buildarockatboy.com Open in urlscan Pro
194.39.45.235 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://buildarockatboy.com/7xti20jmc10sqyyw
Submission: On August 15 via api (August 15th 2022, 1:07:20 am UTC) from JP — Scanned from JP

Summary HTTP 13 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 13 HTTP transactions. The main IP is 194.39.45.235, located in Budapest, Hungary and belongs to Rendszerinformatika Zrt., HU. The main domain is buildarockatboy.com.

This is the only time buildarockatboy.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
9	194.39.45.235 194.39.45.235	206892 (Rendszeri...) (Rendszerinformatika Zrt.)
2	2404:6800:401... 2404:6800:4012:1::200d	15169 (GOOGLE) (GOOGLE)
1 1	2404:6800:400... 2404:6800:4004:801::200e	15169 (GOOGLE) (GOOGLE)
1	104.244.42.129 104.244.42.129	13414 (TWITTER) (TWITTER)
13	4

9 194.39.45.235 (Budapest, Hungary)

ASN206892 (Rendszerinformatika Zrt., HU)
PTR: p.alverad.hu

buildarockatboy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4012:1::200d (Australia)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:801::200e (Australia) 1 redirects

ASN15169 (GOOGLE, US)

plus.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.129 (United States)

ASN13414 (TWITTER, US)

twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	buildarockatboy.com buildarockatboy.com	138 KB
3	google.com 1 redirects accounts.google.com — Cisco Umbrella Rank: 117 plus.google.com — Cisco Umbrella Rank: 7022	2 KB
1	twitter.com twitter.com — Cisco Umbrella Rank: 184
0	Failed function sub() { [native code] }. Failed
13	4

	Domain	Requested by
9	buildarockatboy.com	buildarockatboy.com
2	accounts.google.com	buildarockatboy.com
1	twitter.com	buildarockatboy.com
1	plus.google.com	1 redirects
0	dphoaaiomekdhacmfoblfblmncpnbahm Failed	buildarockatboy.com
13	5

This site contains links to these domains. Also see Links.

Domain
passwordreset.microsoftonline.com
www.microsoft.com
privacy.microsoft.com

Subject Issuer	Validity	Valid
accounts.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-24` - `2023-01-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://buildarockatboy.com/7xti20jmc10sqyyw
Frame ID: A19E9AF2404FEFCF1BEF5CAAA2B8F62B
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your account

Detected technologies

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Page Statistics

13
Requests

15 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

246 kB
Transfer

490 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://passwordreset.microsoftonline.com/?ru=https%3a%2f%2flogin.microsoftonline.com%2fcommon%2freprocess%3fctx%3drQQIARAAhZK9j9t0GMfj5C5cowLXUlXX7YZKIGgSv7s-qUMSJ45fE79cfPESObaT2Pk59sVOHJuB9QakdkFId0wsiGOCCcHQquNNVccO_AFIlYABdWzazlWXrz5fPc_y6PlU9sgagtaQGvxlCa3BR3dxiiRwnBhXMdQmqzg9hqv3MZesIg6NbUcoRdrW8mZl_1sO_FW2-Ob3P1Qefy1ULi6hw1mSRPFRvZ6maS2cTDzbrdlhUAfWwvEW0zX6OwQ9g6Dz4q67qB5rl8WYxCgaJxCYJkiK3iIF14bGYCbn00z258kwV2DJg-GhweGiPptLhpIMfRuVmCEu6fPMZOS5xEibnq7kZnCcSAG3kVrbfV8ORKMNm3o76bEcLOuOL7ESZrImeFH8tNdYJTP0TYRLL3f_K16bhMtgFIVxcl76pVgVZ8DQCFJoJbgqdpKxnbGCJ8RtM9bb5BjwxKjHzhlhNcOazHCsWrictvx4FQ-yfoDQJ0IARnRTHYPT0YkwCFstlI2mvtdXHGZqu0nIbFY4P6F8JdYCNF2pwoAR4FNNNUVxYwz4bs-QfHU-b0nLbladEoNOriAyn64zZj2IaaHnuEFgdIJQifiVj4-ibLl07jskprJGtT_sb6_LI83iObUtb05xuhk12YU6YzPsJAgRLPEEHuE6fM4zmMLzbEoBMkknSEumHH_dUGfjFZp37Q11qiknnikIASzm6waP-b1oQ6QxkTX8gdsBiQWc6WXpznt-vkZ_K5W3EISLqxIVRu7Ccw6jZTjxgPs-T9Zovfe2dcPArTUAeLYD_b1ze6-8f_0AOix8cQsuHe3tVfYLB4XDwqsd6MfdrYbf3FMLk5__FR4-_1z87iwoXO3W9RDzji1No9pcopMk_ZWdcjxS95YcTCFtCwgAN8U-zfB5-IA-Qh6VoUfl8lX5BseM5Lau6Q2ZaagMOoL_KUNnHxX-uPZBsV9c_6xSWXkjENoWcOOb7wR_8nHh1Se_Pv3z-U__X7zsvgY1&mkt=en-US&hosted=0&device_platform=Windows+10
Title: Forgot my password

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-US/servicesagreement/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://privacy.microsoft.com/en-US/privacystatement
Title: Privacy & cookies

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://plus.google.com/up/?continue=https://www.google.com/intl/en/images/logos/accounts_logo.png&type=st&gpsrc=ogpy0 HTTP 302
https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://plus.google.com/up/?continue%3Dhttps://www.google.com/intl/en/images/logos/accounts_logo.png%26type%3Dst%26gpsrc%3Dogpy0&followup=https://plus.google.com/up/?continue%3Dhttps://www.google.com/intl/en/images/logos/accounts_logo.png%26type%3Dst%26gpsrc%3Dogpy0

13 HTTP transactions
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request 7xti20jmc10sqyyw Show response buildarockatboy.com/	369 KB 125 KB	1007ms 586ms	Document text/html	194.39.45.235 Rendszerinformati...
General Check archive.org Show headers Download Go to Full URL http://buildarockatboy.com/7xti20jmc10sqyyw Protocol HTTP/1.1 Server 194.39.45.235 Budapest, Hungary, ASN206892 (Rendszerinformatika Zrt., HU), Reverse DNS p.alverad.hu Software Lucy / Resource Hash `494abd60578b48528db8656e6336d1b803fdc0bb86e2f4f8b071d090a26bebef` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers Access-Control-Allow-Headers * Access-Control-Allow-Methods * Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection Keep-Alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Mon, 15 Aug 2022 01:07:12 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Lucy Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	events.js Show response buildarockatboy.com/js/	558 B 918 B	252ms 251ms	Script text/javascript	194.39.45.235 Rendszerinformati...
General Check archive.org Show headers Download Go to Full URL http://buildarockatboy.com/js/events.js Requested by Host: buildarockatboy.com URL: http://buildarockatboy.com/7xti20jmc10sqyyw Protocol HTTP/1.1 Server 194.39.45.235 Budapest, Hungary, ASN206892 (Rendszerinformatika Zrt., HU), Reverse DNS p.alverad.hu Software Lucy / Resource Hash `a8f7e59c2a6d75c51e1898b2d1ff9f6f666caad39a12d215e506202fce2ce150` Request headers accept-language jp-JP,jp;q=0.9 Referer http://buildarockatboy.com/7xti20jmc10sqyyw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Mon, 15 Aug 2022 01:07:12 GMT Server Lucy Access-Control-Allow-Methods * Content-Type text/javascript;charset=UTF-8 Access-Control-Allow-Origin * Cache-Control max-age=86400 Connection Keep-Alive Access-Control-Allow-Headers * Content-Length 558 Keep-Alive timeout=5, max=100 Expires Tue, 16 Aug 2022 01:07:12 GMT
GET DATA	200 OK	truncated /	4 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a` Request headers accept-language jp-JP,jp;q=0.9 Referer http://buildarockatboy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	513 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58` Request headers accept-language jp-JP,jp;q=0.9 Referer http://buildarockatboy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	108 KB 108 KB		Image image/*
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `abcd8fa9d8e0d63875daa71ace49ce26213016df091bd2b63385572c79992e15` Request headers accept-language jp-JP,jp;q=0.9 Referer http://buildarockatboy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Content-Type image/*
GET		icon48_green.png dphoaaiomekdhacmfoblfblmncpnbahm/images/	0 0

GET H/1.1	200 OK	timeme.min.js Show response buildarockatboy.com/js/	4 KB 4 KB	251ms 250ms	Script text/javascript	194.39.45.235 Rendszerinformati...
General Check archive.org Show headers Download Go to Full URL http://buildarockatboy.com/js/timeme.min.js Requested by Host: buildarockatboy.com URL: http://buildarockatboy.com/7xti20jmc10sqyyw Protocol HTTP/1.1 Server 194.39.45.235 Budapest, Hungary, ASN206892 (Rendszerinformatika Zrt., HU), Reverse DNS p.alverad.hu Software Lucy / Resource Hash `3ae66a8d261814acf0678914f1832973fe5be31912abf545f81fe4f97fd707dd` Request headers accept-language jp-JP,jp;q=0.9 Referer http://buildarockatboy.com/7xti20jmc10sqyyw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Mon, 15 Aug 2022 01:07:13 GMT Server Lucy Access-Control-Allow-Methods * Content-Type text/javascript;charset=UTF-8 Access-Control-Allow-Origin * Cache-Control max-age=86400 Connection Keep-Alive Access-Control-Allow-Headers * Content-Length 4210 Keep-Alive timeout=5, max=99 Expires Tue, 16 Aug 2022 01:07:13 GMT
GET H/1.1	200 OK	time-tracker.js Show response buildarockatboy.com/js/	1 KB 2 KB	251ms 250ms	Script text/javascript	194.39.45.235 Rendszerinformati...
General Check archive.org Show headers Download Go to Full URL http://buildarockatboy.com/js/time-tracker.js Requested by Host: buildarockatboy.com URL: http://buildarockatboy.com/7xti20jmc10sqyyw Protocol HTTP/1.1 Server 194.39.45.235 Budapest, Hungary, ASN206892 (Rendszerinformatika Zrt., HU), Reverse DNS p.alverad.hu Software Lucy / Resource Hash `b1c9c0a18219eaef9ce76f3ca58ab9097259e5e5c78574e3f7f3eb4a9f98f004` Request headers accept-language jp-JP,jp;q=0.9 Referer http://buildarockatboy.com/7xti20jmc10sqyyw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Mon, 15 Aug 2022 01:07:13 GMT Server Lucy Access-Control-Allow-Methods * Content-Type text/javascript;charset=UTF-8 Access-Control-Allow-Origin * Cache-Control max-age=86400 Connection Keep-Alive Access-Control-Allow-Headers * Content-Length 1475 Keep-Alive timeout=5, max=99 Expires Tue, 16 Aug 2022 01:07:13 GMT
GET H/1.1	200 OK	analyse.js Show response buildarockatboy.com/js/	3 KB 3 KB	500ms 250ms	Script text/javascript	194.39.45.235 Rendszerinformati...
General Check archive.org Show headers Download Go to Full URL http://buildarockatboy.com/js/analyse.js Requested by Host: buildarockatboy.com URL: http://buildarockatboy.com/7xti20jmc10sqyyw Protocol HTTP/1.1 Server 194.39.45.235 Budapest, Hungary, ASN206892 (Rendszerinformatika Zrt., HU), Reverse DNS p.alverad.hu Software Lucy / Resource Hash `df44e74c857de0cd2b94ae343fe1afced4203aacb6dce3a7107338b0c9a76593` Request headers accept-language jp-JP,jp;q=0.9 Referer http://buildarockatboy.com/7xti20jmc10sqyyw User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Date Mon, 15 Aug 2022 01:07:13 GMT Server Lucy Access-Control-Allow-Methods * Content-Type text/javascript;charset=UTF-8 Access-Control-Allow-Origin * Cache-Control max-age=86400 Connection Keep-Alive Access-Control-Allow-Headers * Content-Length 2938 Keep-Alive timeout=5, max=98 Expires Tue, 16 Aug 2022 01:07:13 GMT
GET H2	400	CheckCookie accounts.google.com/	0 0	128ms 52ms	Image text/html	2404:6800:4012:1::200d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/CheckCookie?continue=https%3A%2F%2Fwww.google.com%2Fintl%2Fen%2Fimages%2Flogos%2Faccounts_logo.png&followup=https%3A%2F%2Fwww.google.com%2Fintl%2Fen%2Fimages%2Flogos%2Faccounts_logo.png&chtml=LoginDoneHtml&checkedDomains=youtube&checkConnection=youtube%3A291%3A1 Requested by Host: buildarockatboy.com URL: http://buildarockatboy.com/7xti20jmc10sqyyw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4012:1::200d , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language jp-JP,jp;q=0.9 Referer http://buildarockatboy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers
GET H2	200	ServiceLogin accounts.google.com/ Redirect Chain https://plus.google.com/up/?continue=https://www.google.com/intl/en/images/logos/accounts_logo.png&type=st&gpsrc=ogpy0 https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://plus.google.com/up/?continue%3Dhttps://www.google.com/intl/en/images/logos/accounts_logo.png%26type%3Dst%26gpsrc%3Do...	0 0	83ms 83ms	Image text/html	2404:6800:4012:1::200d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://plus.google.com/up/?continue%3Dhttps://www.google.com/intl/en/images/logos/accounts_logo.png%26type%3Dst%26gpsrc%3Dogpy0&followup=https://plus.google.com/up/?continue%3Dhttps://www.google.com/intl/en/images/logos/accounts_logo.png%26type%3Dst%26gpsrc%3Dogpy0 Requested by Host: buildarockatboy.com URL: http://buildarockatboy.com/7xti20jmc10sqyyw Protocol H2 Server 2404:6800:4012:1::200d , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language jp-JP,jp;q=0.9 Referer http://buildarockatboy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Redirect headers strict-transport-security max-age=31536000 x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server ESF cross-origin-opener-policy unsafe-none; report-to="PlusAppUi" location https://accounts.google.com/ServiceLogin?passive=1209600&osid=1&continue=https://plus.google.com/up/?continue%3Dhttps://www.google.com/intl/en/images/logos/accounts_logo.png%26type%3Dst%26gpsrc%3Dogpy0&followup=https://plus.google.com/up/?continue%3Dhttps://www.google.com/intl/en/images/logos/accounts_logo.png%26type%3Dst%26gpsrc%3Dogpy0 date Mon, 15 Aug 2022 01:07:13 GMT x-frame-options SAMEORIGIN report-to {"group":"PlusAppUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/PlusAppUi/external"}]} content-type application/binary accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version permissions-policy ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-platform=, ch-ua-platform-version=* content-security-policy require-trusted-types-for 'script';report-uri /_/PlusAppUi/cspreport, script-src 'report-sample' 'nonce-_Zgb6iexwtp0OyzboFzz5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/PlusAppUi/cspreport;worker-src 'self', script-src 'nonce-_Zgb6iexwtp0OyzboFzz5w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://s.ytimg.com https://www.googleapis.com https://support.google.com https://youtube.com https://youtube.googleapis.com https://www.youtube.com https://cdn.ampproject.org https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/PlusAppUi/cspreport x-robots-tag noindex
GET H2	200	login twitter.com/	0 0	403ms 225ms	Image text/html	104.244.42.129 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://twitter.com/login?redirect_after_login=/favicon.ico Requested by Host: buildarockatboy.com URL: http://buildarockatboy.com/7xti20jmc10sqyyw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.129 , United States, ASN13414 (TWITTER, US), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language jp-JP,jp;q=0.9 Referer http://buildarockatboy.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers
POST H/1.1	200 OK	run-analyse Show response buildarockatboy.com/7xti20jmc10sqyyw/	0 495 B	409ms 409ms	XHR text/html	194.39.45.235 Rendszerinformati...
General Check archive.org Show headers Download Go to Full URL http://buildarockatboy.com/7xti20jmc10sqyyw/run-analyse Requested by Host: buildarockatboy.com URL: http://buildarockatboy.com/7xti20jmc10sqyyw Protocol HTTP/1.1 Server 194.39.45.235 Budapest, Hungary, ASN206892 (Rendszerinformatika Zrt., HU), Reverse DNS p.alverad.hu Software Lucy / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://buildarockatboy.com/7xti20jmc10sqyyw accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryQkRmZQ0BhBIc77uJ Response headers Pragma no-cache Date Mon, 15 Aug 2022 01:07:14 GMT Server Lucy Access-Control-Allow-Methods * Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection Keep-Alive Access-Control-Allow-Headers * Content-Length 0 Keep-Alive timeout=5, max=97 Expires Thu, 19 Nov 1981 08:52:00 GMT
POST H/1.1	200 OK	run-analyse Show response buildarockatboy.com/7xti20jmc10sqyyw/	0 495 B	424ms 424ms	XHR text/html	194.39.45.235 Rendszerinformati...
General Check archive.org Show headers Download Go to Full URL http://buildarockatboy.com/7xti20jmc10sqyyw/run-analyse Requested by Host: buildarockatboy.com URL: http://buildarockatboy.com/7xti20jmc10sqyyw Protocol HTTP/1.1 Server 194.39.45.235 Budapest, Hungary, ASN206892 (Rendszerinformatika Zrt., HU), Reverse DNS p.alverad.hu Software Lucy / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://buildarockatboy.com/7xti20jmc10sqyyw accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryzR2osA3ZNJWYe8BV Response headers Pragma no-cache Date Mon, 15 Aug 2022 01:07:14 GMT Server Lucy Access-Control-Allow-Methods * Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection Keep-Alive Access-Control-Allow-Headers * Content-Length 0 Keep-Alive timeout=5, max=98 Expires Thu, 19 Nov 1981 08:52:00 GMT
POST H/1.1	200 OK	track-time buildarockatboy.com/scenario/	0 665 B	378ms 378ms	Ping text/html	194.39.45.235 Rendszerinformati...
General Check archive.org Show headers Download Go to Full URL http://buildarockatboy.com/scenario/track-time Requested by Host: buildarockatboy.com URL: http://buildarockatboy.com/7xti20jmc10sqyyw Protocol HTTP/1.1 Server 194.39.45.235 Budapest, Hungary, ASN206892 (Rendszerinformatika Zrt., HU), Reverse DNS p.alverad.hu Software Lucy / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://buildarockatboy.com/7xti20jmc10sqyyw accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Mon, 15 Aug 2022 01:07:14 GMT Server Lucy Access-Control-Max-Age 86400 Access-Control-Allow-Methods * Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Access-Control-Allow-Credentials true Connection Keep-Alive Access-Control-Allow-Headers * Content-Length 0 Keep-Alive timeout=5, max=97 Expires Thu, 19 Nov 1981 08:52:00 GMT
POST H/1.1	200 OK	track-time buildarockatboy.com/scenario/	0 665 B	388ms 388ms	Ping text/html	194.39.45.235 Rendszerinformati...
General Check archive.org Show headers Download Go to Full URL http://buildarockatboy.com/scenario/track-time Requested by Host: buildarockatboy.com URL: http://buildarockatboy.com/7xti20jmc10sqyyw Protocol HTTP/1.1 Server 194.39.45.235 Budapest, Hungary, ASN206892 (Rendszerinformatika Zrt., HU), Reverse DNS p.alverad.hu Software Lucy / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://buildarockatboy.com/7xti20jmc10sqyyw accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Mon, 15 Aug 2022 01:07:19 GMT Server Lucy Access-Control-Max-Age 86400 Access-Control-Allow-Methods * Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Access-Control-Allow-Credentials true Connection Keep-Alive Access-Control-Allow-Headers * Content-Length 0 Keep-Alive timeout=5, max=96 Expires Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dphoaaiomekdhacmfoblfblmncpnbahm
URL: chrome-extension://dphoaaiomekdhacmfoblfblmncpnbahm/images/icon48_green.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
buildarockatboy.com/	1970-01-20 05:58:37	Name: link Value: 7xti20jmc10sqyyw
.google.com/	1970-01-20 09:38:56	Name: NID Value: 511=kQwDP7R-RA1EPL3HUwpW1hh7MJzvYPph-nCv5cxEAG0zBXJ5tez5Ql4Ogjs5JimnoKnQ4nQFbV7PTXprlpYfCqwhBnwvYBVwUpaDIOu1ddVuMqINdyjWi6nxlrSINiDRP8CDmx2H51U7zaIIKPgHQUJhOgrgLCnIsKb1-xx2Gp0
.twitter.com/	1970-01-20 14:51:25	Name: guest_id_marketing Value: v1%3A166052563362947506
.twitter.com/	1970-01-20 14:51:25	Name: guest_id_ads Value: v1%3A166052563362947506
.twitter.com/	1970-01-20 14:51:25	Name: personalization_id Value: "v1_4EiFlj8KTENjS+rdoZbaOg=="
.twitter.com/	1970-01-20 14:51:25	Name: guest_id Value: v1%3A166052563362947506

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: chrome-extension://dphoaaiomekdhacmfoblfblmncpnbahm/images/icon48_green.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: https://accounts.google.com/CheckCookie?continue=https%3A%2F%2Fwww.google.com%2Fintl%2Fen%2Fimages%2Flogos%2Faccounts_logo.png&followup=https%3A%2F%2Fwww.google.com%2Fintl%2Fen%2Fimages%2Flogos%2Faccounts_logo.png&chtml=LoginDoneHtml&checkedDomains=youtube&checkConnection=youtube%3A291%3A1 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
buildarockatboy.com
dphoaaiomekdhacmfoblfblmncpnbahm
plus.google.com
twitter.com
dphoaaiomekdhacmfoblfblmncpnbahm
104.244.42.129
194.39.45.235
2404:6800:4004:801::200e
2404:6800:4012:1::200d
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
3ae66a8d261814acf0678914f1832973fe5be31912abf545f81fe4f97fd707dd
494abd60578b48528db8656e6336d1b803fdc0bb86e2f4f8b071d090a26bebef
a8f7e59c2a6d75c51e1898b2d1ff9f6f666caad39a12d215e506202fce2ce150
abcd8fa9d8e0d63875daa71ace49ce26213016df091bd2b63385572c79992e15
b1c9c0a18219eaef9ce76f3ca58ab9097259e5e5c78574e3f7f3eb4a9f98f004
df44e74c857de0cd2b94ae343fe1afced4203aacb6dce3a7107338b0c9a76593
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

buildarockatboy.com Open in urlscan Pro 194.39.45.235 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

15 %HTTPS

50 %IPv6

4 Domains

5 Subdomains

4 IPs

3 Countries

246 kBTransfer

490 kBSize

6 Cookies

3 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

19 JavaScript Global Variables

6 Cookies

2 Console Messages

Indicators

buildarockatboy.com Open in urlscan Pro
194.39.45.235 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

15 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

246 kB
Transfer

490 kB
Size

6
Cookies

13 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!