cdf.80gigs.com - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 198.57.173.5, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is cdf.80gigs.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 15th 2021. Valid for: 3 months.

This is the only time cdf.80gigs.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: MVM Next (Utility)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::ac43:8ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	198.57.173.5 198.57.173.5	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
6	2

1 2606:4700:10::ac43:8ee (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 198.57.173.5 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 198-57-173-5.unifiedlayer.com

cdf.80gigs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	80gigs.com cdf.80gigs.com	325 KB
1	googleapis.com fonts.googleapis.com	1005 B
1	cutt.ly 1 redirects cutt.ly	479 B
6	3

	Domain	Requested by
5	cdf.80gigs.com	cdf.80gigs.com
1	fonts.googleapis.com	cdf.80gigs.com
1	cutt.ly	1 redirects
6	3

This site contains no links.

Subject Issuer	Validity	Valid
cdf.80gigs.com cPanel, Inc. Certification Authority	`2021-10-15` - `2022-01-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cdf.80gigs.com/hu/
Frame ID: DC80680BBD16455277FB4E160D48DBC1
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Belépés

Page URL History Show full URLs

https://cutt.ly/8TN2ABZ HTTP 301
https://cdf.80gigs.com/hu/ Page URL

Page Statistics

6
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

326 kB
Transfer

325 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cutt.ly/8TN2ABZ HTTP 301
https://cdf.80gigs.com/hu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
cdf.80gigs.com/hu/
Redirect Chain

https://cutt.ly/8TN2ABZ
https://cdf.80gigs.com/hu/

4 KB
4 KB

927ms
456ms

Document
text/html

198.57.173.5
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdf.80gigs.com/hu/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

198.57.173.5 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

198-57-173-5.unifiedlayer.com

Software

Apache /

Resource Hash

3ab7185f3d27c7827f2a899a7ce55c4fe7df21615c53c511eaa2b6e4b17cf622

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sun, 28 Nov 2021 17:08:26 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=0
Content-Length: 3820
Keep-Alive: timeout=5, max=1000
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

date: Sun, 28 Nov 2021 17:08:25 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
location: https://cdf.80gigs.com/hu/
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b5532b9c83bf923-MXP

GET
H/1.1 200
OK app.css
cdf.80gigs.com/hu/hu_fichiers/ 304 KB
304 KB 160ms
159ms Stylesheet
text/css 198.57.173.5
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdf.80gigs.com/hu/hu_fichiers/app.css
Requested by: Host: cdf.80gigs.com
URL: https://cdf.80gigs.com/hu/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.57.173.5 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 198-57-173-5.unifiedlayer.com
Software: Apache /
Resource Hash: 2c1715c52c423bda2fdda63d9f5633fadf7967fd164b0825e48bee5f440c1c74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdf.80gigs.com/hu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 17:08:26 GMT
Last-Modified: Sat, 02 Oct 2021 16:21:50 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=999
Content-Length: 311191

GET
H/1.1 200
OK logo_white.svg
cdf.80gigs.com/hu/hu_fichiers/ 3 KB
3 KB 685ms
225ms Image
image/svg+xml 198.57.173.5
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdf.80gigs.com/hu/hu_fichiers/logo_white.svg
Requested by: Host: cdf.80gigs.com
URL: https://cdf.80gigs.com/hu/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.57.173.5 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 198-57-173-5.unifiedlayer.com
Software: Apache /
Resource Hash: 6467d78bcc18f73b549223f4b140ca5e36b3e2db8b2e6345b8c075431d20e2a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdf.80gigs.com/hu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 17:08:27 GMT
Last-Modified: Sat, 02 Oct 2021 15:49:55 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000
Content-Length: 3091

GET
H/1.1 200
OK keys.svg
cdf.80gigs.com/hu/hu_fichiers/ 5 KB
5 KB 685ms
225ms Image
image/svg+xml 198.57.173.5
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdf.80gigs.com/hu/hu_fichiers/keys.svg
Requested by: Host: cdf.80gigs.com
URL: https://cdf.80gigs.com/hu/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.57.173.5 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 198-57-173-5.unifiedlayer.com
Software: Apache /
Resource Hash: 9408b74edf28db331cd822fdbd2f188451b60e610abb798d61838bcdf4dd6444

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdf.80gigs.com/hu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 17:08:27 GMT
Last-Modified: Sat, 02 Oct 2021 15:49:55 GMT
Server: Apache
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=1000
Content-Length: 4919

GET
H/1.1 404
Not Found forgot-password.svg
cdf.80gigs.com/hu/hu_fichiers/ 8 KB
8 KB 1282ms
821ms Image
text/html 198.57.173.5
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdf.80gigs.com/hu/hu_fichiers/forgot-password.svg

Requested by

Host: cdf.80gigs.com
URL: https://cdf.80gigs.com/hu/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

198.57.173.5 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

198-57-173-5.unifiedlayer.com

Software

Apache /

Resource Hash

3d74f2b3802e7093acf36d8d50ddcf6b652f9249500dc3385f0faf7d72fab7d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdf.80gigs.com/hu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 28 Nov 2021 17:08:27 GMT
Strict-Transport-Security: max-age=0
Referrer-Policy: same-origin
Server: Apache
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-UA-Compatible: IE=edge
Connection: Keep-Alive
Link: <https://cdf.80gigs.com/wp-json/>; rel="https://api.w.org/"
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=1000
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1005 B 54ms
20ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito

Requested by

Host: cdf.80gigs.com
URL: https://cdf.80gigs.com/hu/hu_fichiers/app.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

92e84db6987ce882afbf7bf6a990760008eb6f08af890a00b0ee7f1301e5f7d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 28 Nov 2021 15:59:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 28 Nov 2021 17:08:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Nov 2021 17:08:27 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: MVM Next (Utility)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cutt.ly/	1969-12-31 23:59:59	Name: PHPSESSID Value: lejan9j82542b3qdus0f3kgmir

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdf.80gigs.com/hu/hu_fichiers/forgot-password.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdf.80gigs.com
cutt.ly
fonts.googleapis.com
198.57.173.5
2606:4700:10::ac43:8ee
2a00:1450:4001:82a::200a
2c1715c52c423bda2fdda63d9f5633fadf7967fd164b0825e48bee5f440c1c74
3ab7185f3d27c7827f2a899a7ce55c4fe7df21615c53c511eaa2b6e4b17cf622
3d74f2b3802e7093acf36d8d50ddcf6b652f9249500dc3385f0faf7d72fab7d5
6467d78bcc18f73b549223f4b140ca5e36b3e2db8b2e6345b8c075431d20e2a9
92e84db6987ce882afbf7bf6a990760008eb6f08af890a00b0ee7f1301e5f7d2
9408b74edf28db331cd822fdbd2f188451b60e610abb798d61838bcdf4dd6444

cdf.80gigs.com Open in urlscan Pro 198.57.173.5 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

6 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

326 kBTransfer

325 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

cdf.80gigs.com Open in urlscan Pro
198.57.173.5 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

326 kB
Transfer

325 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!