appcake.xyz Open in urlscan Pro
46.165.223.4  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response appcake.xyz/gta-shark-cards/	10 KB 4 KB	183ms 31ms	Document text/html	46.165.223.4 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://appcake.xyz/gta-shark-cards/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 46.165.223.4 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS sharedserver12.host-stage-dns.com Software LiteSpeed / Resource Hash fa17664c0ed622f2968d28a9905336e7c4095dbe6ddac8a5e48b651c918f474f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 3369 content-type text/html date Sun, 04 Sep 2022 10:23:07 GMT last-modified Fri, 05 Aug 2022 04:38:55 GMT server LiteSpeed vary Accept-Encoding
GET H2	200	styles38603860.css appcake.xyz/gta-shark-cards/gift-images/maxed/	2 KB 746 B	61ms 59ms	Stylesheet text/css	46.165.223.4 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://appcake.xyz/gta-shark-cards/gift-images/maxed/styles38603860.css?v=1 Requested by Host: appcake.xyz URL: https://appcake.xyz/gta-shark-cards/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 46.165.223.4 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS sharedserver12.host-stage-dns.com Software LiteSpeed / Resource Hash ecad375d94c4acda2784c4c9fc6b7819af54bb52abb6b17862fdaf06ec5bbe76 Request headers accept-language de-DE,de;q=0.9 Referer https://appcake.xyz/gta-shark-cards/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers date Sun, 04 Sep 2022 10:23:07 GMT content-encoding br last-modified Mon, 17 Jun 2019 18:21:44 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 643 expires Sun, 11 Sep 2022 10:23:07 GMT
GET H2	200	jquery.min.js Show response appcake.xyz/gta-shark-cards/ajax.googleapis.com/ajax/libs/jquery/3.1.1/	85 KB 29 KB	63ms 61ms	Script application/javascript	46.165.223.4 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://appcake.xyz/gta-shark-cards/ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js Requested by Host: appcake.xyz URL: https://appcake.xyz/gta-shark-cards/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 46.165.223.4 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS sharedserver12.host-stage-dns.com Software LiteSpeed / Resource Hash 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Request headers accept-language de-DE,de;q=0.9 Referer https://appcake.xyz/gta-shark-cards/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers date Sun, 04 Sep 2022 10:23:07 GMT content-encoding br last-modified Wed, 21 Dec 2016 20:17:04 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 29150 expires Sun, 11 Sep 2022 10:23:07 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 1 KB	88ms 33ms	Stylesheet text/css	2a00:1450:400e:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Oswald Requested by Host: appcake.xyz URL: https://appcake.xyz/gta-shark-cards/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6cabeb492e3033b4a17fcc5a4ecb196849bafeaec5ed579b947ab4d3d2a05dfb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://appcake.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 04 Sep 2022 09:34:34 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 04 Sep 2022 10:23:07 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 04 Sep 2022 10:23:07 GMT
GET H2	200	all.css appcake.xyz/gta-shark-cards/use.fontawesome.com/releases/v5.4.2/css/	50 KB 10 KB	61ms 60ms	Stylesheet text/css	46.165.223.4 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://appcake.xyz/gta-shark-cards/use.fontawesome.com/releases/v5.4.2/css/all.css Requested by Host: appcake.xyz URL: https://appcake.xyz/gta-shark-cards/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 46.165.223.4 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS sharedserver12.host-stage-dns.com Software LiteSpeed / Resource Hash ed1c95c172406e0dbf564ec4035cffad26eb419cf9644ae04598dae9ae1724d6 Request headers Referer https://appcake.xyz/gta-shark-cards/ Origin https://appcake.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers date Sun, 04 Sep 2022 10:23:07 GMT content-encoding br last-modified Fri, 26 Oct 2018 23:14:30 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 10591 expires Sun, 11 Sep 2022 10:23:07 GMT
GET H2	200	bootstrap.min.js Show response appcake.xyz/gta-shark-cards/maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/	36 KB 9 KB	90ms 89ms	Script application/javascript	46.165.223.4 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://appcake.xyz/gta-shark-cards/maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js Requested by Host: appcake.xyz URL: https://appcake.xyz/gta-shark-cards/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 46.165.223.4 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS sharedserver12.host-stage-dns.com Software LiteSpeed / Resource Hash 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Request headers accept-language de-DE,de;q=0.9 Referer https://appcake.xyz/gta-shark-cards/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers date Sun, 04 Sep 2022 10:23:07 GMT content-encoding br last-modified Thu, 13 Dec 2018 20:33:52 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 9348 expires Sun, 11 Sep 2022 10:23:07 GMT
GET H2	200	bootstrap.min.css appcake.xyz/gta-shark-cards/maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/	119 KB 17 KB	62ms 61ms	Stylesheet text/css	46.165.223.4 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://appcake.xyz/gta-shark-cards/maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css Requested by Host: appcake.xyz URL: https://appcake.xyz/gta-shark-cards/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 46.165.223.4 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS sharedserver12.host-stage-dns.com Software LiteSpeed / Resource Hash 817c144a7de95c03dd00337f2e6c0011e9afa24044999d4c52615ee90a6765a8 Request headers accept-language de-DE,de;q=0.9 Referer https://appcake.xyz/gta-shark-cards/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers date Sun, 04 Sep 2022 10:23:07 GMT content-encoding br last-modified Thu, 13 Dec 2018 20:34:08 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 17743 expires Sun, 11 Sep 2022 10:23:07 GMT
GET H2	200	css fonts.googleapis.com/	3 KB 618 B	89ms 34ms	Stylesheet text/css	2a00:1450:400e:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Raleway:400,900 Requested by Host: appcake.xyz URL: https://appcake.xyz/gta-shark-cards/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d9b56c5dfceb688b3fcab1dfd6638f6be5ab87b3c10dff3f3f082eb2e3c20c48 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://appcake.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 04 Sep 2022 10:23:07 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 04 Sep 2022 10:23:07 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 04 Sep 2022 10:23:07 GMT
GET H2	200	d042753.js Show response d1se0epgzz0xac.cloudfront.net/	23 KB 7 KB	281ms 208ms	Script application/javascript	2600:9000:223e:b000:d:6e55:e100:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1se0epgzz0xac.cloudfront.net/d042753.js Requested by Host: appcake.xyz URL: https://appcake.xyz/gta-shark-cards/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:b000:d:6e55:e100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f0f2a573c8865ae8576b67d2a40ab1077a9e068c038447391d28db9ea98af931 Request headers accept-language de-DE,de;q=0.9 Referer https://appcake.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers date Sun, 04 Sep 2022 04:01:38 GMT content-encoding gzip last-modified Sat, 06 Aug 2022 10:17:17 GMT server AmazonS3 age 22890 etag W/"f35b39586568ca1063fc72edc92467c3" vary Accept-Encoding x-cache Error from cloudfront content-type application/javascript via 1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 x-amz-cf-id kA21BQ-qfzpVjM8L3t5DZ-s5DjjWVA7txo-uGxgZ_CGm-p9Iknh4Kg==
GET H3	200	logo.png appcake.xyz/gta-shark-cards/gift-images/maxed/	148 KB 148 KB	28ms 28ms	Image image/png	46.165.223.4 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Show image Full URL https://appcake.xyz/gta-shark-cards/gift-images/maxed/logo.png Requested by Host: appcake.xyz URL: https://appcake.xyz/gta-shark-cards/ Protocol H3 Security QUIC, , AES_128_GCM Server 46.165.223.4 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS sharedserver12.host-stage-dns.com Software LiteSpeed / Resource Hash 6b6ac09473d3ae4ec8e48ae077b50599e1855330ba5bfe7e23c578a40e9d53bc Request headers accept-language de-DE,de;q=0.9 Referer https://appcake.xyz/gta-shark-cards/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers date Sun, 04 Sep 2022 10:23:07 GMT last-modified Fri, 09 Aug 2019 16:49:50 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 151604 expires Sun, 11 Sep 2022 10:23:07 GMT
GET H3	200	verify.png appcake.xyz/	4 KB 4 KB	29ms 29ms	Image image/png	46.165.223.4 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Show image Full URL https://appcake.xyz/verify.png Requested by Host: appcake.xyz URL: https://appcake.xyz/gta-shark-cards/ Protocol H3 Security QUIC, , AES_128_GCM Server 46.165.223.4 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS sharedserver12.host-stage-dns.com Software LiteSpeed / Resource Hash 929f2abce2352fc3337a9a81ccf96ab76eaaa30235b77bac55c21885a040b859 Request headers accept-language de-DE,de;q=0.9 Referer https://appcake.xyz/gta-shark-cards/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers date Sun, 04 Sep 2022 10:23:07 GMT last-modified Tue, 02 Aug 2022 08:44:36 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 4464 expires Sun, 11 Sep 2022 10:23:07 GMT
GET H2	200	html.2870855.2725a.0.js Show response d35kbxc0t24sp8.cloudfront.net/public/external/v2/	10 KB 10 KB	238ms 186ms	Script application/javascript	2600:9000:225e:6a00:12:a4d0:1300:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d35kbxc0t24sp8.cloudfront.net/public/external/v2/html.2870855.2725a.0.js Requested by Host: d1se0epgzz0xac.cloudfront.net URL: https://d1se0epgzz0xac.cloudfront.net/d042753.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:6a00:12:a4d0:1300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 5f751a49e40b43dfb71aa80693cfde3547e28cc9710f1bb475f6abf50e0e7809 Request headers accept-language de-DE,de;q=0.9 Referer https://appcake.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers date Sun, 04 Sep 2022 10:23:07 GMT via 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id 2fnHazkqtDkPrYou-MBhSD6y9J8URRsg-vqEIQzyKEgaHCGGvYrChg==
GET H2	200	css_front.css d35kbxc0t24sp8.cloudfront.net/public/external/	6 KB 7 KB	225ms 174ms	Stylesheet text/css	2600:9000:225e:6a00:12:a4d0:1300:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d35kbxc0t24sp8.cloudfront.net/public/external/css_front.css Requested by Host: d1se0epgzz0xac.cloudfront.net URL: https://d1se0epgzz0xac.cloudfront.net/d042753.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:6a00:12:a4d0:1300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec Request headers accept-language de-DE,de;q=0.9 Referer https://appcake.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers date Sun, 04 Sep 2022 10:23:07 GMT via 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront) last-modified Tue, 23 Jun 2020 20:06:47 GMT server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 etag "19c4-5a8c5e62e9d0a" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 6596 x-amz-cf-id RgiL3aN7hR6VYPsGI02xU4AgU2KAEO2gyddWcTGA0MHOWI58O0iCWQ==
GET H3	200	select.png appcake.xyz/gta-shark-cards/gift-images/maxed/	362 B 405 B	27ms 27ms	Image image/png	46.165.223.4 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Show image Full URL https://appcake.xyz/gta-shark-cards/gift-images/maxed/select.png Requested by Host: appcake.xyz URL: https://appcake.xyz/gta-shark-cards/gift-images/maxed/styles38603860.css?v=1 Protocol H3 Security QUIC, , AES_128_GCM Server 46.165.223.4 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS sharedserver12.host-stage-dns.com Software LiteSpeed / Resource Hash d8591b93ad978d196a04e11b36484fc7cd41f9511ae3bc0810030c17dcff1831 Request headers accept-language de-DE,de;q=0.9 Referer https://appcake.xyz/gta-shark-cards/gift-images/maxed/styles38603860.css?v=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers date Sun, 04 Sep 2022 10:23:07 GMT last-modified Mon, 17 Jun 2019 18:21:32 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 362 expires Sun, 11 Sep 2022 10:23:07 GMT
GET H2	200	TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 fonts.gstatic.com/s/oswald/v49/	10 KB 10 KB	70ms 21ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Oswald Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://appcake.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers date Mon, 29 Aug 2022 21:05:42 GMT x-content-type-options nosniff age 479845 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9840 x-xss-protection 0 last-modified Mon, 18 Jul 2022 19:24:04 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 29 Aug 2023 21:05:42 GMT
GET H2	200	glyphicons-halflings-regular.woff2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/	18 KB 18 KB	84ms 41ms	Font font/woff2	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/fonts/glyphicons-halflings-regular.woff2 Requested by Host: appcake.xyz URL: https://appcake.xyz/gta-shark-cards/maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://appcake.xyz/ Origin https://appcake.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers date Sun, 04 Sep 2022 10:23:07 GMT x-content-type-options nosniff cf-cache-status MISS cdn-edgestorageid 864 access-control-allow-origin * cdn-proxyver 1.02 cdn-cachedat 08/20/2022 02:30:41 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 18028 timing-allow-origin * last-modified Mon, 25 Jan 2021 22:04:00 GMT server cloudflare cdn-requestpullcode 200 etag "448c34a56d699c29117adc64c43affeb" strict-transport-security max-age=31536000; includeSubDomains; preload content-type font/woff2 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid dd7e1e44e7f4a34a435f510ef68084e6 accept-ranges bytes cf-ray 74560208ddde928f-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 5 KB	86ms 24ms	Script application/javascript	46.105.201.240 OVH
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: appcake.xyz URL: https://appcake.xyz/gta-shark-cards/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.201.240 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers accept-language de-DE,de;q=0.9 Referer https://appcake.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers date Sun, 04 Sep 2022 10:15:24 GMT content-encoding br last-modified Thu, 16 Apr 2020 10:44:16 GMT x-cdn-pop-ip 137.74.120.0/27 etag "-375139978" x-cacheable Matched cache content-type application/javascript; charset=UTF-8 x-cdn-pop sbg accept-ranges bytes content-length 4364 x-request-id 779093085
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	50 B 184 B	340ms 110ms	Script text/html	192.99.8.27 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?3906868&@f16&@g1&@h1&@i1&@j1662286987714&@k0&@l1&@mGTA%20Online%20Shark%20Card%20Generator&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:162199000&@b3:1662286988&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fappcake.xyz%2Fgta-shark-cards%2F&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.99.8.27 , Canada, ASN16276 (OVH, FR), Reverse DNS ns500876.ip-192-99-8.net Software / Resource Hash da0663cc601417577cf79460972f94e9485c1d94918f0a0310828c5d17731c36 Request headers accept-language de-DE,de;q=0.9 Referer https://appcake.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers Date Sun, 04 Sep 2022 10:23:08 GMT Connection close Content-Length 50 Content-Type text/html;charset=UTF-8
GET H2	200	css.css d35kbxc0t24sp8.cloudfront.net/public/clockers/CustomButton/	1010 B 1 KB	170ms 169ms	Stylesheet text/css	2600:9000:225e:6a00:12:a4d0:1300:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d35kbxc0t24sp8.cloudfront.net/public/clockers/CustomButton/css.css Requested by Host: d1se0epgzz0xac.cloudfront.net URL: https://d1se0epgzz0xac.cloudfront.net/d042753.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:6a00:12:a4d0:1300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de Request headers accept-language de-DE,de;q=0.9 Referer https://appcake.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers date Sun, 04 Sep 2022 10:23:07 GMT via 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront) last-modified Fri, 10 Apr 2020 22:29:00 GMT server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 etag "3f2-5a2f7428ae907" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 1010 x-amz-cf-id JdVlUlsllI40x1_Wu51k8goH6RUBG-d_gv9Yvtjnbt5o03Yulc3oPg==
GET H2	200	guid Show response d35kbxc0t24sp8.cloudfront.net/public/	0 286 B	173ms 173ms	Script text/html	2600:9000:225e:6a00:12:a4d0:1300:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d35kbxc0t24sp8.cloudfront.net/public/guid?cpguid=x32leqig7&e=ll&t=1662286988596 Requested by Host: d1se0epgzz0xac.cloudfront.net URL: https://d1se0epgzz0xac.cloudfront.net/d042753.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:6a00:12:a4d0:1300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://appcake.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers date Sun, 04 Sep 2022 10:23:08 GMT via 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 0 x-amz-cf-id TMXKuafRa8e2AdIbjqJHUkL_3eY4QmN7MyIoe4Y1A_zkBYxQCg_lFw==
GET H2	200	check.php Show response d35kbxc0t24sp8.cloudfront.net/public/external/	78 B 372 B	178ms 178ms	Script application/javascript	2600:9000:225e:6a00:12:a4d0:1300:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d35kbxc0t24sp8.cloudfront.net/public/external/check.php?it=2870855&time=1662286989852 Requested by Host: d1se0epgzz0xac.cloudfront.net URL: https://d1se0epgzz0xac.cloudfront.net/d042753.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:6a00:12:a4d0:1300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b Request headers accept-language de-DE,de;q=0.9 Referer https://appcake.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36 Response headers date Sun, 04 Sep 2022 10:23:09 GMT via 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 78 x-amz-cf-id I9zHlKi7vKhlr3LucgEaenUlDOWjUtllKbzfzDbjAQpuDE6nHxoNmg==

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery boolean| devmode function| makeid function| og_converted object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			appcake.xyz/	1970-01-20 05:59:10	Name: _cpguid Value: x32leqig7
			appcake.xyz/	1970-01-20 14:30:22	Name: HstCfa3906868 Value: 1662286987714
			appcake.xyz/	1970-01-20 14:30:22	Name: HstCla3906868 Value: 1662286987714
			appcake.xyz/	1970-01-20 14:30:22	Name: HstCmu3906868 Value: 1662286987714
			appcake.xyz/	1970-01-20 14:30:22	Name: HstPn3906868 Value: 1
			appcake.xyz/	1970-01-20 14:30:22	Name: HstPt3906868 Value: 1
			appcake.xyz/	1970-01-20 14:30:22	Name: HstCnv3906868 Value: 1
			appcake.xyz/	1970-01-20 14:30:22	Name: HstCns3906868 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://appcake.xyz/gta-shark-cards/(Line 17) Message: Failed to find a valid digest in the 'integrity' attribute for resource 'https://appcake.xyz/gta-shark-cards/use.fontawesome.com/releases/v5.4.2/css/all.css' with computed SHA-384 integrity 'E1qZqDh1OxUb65sbqLrRZfMebEVUPQwd6hoWE+56Dld7ba7SD6YzGB7pwv7it1G4'. The resource has been blocked.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

appcake.xyz
d1se0epgzz0xac.cloudfront.net
d35kbxc0t24sp8.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
s10.histats.com
s4.histats.com
192.99.8.27
2600:9000:223e:b000:d:6e55:e100:21
2600:9000:225e:6a00:12:a4d0:1300:21
2606:4700::6812:acf
2a00:1450:4001:813::2003
2a00:1450:400e:801::200a
46.105.201.240
46.165.223.4
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5f751a49e40b43dfb71aa80693cfde3547e28cc9710f1bb475f6abf50e0e7809
6b6ac09473d3ae4ec8e48ae077b50599e1855330ba5bfe7e23c578a40e9d53bc
6cabeb492e3033b4a17fcc5a4ecb196849bafeaec5ed579b947ab4d3d2a05dfb
817c144a7de95c03dd00337f2e6c0011e9afa24044999d4c52615ee90a6765a8
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
929f2abce2352fc3337a9a81ccf96ab76eaaa30235b77bac55c21885a040b859
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
d8591b93ad978d196a04e11b36484fc7cd41f9511ae3bc0810030c17dcff1831
d9b56c5dfceb688b3fcab1dfd6638f6be5ab87b3c10dff3f3f082eb2e3c20c48
da0663cc601417577cf79460972f94e9485c1d94918f0a0310828c5d17731c36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecad375d94c4acda2784c4c9fc6b7819af54bb52abb6b17862fdaf06ec5bbe76
ed1c95c172406e0dbf564ec4035cffad26eb419cf9644ae04598dae9ae1724d6
f0f2a573c8865ae8576b67d2a40ab1077a9e068c038447391d28db9ea98af931
fa17664c0ed622f2968d28a9905336e7c4095dbe6ddac8a5e48b651c918f474f
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c