bringsal1.site Open in urlscan Pro
2606:4700:3030::ac43:d3c5  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 783da26 Show response bringsal1.site/	546 B 792 B	991ms 889ms	Document text/html	2606:4700:3030::ac43:d3c5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bringsal1.site/783da26?s1=jiroluger Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::ac43:d3c5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash 09802b6a3d31c56182e0203cb65771475fba274922d4d3dad7d4309037c20cf3 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7d7bc77fdc71113e-ORD content-encoding br content-type text/html; charset=UTF-8 date Thu, 15 Jun 2023 15:17:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Dmbv600RDrc7aKmzzoyZVilktdt0ARi4BgGJNMhUJhB7FmCdWF4QMbCK0Eix7bcIGHAWZ0hrbBJt0%2BCW5pmNkRzky0KHXT1%2Bx25HjSO3httZ40SgjjyZFrjrKrNzkxKcYMUdSUsy1wuf1%2B9VA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.4.16
GET H2	200	XgDdOD.js Show response d15skjf5hy9xr6.cloudfront.net/	24 KB 7 KB	360ms 222ms	Script application/javascript	2600:9000:2510:6400:5:c5da:4880:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d15skjf5hy9xr6.cloudfront.net/XgDdOD.js Requested by Host: bringsal1.site URL: https://bringsal1.site/783da26?s1=jiroluger Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2510:6400:5:c5da:4880:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a28be45144d377ab16527a8b5d2d60fae4d780f9dec17e4327567ad90482f293 Request headers accept-language en-US,en;q=0.9 Referer https://bringsal1.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 15:01:00 GMT content-encoding br via 1.1 8a9cdb228e33f8d52a4b42c56ca26590.cloudfront.net (CloudFront) last-modified Sat, 13 May 2023 22:59:48 GMT server AmazonS3 x-amz-cf-pop JFK50-P5 age 1007 etag W/"2bfd2a5b8ac2dbc95efed9f39bf259ff" vary Accept-Encoding x-cache Error from cloudfront content-type application/javascript x-amz-cf-id mUppvGk9dv8zRpvziul_IZJXL1wawZi8nSLjsVUNEMW4tnLbpgl3fA==
GET H2	200	html.2285171.84010.0.js Show response d3vv4txqnrv4po.cloudfront.net/public/external/v2/	10 KB 10 KB	426ms 215ms	Script application/javascript	2600:9000:210b:3800:18:9670:2700:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3vv4txqnrv4po.cloudfront.net/public/external/v2/html.2285171.84010.0.js Requested by Host: d15skjf5hy9xr6.cloudfront.net URL: https://d15skjf5hy9xr6.cloudfront.net/XgDdOD.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:210b:3800:18:9670:2700:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 5df6a4c41b0551b4a46bd95558d5898d89003c32e932d790ff9ae29bbd51045f Request headers accept-language en-US,en;q=0.9 Referer https://bringsal1.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 15:17:21 GMT via 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop EWR53-C3 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id qJz79KwdwRb8xsfy6UndWzM0E8UngURbIecQByxNu1RwhRzmKoz6QA==
GET H2	200	css_front.css d3vv4txqnrv4po.cloudfront.net/public/external/	6 KB 7 KB	338ms 127ms	Stylesheet text/css	2600:9000:210b:3800:18:9670:2700:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3vv4txqnrv4po.cloudfront.net/public/external/css_front.css Requested by Host: d15skjf5hy9xr6.cloudfront.net URL: https://d15skjf5hy9xr6.cloudfront.net/XgDdOD.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:210b:3800:18:9670:2700:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec Request headers accept-language en-US,en;q=0.9 Referer https://bringsal1.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 15:17:21 GMT via 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront) last-modified Tue, 23 Jun 2020 20:06:47 GMT server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop EWR53-C3 etag "19c4-5a8c5e62e9d0a" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 6596 x-amz-cf-id uZt5QIi96LZRbWNldd8tOE2pmBnATifBzNvXv9xHx2Xp6qVk6y5SCQ==
GET H2	200	css.css d3vv4txqnrv4po.cloudfront.net/public/clockers/CustomButton/	1010 B 1 KB	216ms 215ms	Stylesheet text/css	2600:9000:210b:3800:18:9670:2700:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3vv4txqnrv4po.cloudfront.net/public/clockers/CustomButton/css.css Requested by Host: d15skjf5hy9xr6.cloudfront.net URL: https://d15skjf5hy9xr6.cloudfront.net/XgDdOD.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:210b:3800:18:9670:2700:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de Request headers accept-language en-US,en;q=0.9 Referer https://bringsal1.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 15:17:21 GMT via 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront) last-modified Fri, 10 Apr 2020 22:29:00 GMT server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop EWR53-C3 etag "3f2-5a2f7428ae907" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 1010 x-amz-cf-id 6_FavNypgemRAouB81JHtvvBCe5ITkNMR8XnDKeA-WTPGg-fKkWlJg==
GET H2	200	ct Show response d3vv4txqnrv4po.cloudfront.net/public/ Frame D06F	26 KB 26 KB	419ms 418ms	Document text/html	2600:9000:210b:3800:18:9670:2700:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3vv4txqnrv4po.cloudfront.net/public/ct?cpguid=hsf0h36hk&s1=jiroluger&it=2285171&w=1600&h=1200&key=84010&m=0&r= Requested by Host: d15skjf5hy9xr6.cloudfront.net URL: https://d15skjf5hy9xr6.cloudfront.net/XgDdOD.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:210b:3800:18:9670:2700:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 3cb08ae6a0783d2612395e3680b91773a33bb4681a5aa51c791bb43dee18f3bd Request headers Referer https://bringsal1.site/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control no-cache, no-transform content-type text/html; charset=UTF-8 date Thu, 15 Jun 2023 15:17:22 GMT expires Sat, 26 Jul 1997 05:00:00 GMT pragma no-cache server Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 via 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront) x-amz-cf-id Dmwwug5CxIiEimjo_4PnBfbZccN41u9wCm8FEDeS5k5bcOguFAgRBA== x-amz-cf-pop EWR53-C3 x-cache Miss from cloudfront x-powered-by PHP/7.4.11
GET H2	200	guid Show response d3vv4txqnrv4po.cloudfront.net/public/	0 276 B	366ms 365ms	Script text/html	2600:9000:210b:3800:18:9670:2700:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3vv4txqnrv4po.cloudfront.net/public/guid?cpguid=hsf0h36hk&s1=jiroluger&e=ll&t=1686842242247 Requested by Host: d15skjf5hy9xr6.cloudfront.net URL: https://d15skjf5hy9xr6.cloudfront.net/XgDdOD.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:210b:3800:18:9670:2700:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://bringsal1.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 15:17:22 GMT via 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop EWR53-C3 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 0 x-amz-cf-id 8PEigSqMfFpKR26gpQTTqavdQnLY7MLVstZxyFN-8b_hBiA-ne6ZTQ==
GET H2	200	font-awesome.min.css d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/fa/css/ Frame D06F	28 KB 29 KB	193ms 54ms	Stylesheet text/css	2600:9000:2512:bc00:1c:b3e3:eb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d13pxqgp3ixdbh.cloudfront.net/assets/landing_pages/fa/css/font-awesome.min.css Requested by Host: d3vv4txqnrv4po.cloudfront.net URL: https://d3vv4txqnrv4po.cloudfront.net/public/ct?cpguid=hsf0h36hk&s1=jiroluger&it=2285171&w=1600&h=1200&key=84010&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2512:bc00:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Wed, 14 Jun 2023 19:13:50 GMT x-amz-version-id null via 1.1 8f060aa38a518e1d4516e68318e81658.cloudfront.net (CloudFront) last-modified Mon, 30 Jan 2017 06:33:55 GMT server AmazonS3 x-amz-cf-pop JFK50-P7 age 72213 etag "4083f5d376eb849a458cc790b53ba080" x-cache Hit from cloudfront content-type text/css accept-ranges bytes content-length 29063 x-amz-cf-id zUtnGWtYYd37Nk1NZ7YKZT7HmquFvIEPrbTsK4BCLojOpGP9F-s6jw==
GET H2	200	css2 fonts.googleapis.com/ Frame D06F	418 B 389 B	209ms 70ms	Stylesheet text/css	2607:f8b0:4006:824::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Rochester&display=swap Requested by Host: d3vv4txqnrv4po.cloudfront.net URL: https://d3vv4txqnrv4po.cloudfront.net/public/ct?cpguid=hsf0h36hk&s1=jiroluger&it=2285171&w=1600&h=1200&key=84010&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::200a Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c9e27285c0482228a11bc89ea49e44241dd11e3ab96071874ddf62aa8b249b0e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 15 Jun 2023 15:17:22 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 15 Jun 2023 15:17:22 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 15 Jun 2023 15:17:22 GMT
GET H2	200	css2 fonts.googleapis.com/ Frame D06F	1 KB 903 B	202ms 64ms	Stylesheet text/css	2607:f8b0:4006:824::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Caveat&display=swap Requested by Host: d3vv4txqnrv4po.cloudfront.net URL: https://d3vv4txqnrv4po.cloudfront.net/public/ct?cpguid=hsf0h36hk&s1=jiroluger&it=2285171&w=1600&h=1200&key=84010&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::200a Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 025226b18ca31651d97864572dcfd3bab8c289dda633a934eedf5e27405d130a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 15 Jun 2023 15:17:22 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 15 Jun 2023 14:38:05 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 15 Jun 2023 15:17:22 GMT
GET H2	200	1612865763e3fe55bd6cb84f58451f9d59e999450f.png d13pxqgp3ixdbh.cloudfront.net/uploads/ Frame D06F	56 KB 56 KB	146ms 138ms	Image image/png	2600:9000:2512:bc00:1c:b3e3:eb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d13pxqgp3ixdbh.cloudfront.net/uploads/1612865763e3fe55bd6cb84f58451f9d59e999450f.png Requested by Host: d3vv4txqnrv4po.cloudfront.net URL: https://d3vv4txqnrv4po.cloudfront.net/public/ct?cpguid=hsf0h36hk&s1=jiroluger&it=2285171&w=1600&h=1200&key=84010&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2512:bc00:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 79272c0b4d73596a13312ba60f6c797ee352e6bc32ebf5d87f68b6c86afee12c Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-amz-version-id ZzJ1NM6Q4qeoXXpT7MUJ7WOHfsylhCF6 date Thu, 15 Jun 2023 12:15:45 GMT via 1.1 8f060aa38a518e1d4516e68318e81658.cloudfront.net (CloudFront) last-modified Tue, 09 Feb 2021 10:16:04 GMT server AmazonS3 x-amz-cf-pop JFK50-P7 age 10898 etag "6b1dcbb042d92ed0e202ae6b38f5e682" x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 57088 x-amz-cf-id DPNEMRFUd1Fm1OB3DGRcOesbH7LROkt-p-Jjgf-iiV-mD6qlDoiwAw==
GET H2	200	161259242059a642d77e59012c30ee37046eda2d60.gif d13pxqgp3ixdbh.cloudfront.net/uploads/ Frame D06F	53 KB 53 KB	121ms 113ms	Image image/gif	2600:9000:2512:bc00:1c:b3e3:eb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d13pxqgp3ixdbh.cloudfront.net/uploads/161259242059a642d77e59012c30ee37046eda2d60.gif Requested by Host: d3vv4txqnrv4po.cloudfront.net URL: https://d3vv4txqnrv4po.cloudfront.net/public/ct?cpguid=hsf0h36hk&s1=jiroluger&it=2285171&w=1600&h=1200&key=84010&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2512:bc00:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 95a527dace73f97a884967696583538d29fa71514d31e379810f56f7d9548516 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-amz-version-id MmPXSI9hDbUSvOOD8HegKScic_4cvcXH date Thu, 15 Jun 2023 09:14:35 GMT via 1.1 8f060aa38a518e1d4516e68318e81658.cloudfront.net (CloudFront) last-modified Sat, 06 Feb 2021 06:20:21 GMT server AmazonS3 x-amz-cf-pop JFK50-P7 age 21768 etag "b1d00e41302621e64cb69520218689ba" x-cache Hit from cloudfront content-type image/gif accept-ranges bytes content-length 54347 x-amz-cf-id UwaJgsCnLIy5atL51TeP8FmoithqjHHUD6bQd_SkbAJ3EgH7hgSaCw==
GET H2	200	guid.js Show response d3vv4txqnrv4po.cloudfront.net/public/external/ Frame D06F	862 B 1 KB	126ms 125ms	Script application/javascript	2600:9000:210b:3800:18:9670:2700:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3vv4txqnrv4po.cloudfront.net/public/external/guid.js Requested by Host: d3vv4txqnrv4po.cloudfront.net URL: https://d3vv4txqnrv4po.cloudfront.net/public/ct?cpguid=hsf0h36hk&s1=jiroluger&it=2285171&w=1600&h=1200&key=84010&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:210b:3800:18:9670:2700:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash e1996013bea18595368a7d2452d2a96a8a66b59bd08cde2935e36ffa0f985fda Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 15:17:22 GMT via 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront) last-modified Tue, 11 Aug 2020 19:47:27 GMT server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop EWR53-C3 etag "35e-5ac9f574655f4" x-cache Miss from cloudfront content-type application/javascript accept-ranges bytes content-length 862 x-amz-cf-id N2Q8559BYRKWhp277SpZGUKm4Yi4OJc-L4uTgGVZuqw21ZNiN7RuUg==
GET H2	200	t.js Show response d3vv4txqnrv4po.cloudfront.net/public/external/ Frame D06F	2 KB 2 KB	204ms 203ms	Script application/javascript	2600:9000:210b:3800:18:9670:2700:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3vv4txqnrv4po.cloudfront.net/public/external/t.js Requested by Host: d3vv4txqnrv4po.cloudfront.net URL: https://d3vv4txqnrv4po.cloudfront.net/public/ct?cpguid=hsf0h36hk&s1=jiroluger&it=2285171&w=1600&h=1200&key=84010&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:210b:3800:18:9670:2700:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash fff2c7e238400b24472e5d6c529d7f625ec50ec4383ac23d33ca05d9c1f07a7d Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 15:17:22 GMT via 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront) last-modified Tue, 21 Jul 2020 08:43:38 GMT server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop EWR53-C3 etag "696-5aaef9ea142f5" x-cache Miss from cloudfront content-type application/javascript accept-ranges bytes content-length 1686 x-amz-cf-id OiR_Odg2LmDD91JkYou2EZdhbhLfFRUVJ7Pr6LAxHktMV-4uiRZM3A==
GET H2	200	jquery.js Show response d13pxqgp3ixdbh.cloudfront.net/assets/content_lockers/ Frame D06F	95 KB 95 KB	63ms 59ms	Script application/x-javascript	2600:9000:2512:bc00:1c:b3e3:eb40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d13pxqgp3ixdbh.cloudfront.net/assets/content_lockers/jquery.js Requested by Host: d3vv4txqnrv4po.cloudfront.net URL: https://d3vv4txqnrv4po.cloudfront.net/public/ct?cpguid=hsf0h36hk&s1=jiroluger&it=2285171&w=1600&h=1200&key=84010&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2512:bc00:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1711e89a5ab3f0e2d009ab6b171bc8869acd8dd0da785e0dfe60c9c0bca48c6c Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers x-amz-version-id null date Thu, 15 Jun 2023 12:54:25 GMT via 1.1 8f060aa38a518e1d4516e68318e81658.cloudfront.net (CloudFront) last-modified Mon, 30 Jan 2017 06:33:55 GMT server AmazonS3 x-amz-cf-pop JFK50-P7 age 16785 etag "7faa5fa0b997277a94a3c3b02d8be514" x-cache Hit from cloudfront content-type application/x-javascript accept-ranges bytes content-length 97174 x-amz-cf-id qlnE64-GVESSgiFzw25QCdGEU1Gsj5VrbDQ77kB_w_XSp026n0D-vg==
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame D06F	51 KB 21 KB	274ms 44ms	Script text/javascript	2607:f8b0:4006:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: d3vv4txqnrv4po.cloudfront.net URL: https://d3vv4txqnrv4po.cloudfront.net/public/ct?cpguid=hsf0h36hk&s1=jiroluger&it=2285171&w=1600&h=1200&key=84010&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 15 Jun 2023 14:11:08 GMT last-modified Mon, 17 Apr 2023 22:36:01 GMT server Golfe2 age 3975 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20737 expires Thu, 15 Jun 2023 16:11:08 GMT
GET H2	200	check.php Show response d3vv4txqnrv4po.cloudfront.net/public/external/ Frame D06F	78 B 371 B	213ms 205ms	Script application/javascript	2600:9000:210b:3800:18:9670:2700:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3vv4txqnrv4po.cloudfront.net/public/external/check.php?time=1686842242854&it=2285171 Requested by Host: d3vv4txqnrv4po.cloudfront.net URL: https://d3vv4txqnrv4po.cloudfront.net/public/ct?cpguid=hsf0h36hk&s1=jiroluger&it=2285171&w=1600&h=1200&key=84010&m=0&r= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:210b:3800:18:9670:2700:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 15:17:23 GMT via 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop EWR53-C3 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 78 x-amz-cf-id 2SNpec0BmonLS717tDZOwRt8gvDqiC7X7DSfB8-_qgkMN6RROruKXw==
GET H2	200	6ae-4KCqVa4Zy6Fif-UC2FHX.woff2 fonts.gstatic.com/s/rochester/v18/ Frame D06F	19 KB 20 KB	252ms 45ms	Font font/woff2	2607:f8b0:4006:823::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rochester/v18/6ae-4KCqVa4Zy6Fif-UC2FHX.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Rochester&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2003 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92445f666197e1b36fcfc27229933dd7c3162932a24b1b836b830335faf04980 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://d3vv4txqnrv4po.cloudfront.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 10 Jun 2023 16:09:34 GMT x-content-type-options nosniff age 428869 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19676 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:33:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 09 Jun 2024 16:09:34 GMT
GET H2	200	WnznHAc5bAfYB2QRah7pcpNvOx-pjfJ9eIWpYQ.woff2 fonts.gstatic.com/s/caveat/v17/ Frame D06F	47 KB 47 KB	268ms 61ms	Font font/woff2	2607:f8b0:4006:823::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/caveat/v17/WnznHAc5bAfYB2QRah7pcpNvOx-pjfJ9eIWpYQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Caveat&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:823::2003 Flushing, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d048e18c5335f654acb5a76c853bd08f216312c5ca3153965c767499fc082ea9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://d3vv4txqnrv4po.cloudfront.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 10 Jun 2023 16:06:49 GMT x-content-type-options nosniff age 429034 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47832 x-xss-protection 0 last-modified Fri, 24 Jun 2022 19:31:34 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 09 Jun 2024 16:06:49 GMT
GET H2	200	impression.php Show response d3vv4txqnrv4po.cloudfront.net/public/external/	10 B 306 B	123ms 122ms	Script text/html	2600:9000:210b:3800:18:9670:2700:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3vv4txqnrv4po.cloudfront.net/public/external/impression.php?it=2285171&time=1686842243240 Requested by Host: d15skjf5hy9xr6.cloudfront.net URL: https://d15skjf5hy9xr6.cloudfront.net/XgDdOD.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:210b:3800:18:9670:2700:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 3efc61bcf3a2a65c875e501412e9db8b00b4b554e4351e01fab46c2793e87b3d Request headers accept-language en-US,en;q=0.9 Referer https://bringsal1.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 15:17:23 GMT via 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop EWR53-C3 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 10 x-amz-cf-id Zb-OwtZZhVW-5LgBhAHepRKRSyjgBEzxcX3_xzno2WVvu22BE4h_HQ==
GET H2	200	guid Show response d3vv4txqnrv4po.cloudfront.net/public/	0 276 B	204ms 204ms	Script text/html	2600:9000:210b:3800:18:9670:2700:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3vv4txqnrv4po.cloudfront.net/public/guid?cpguid=hsf0h36hk&s1=jiroluger&e=opl&t=1686842243241 Requested by Host: d15skjf5hy9xr6.cloudfront.net URL: https://d15skjf5hy9xr6.cloudfront.net/XgDdOD.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:210b:3800:18:9670:2700:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://bringsal1.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 15:17:23 GMT via 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop EWR53-C3 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 0 x-amz-cf-id KmljmOTtN4f6J3cClDVE93zx2iiQQCBI19XEba2evgYncJuDUNAUQg==
GET H2	200	check.php Show response d3vv4txqnrv4po.cloudfront.net/public/external/	78 B 371 B	128ms 125ms	Script application/javascript	2600:9000:210b:3800:18:9670:2700:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3vv4txqnrv4po.cloudfront.net/public/external/check.php?it=2285171&time=1686842243687 Requested by Host: d15skjf5hy9xr6.cloudfront.net URL: https://d15skjf5hy9xr6.cloudfront.net/XgDdOD.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:210b:3800:18:9670:2700:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b Request headers accept-language en-US,en;q=0.9 Referer https://bringsal1.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Thu, 15 Jun 2023 15:17:23 GMT via 1.1 1fe2d6bd2a09e1a135873d28f9feccb0.cloudfront.net (CloudFront) server Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop EWR53-C3 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 78 x-amz-cf-id FKW7xLafxVuNVJra-trTYcFm6nOrhleIRfmKK4UzDiTFJ5hD1EDUSw==

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bringsal1.site/	1970-01-20 12:48:26	Name: _cpguid Value: hsf0h36hk

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bringsal1.site
d13pxqgp3ixdbh.cloudfront.net
d15skjf5hy9xr6.cloudfront.net
d3vv4txqnrv4po.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
www.google-analytics.com
2600:9000:210b:3800:18:9670:2700:21
2600:9000:2510:6400:5:c5da:4880:21
2600:9000:2512:bc00:1c:b3e3:eb40:21
2606:4700:3030::ac43:d3c5
2607:f8b0:4006:80f::200e
2607:f8b0:4006:823::2003
2607:f8b0:4006:824::200a
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
025226b18ca31651d97864572dcfd3bab8c289dda633a934eedf5e27405d130a
09802b6a3d31c56182e0203cb65771475fba274922d4d3dad7d4309037c20cf3
1711e89a5ab3f0e2d009ab6b171bc8869acd8dd0da785e0dfe60c9c0bca48c6c
3cb08ae6a0783d2612395e3680b91773a33bb4681a5aa51c791bb43dee18f3bd
3efc61bcf3a2a65c875e501412e9db8b00b4b554e4351e01fab46c2793e87b3d
5df6a4c41b0551b4a46bd95558d5898d89003c32e932d790ff9ae29bbd51045f
79272c0b4d73596a13312ba60f6c797ee352e6bc32ebf5d87f68b6c86afee12c
92445f666197e1b36fcfc27229933dd7c3162932a24b1b836b830335faf04980
95a527dace73f97a884967696583538d29fa71514d31e379810f56f7d9548516
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a28be45144d377ab16527a8b5d2d60fae4d780f9dec17e4327567ad90482f293
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
c9e27285c0482228a11bc89ea49e44241dd11e3ab96071874ddf62aa8b249b0e
d048e18c5335f654acb5a76c853bd08f216312c5ca3153965c767499fc082ea9
e1996013bea18595368a7d2452d2a96a8a66b59bd08cde2935e36ffa0f985fda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
fff2c7e238400b24472e5d6c529d7f625ec50ec4383ac23d33ca05d9c1f07a7d