control no-cache Referer http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 20 Apr 2021 12:12:11 GMT Content-Encoding gzip Origin https://www.fbi.gov CF-Cache-Status MISS NEL {"report_to":"cf-nel","max_age":604800} X-Forwarded-Host www.fbi.gov Connection keep-alive X_FORWARDED_FOR 104.16.77.187 X-Forwarded-Proto https alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 4976 X-XSS-Protection 1; mode=block X-Content-Type nosniff Accept-Ranges bytes REMOTE_ADDR 104.16.77.187 Last-Modified Tue, 30 Mar 2021 10:36:32 GMT Server cloudflare Host www.fbi.gov Etag "47fe-6062ff30-65c075d73625c715;gz" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mTpxF%2Bz89eMbXbRJisUDmpEVhtoxZJvth%2BjRrGuCKbMRaYOzihnsuiHBMX0%2BaRbjA%2FitmzT2OIuUhDik3dKqdfaPR9tFnH%2FN0tCONg7sTga%2FQtPBIghifcuK1cc%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/x-javascript Cache-Control public, max-age=604800 X-Turbo-Charged-By LiteSpeed cf-request-id 0990cb0b84000096e00aaba000000001 Referer https://www.fbi.gov CF-RAY 642e478c0b1796e0-FRA Expires Tue, 27 Apr 2021 12:12:11 GMT
GET H/1.1	200 OK	Mfour.js Show response structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mfiles/	45 KB 13 KB	24ms 17ms	Script application/x-javascript	2606:4700:3035::6815:2f59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mfiles/Mfour.js Requested by Host: structureui.com URL: http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php Protocol HTTP/1.1 Server 2606:4700:3035::6815:2f59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 336dd9aba660c04506c40a3be54c507b0591a07657a3f9a92d5916c5043cc9c1 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Pragma no-cache Accept-Encoding gzip, deflate Host structureui.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept */* Referer http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php Cookie __cfduid=dfed5c4b156f1339408401f68418caf171618920731; PHPSESSID=f74c9b7273af69b76ebff947c110a99c Connection keep-alive Cache-Control no-cache Referer http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 20 Apr 2021 12:12:11 GMT Content-Encoding gzip Origin https://www.fbi.gov CF-Cache-Status HIT NEL {"max_age":604800,"report_to":"cf-nel"} Age 7217 CF-RAY 642e478c0ede5364-FRA Connection keep-alive X_FORWARDED_FOR 104.16.77.187 X-Forwarded-Proto https alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 12140 X-XSS-Protection 1; mode=block X-Content-Type nosniff Accept-Ranges bytes REMOTE_ADDR 104.16.77.187 Last-Modified Tue, 30 Mar 2021 10:36:26 GMT Server cloudflare Host www.fbi.gov Etag "b28f-6062ff2a-60a0ede9a4a277fa;gz" Vary Accept-Encoding Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XOXwWXFA%2BnwqGApKJD8Sfh51Z%2FDOTtozzNgRVZORBVuKvcWuoAM6Mx%2BBvSzNZuqW6C%2BsFskIiT7R5XxQhfVyiCNyohTe9drmk8PP6jxYty9VIyKjuK9RIxhzU7I%3D"}],"max_age":604800} Content-Type application/x-javascript Cache-Control public, max-age=604800 X-Turbo-Charged-By LiteSpeed cf-request-id 0990cb0b84000053647e9f2000000001 Referer https://www.fbi.gov X-Forwarded-Host www.fbi.gov Expires Tue, 27 Apr 2021 10:11:54 GMT
GET H/1.1	200 OK	Msix.js Show response structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mfiles/	6 KB 3 KB	54ms 47ms	Script application/x-javascript	2606:4700:3035::6815:2f59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mfiles/Msix.js Requested by Host: structureui.com URL: http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php Protocol HTTP/1.1 Server 2606:4700:3035::6815:2f59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15efea636446e7652ab9811c16772675888081aaf2b48ec8c1394dea43df4c75 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Pragma no-cache Accept-Encoding gzip, deflate Host structureui.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept */* Referer http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php Cookie __cfduid=dfed5c4b156f1339408401f68418caf171618920731; PHPSESSID=f74c9b7273af69b76ebff947c110a99c Connection keep-alive Cache-Control no-cache Referer http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 20 Apr 2021 12:12:11 GMT Content-Encoding gzip Origin https://www.fbi.gov CF-Cache-Status HIT NEL {"report_to":"cf-nel","max_age":604800} Age 71962 CF-RAY 642e478c0e6c4ab6-FRA Connection keep-alive X_FORWARDED_FOR 104.16.77.187 X-Forwarded-Proto https alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 1477 X-XSS-Protection 1; mode=block X-Content-Type nosniff Accept-Ranges bytes REMOTE_ADDR 104.16.77.187 Last-Modified Tue, 30 Mar 2021 10:36:31 GMT Server cloudflare Host www.fbi.gov Etag "1826-6062ff2f-5e4513aea484872c;gz" Vary Accept-Encoding Report-To {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i8rY%2BBwquEimWHOdtrETLW%2BWR9m%2BgXSbRJ5eUcL2%2FaLBQ%2Fvn7ChVVfF091Dj6lQfk2nBFXKCrkOeeBEb6MY5wbPbgp9h2tqDKAZ0IdoxopU2TMBQXoPNkXDzhhA%3D"}],"max_age":604800} Content-Type application/x-javascript Cache-Control public, max-age=604800 X-Turbo-Charged-By LiteSpeed cf-request-id 0990cb0b8800004ab6bc223000000001 Referer https://www.fbi.gov X-Forwarded-Host www.fbi.gov Expires Mon, 26 Apr 2021 16:12:49 GMT
GET H2	200	hermes_window_sprite_v16.png www.paypalobjects.com/images/checkout/hermes/	23 KB 23 KB	28ms 28ms	Image image/png	151.101.114.133 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/images/checkout/hermes/hermes_window_sprite_v16.png Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/web/res/b68/a04c217f6513295c043c0faf19ab1/css/styles.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e8867e9b228e90c2c64825bf2bacaea7f283fce1176ccf849f0935a94da488dc Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff Request headers Referer https://www.paypalobjects.com/web/res/b68/a04c217f6513295c043c0faf19ab1/css/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 20 Apr 2021 12:12:11 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff age 14289446 x-cache HIT, HIT fastly-io-info ifsz=23268 idim=250x350 ifmt=png ofsz=23268 odim=250x350 ofmt=png paypal-debug-id 5d46010930694 fastly-stats io=1 dc ccg11-origin-www-3.paypal.com content-length 23268 fastly-io-warning Failed to shrink image x-served-by cache-sjc10047-SJC, cache-hhn4059-HHN x-timer S1618920732.789502,VS0,VE0 etag "nnzRlS9MBgJaF5KTitXTyIJxOe9T0imDmyJbBzcjo2U" strict-transport-security max-age=31557600 content-type image/png cache-control max-age=3600 accept-ranges bytes x-cache-hits 1765, 6
GET H2	200	sprite_logos_wallet_v10_1x.png www.paypalobjects.com/images/checkout/hermes/	11 KB 12 KB	29ms 28ms	Image image/png	151.101.114.133 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/images/checkout/hermes/sprite_logos_wallet_v10_1x.png Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/web/res/b68/a04c217f6513295c043c0faf19ab1/css/styles.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0b175b8e12a2422c1fb98456cd5dd4f84d3eb93a01c2f98abe0d6a77d8563a96 Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff Request headers Referer https://www.paypalobjects.com/web/res/b68/a04c217f6513295c043c0faf19ab1/css/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 20 Apr 2021 12:12:11 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff age 14289435 x-cache HIT, HIT fastly-io-info ifsz=11637 idim=31x900 ifmt=png ofsz=11637 odim=31x900 ofmt=png paypal-debug-id e32b8248963c6 fastly-stats io=1 dc phx-origin-www-3.paypal.com content-length 11637 fastly-io-warning Failed to shrink image x-served-by cache-sjc10041-SJC, cache-hhn4059-HHN x-timer S1618920732.801280,VS0,VE1 etag "RpRY12pV8Wr4nyt1/gTRG+nn6AQVpm3CeryO6sh7jvo" strict-transport-security max-age=31557600 content-type image/png cache-control max-age=3600 accept-ranges bytes x-cache-hits 77, 1
GET H/1.1	200 OK	Mten.png structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mpic/	24 KB 25 KB	324ms 324ms	Image image/png	2606:4700:3035::6815:2f59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mpic/Mten.png Requested by Host: structureui.com URL: http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php Protocol HTTP/1.1 Server 2606:4700:3035::6815:2f59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a47f9feda7682c5085fa780e2560144c5bc70caa592a8d1a345a852948efa94a Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Pragma no-cache Accept-Encoding gzip, deflate Host structureui.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php Cookie __cfduid=dfed5c4b156f1339408401f68418caf171618920731; PHPSESSID=f74c9b7273af69b76ebff947c110a99c Connection keep-alive Cache-Control no-cache Referer http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/settings/settings.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 20 Apr 2021 12:12:12 GMT Origin https://www.fbi.gov CF-Cache-Status MISS NEL {"report_to":"cf-nel","max_age":604800} X-Forwarded-Host www.fbi.gov Connection keep-alive X_FORWARDED_FOR 104.16.77.187 X-Forwarded-Proto https alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 24180 X-XSS-Protection 1; mode=block X-Content-Type nosniff Accept-Ranges bytes REMOTE_ADDR 104.16.77.187 Last-Modified Tue, 30 Mar 2021 10:36:25 GMT Server cloudflare Host www.fbi.gov Etag "5e74-6062ff29-b09ed7ce46162f98;;;" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mxKFzzgW%2Fix2Kd2a61Zv5NPDj2MIK%2B%2Bx9CN3RbxFw4rn62pbIJhJK3HMuUw1KBoBjpzmv8WjORcI0V%2Blsx9CTopLtXl9%2Fw1CR3kaRHBEBkaNtJrMCyGNGxIhGDg%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/png Cache-Control public, max-age=31536000 X-Turbo-Charged-By LiteSpeed cf-request-id 0990cb0c89000096e00294e000000001 Referer https://www.fbi.gov CF-RAY 642e478dabcb96e0-FRA Expires Wed, 20 Apr 2022 12:12:11 GMT
GET H2	200	sprite_forms_1x.png www.paypalobjects.com/images/shared/	14 KB 15 KB	36ms 33ms	Image image/png	151.101.114.133 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/images/shared/sprite_forms_1x.png Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/web/res/b68/a04c217f6513295c043c0faf19ab1/css/styles.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 1a11b5fece8c057aaa6fdcbb113912ada810127d6056d7518812425f1d0859eb Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff Request headers Referer https://www.paypalobjects.com/web/res/b68/a04c217f6513295c043c0faf19ab1/css/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 20 Apr 2021 12:12:11 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff age 5357520 x-cache HIT, HIT fastly-io-info ifsz=14656 idim=40x8000 ifmt=png ofsz=14656 odim=40x8000 ofmt=png paypal-debug-id b0c346ca3c9d fastly-stats io=1 dc slc-b-origin-www-1.paypal.com content-length 14656 fastly-io-warning Failed to shrink image x-served-by cache-sjc10080-SJC, cache-hhn4059-HHN x-timer S1618920732.823210,VS0,VE0 etag "msVea5CmgtJ5LzzVTfwNDSyxMXqJOa3wmTLNtihFVo8" strict-transport-security max-age=31557600 content-type image/png cache-control public,max-age=3600 accept-ranges bytes x-cache-hits 1351, 4
GET H2	200	scr_vp_fprd_shield_bags.png www.paypalobjects.com/images/checkout/hermes/	3 KB 3 KB	35ms 33ms	Image image/png	151.101.114.133 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.paypalobjects.com/images/checkout/hermes/scr_vp_fprd_shield_bags.png Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/web/res/b68/a04c217f6513295c043c0faf19ab1/css/styles.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 156e258a495a63275b069120c11f94ac292f5eea950b80ce93eff4c42d3d2753 Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff Request headers Referer https://www.paypalobjects.com/web/res/b68/a04c217f6513295c043c0faf19ab1/css/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 20 Apr 2021 12:12:11 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff age 2257993 x-cache HIT, HIT fastly-io-info ifsz=2986 idim=206x93 ifmt=png ofsz=2986 odim=206x93 ofmt=png paypal-debug-id f72d2778b39b6 fastly-stats io=1 dc ccg11-origin-www-1.paypal.com content-length 2986 fastly-io-warning Failed to shrink image x-served-by cache-sjc10071-SJC, cache-hhn4059-HHN x-timer S1618920732.823197,VS0,VE0 etag "kUreO+d0P7chp8ydUtcXSEorG9XPq0VelcAaZkMjlvI" strict-transport-security max-age=31557600 content-type image/png cache-control public,max-age=3600 accept-ranges bytes x-cache-hits 1151, 5
GET H/1.1	404 Not Found	PayPalSansBig-Regular.woff2 structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mfiles/	0 0	217ms 216ms	Font text/html	2606:4700:3035::6815:2f59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mfiles/PayPalSansBig-Regular.woff2 Requested by Host: structureui.com URL: http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mfiles/Mnine.css Protocol HTTP/1.1 Server 2606:4700:3035::6815:2f59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Pragma no-cache Origin http://structureui.com Accept-Encoding gzip, deflate Host structureui.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept */* Referer http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mfiles/Mnine.css Cookie __cfduid=dfed5c4b156f1339408401f68418caf171618920731; PHPSESSID=f74c9b7273af69b76ebff947c110a99c Connection keep-alive Cache-Control no-cache Origin http://structureui.com Referer http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mfiles/Mnine.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 20 Apr 2021 12:12:12 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"max_age":604800,"report_to":"cf-nel"} Transfer-Encoding chunked Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0990cb0c9d000064ebcf962000000001 Last-Modified Tue, 25 Jun 2019 07:07:00 GMT Server cloudflare Vary Accept-Encoding Report-To {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sIffhJK7gPWjOiFTA%2Fxj6JHBCmLdk9CjzJChUAKGgcWsvkDw0ONau%2BTZrYIuV0SF3SJd%2BKZJKc6PSMoWJSNvRqhneDcdYiPXHfeRA5YSAE8V0GjFGGOVSsL5JQk%3D"}]} Content-Type text/html Cache-Control max-age=14400 X-Turbo-Charged-By LiteSpeed CF-RAY 642e478dcc6e64eb-FRA
GET H/1.1	404 Not Found	PayPalSansBig-Regular.woff structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mfiles/	0 0	227ms 227ms	Font text/html	2606:4700:3035::6815:2f59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mfiles/PayPalSansBig-Regular.woff Requested by Host: structureui.com URL: http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mfiles/Mnine.css Protocol HTTP/1.1 Server 2606:4700:3035::6815:2f59 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Pragma no-cache Origin http://structureui.com Accept-Encoding gzip, deflate Host structureui.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept */* Referer http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mfiles/Mnine.css Cookie __cfduid=dfed5c4b156f1339408401f68418caf171618920731; PHPSESSID=f74c9b7273af69b76ebff947c110a99c Connection keep-alive Cache-Control no-cache Origin http://structureui.com Referer http://structureui.com/assets/css/prism/cd/rbk/unblock_verification/customer_center/customer-IDPP00C643/Mfiles/Mnine.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 20 Apr 2021 12:12:12 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"max_age":604800,"report_to":"cf-nel"} Transfer-Encoding chunked Connection keep-alive alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 0990cb0d77000064ebc08dc000000001 Last-Modified Tue, 25 Jun 2019 07:07:00 GMT Server cloudflare Vary Accept-Encoding Report-To {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qEsWKp8Mv3%2BZbD0IN5k5aGpnpZYYE%2BFEwciuYp7nNH6dGDxyZsPEj92zPDUZviu85j2OR3BhEYK8BO6%2BVZ%2BQalXXRaRBXeBKbKKLruKM%2B3ORnkQi8mwmC2xuTPk%3D"}]} Content-Type text/html Cache-Control max-age=14400 X-Turbo-Charged-By LiteSpeed CF-RAY 642e478f2ca564eb-FRA

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
structureui.com
www.paypalobjects.com
151.101.114.133
2606:4700:3035::6815:2f59
2a00:1450:4001:810::200a
030178adec358aa05180be373000a0ff317362f589c622c184a69faca1606849
0b175b8e12a2422c1fb98456cd5dd4f84d3eb93a01c2f98abe0d6a77d8563a96
156e258a495a63275b069120c11f94ac292f5eea950b80ce93eff4c42d3d2753
15efea636446e7652ab9811c16772675888081aaf2b48ec8c1394dea43df4c75
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1a11b5fece8c057aaa6fdcbb113912ada810127d6056d7518812425f1d0859eb
336dd9aba660c04506c40a3be54c507b0591a07657a3f9a92d5916c5043cc9c1
540503e73fddf12b8ef60938b17c79f489c3febbc33b91ce7bce9a5796b3211d
a47f9feda7682c5085fa780e2560144c5bc70caa592a8d1a345a852948efa94a
be5c4f71eea822cbdcaefcf92963ab573e903f75a60b8bc0793e4eec935a1187
cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a
d1598dbf18a68b1cfd8bf8119582aed8ee50e6cae71b0b20aa2cac606c6807b8
e8867e9b228e90c2c64825bf2bacaea7f283fce1176ccf849f0935a94da488dc
f4d96d6f4875c408829b1232d458ef55416c2a092b17825ef7ad31534082e4d1