cashapp.omgthisproduct.com Open in urlscan Pro
2606:4700:3037::ac43:b143 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sh9d6.us/
Effective URL:
https://cashapp.omgthisproduct.com/?a=18&c=449&s1=SW-03-2-vz-14
Submission: On April 28 via manual (April 28th 2021, 1:46:49 pm UTC) from US

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3037::ac43:b143, located in United States and belongs to CLOUDFLARENET, US. The main domain is cashapp.omgthisproduct.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 22nd 2021. Valid for: a year.

This is the only time cashapp.omgthisproduct.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::6815:2fc6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700:303... 2606:4700:3037::ac43:b143	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	1

1 2606:4700:3035::6815:2fc6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sh9d6.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3037::ac43:b143 (United States)

ASN13335 (CLOUDFLARENET, US)

cashapp.omgthisproduct.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	omgthisproduct.com cashapp.omgthisproduct.com	101 KB
1	sh9d6.us 1 redirects sh9d6.us	754 B
13	2

	Domain	Requested by
13	cashapp.omgthisproduct.com	cashapp.omgthisproduct.com
1	sh9d6.us	1 redirects
13	2

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-22` - `2022-03-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://cashapp.omgthisproduct.com/?a=18&c=449&s1=SW-03-2-vz-14
Frame ID: 344511EC43D44DBB4E1AB89A405B13B5
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://sh9d6.us/ HTTP 301
https://cashapp.omgthisproduct.com/?a=18&c=449&s1=SW-03-2-vz-14 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

13
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

101 kB
Transfer

179 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sh9d6.us/ HTTP 301
https://cashapp.omgthisproduct.com/?a=18&c=449&s1=SW-03-2-vz-14 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response cashapp.omgthisproduct.com/ Redirect Chain http://sh9d6.us/ https://cashapp.omgthisproduct.com/?a=18&c=449&s1=SW-03-2-vz-14	19 KB 5 KB	167ms 139ms	Document text/html	2606:4700:3037::ac43:b143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cashapp.omgthisproduct.com/?a=18&c=449&s1=SW-03-2-vz-14 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:b143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `763e4f08e9f2f001971bb16f17357c6746e8f29782e616cca5ffeef3e4ba917c` Request headers :method GET :authority cashapp.omgthisproduct.com :scheme https :path /?a=18&c=449&s1=SW-03-2-vz-14 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Apr 2021 13:46:30 GMT content-type text/html set-cookie __cfduid=d177e04278e84e141d9b77566718bfd491619617590; expires=Fri, 28-May-21 13:46:30 GMT; path=/; domain=.omgthisproduct.com; HttpOnly; SameSite=Lax last-modified Mon, 22 Mar 2021 05:14:44 GMT cf-cache-status DYNAMIC cf-request-id 09ba544513000017720328c000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X60hDEgBCtT0ye5ONfMvK0w4S%2Fn%2BLjD5bkEzMHBgWv9JUFpX2xGUnyl729%2Fghwci0hhAV8KqcrejG1VdwCPaJyR4Ut4oOoRIACAk2HK7V9%2FmQU9xqEkG1agkhxbVpuk1IqlFeZN4Jw%3D%3D"}],"max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6470bcb4ee181772-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 Redirect headers Date Wed, 28 Apr 2021 13:46:30 GMT Transfer-Encoding chunked Connection keep-alive Cache-Control max-age=3600 Expires Wed, 28 Apr 2021 14:46:30 GMT Location https://cashapp.omgthisproduct.com/?a=18&c=449&s1=SW-03-2-vz-14 cf-request-id 09ba5444e30000c2ef298dd000000001 Report-To {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FXO%2F0EKKpkQKqVZXJkm2cOOaUQCuw1F8pdAHayihebWnIhae7q9Rfq1brIb6OkhE4IDSGzu6Mdm5mqbgLx8PKnVUPLyKO02RoVp4ESBbptDdUExhOg%3D%3D"}]} NEL {"max_age":604800,"report_to":"cf-nel"} Vary Accept-Encoding Server cloudflare CF-RAY 6470bcb49d70c2ef-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3-29	200	custom_style.css cashapp.omgthisproduct.com/css/	10 KB 3 KB	145ms 127ms	Stylesheet text/css	2606:4700:3037::ac43:b143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cashapp.omgthisproduct.com/css/custom_style.css Requested by Host: cashapp.omgthisproduct.com URL: https://cashapp.omgthisproduct.com/?a=18&c=449&s1=SW-03-2-vz-14 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:b143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cba7e9a65e59c62a6a4d4e9713e09d5415a4d9077a530cf51fc1747def97a248` Request headers :path /css/custom_style.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority cashapp.omgthisproduct.com cookie __cfduid=d177e04278e84e141d9b77566718bfd491619617590 :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Apr 2021 13:46:30 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 08 Jan 2021 19:52:24 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZQVkFJ4eC4SZmvLU1%2Bb4AMnzTb6JEnncPK1yegPSquuVXeuPlQ2hKPCCf%2F0wD9WZ5F1IOp581U0ApnMlSSD5qR9yhuojKo8vXAHvRpy4rcHA3DvP2of33zdbtS4L0FT0ZB0S7VJ7Cw%3D%3D"}],"max_age":604800} content-type text/css cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6470bcb61d8e4a8c-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09ba5445cd00004a8c980e2000000001
GET H3-29	200	en_date.js Show response cashapp.omgthisproduct.com/js/	1 KB 900 B	144ms 125ms	Script application/javascript	2606:4700:3037::ac43:b143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cashapp.omgthisproduct.com/js/en_date.js Requested by Host: cashapp.omgthisproduct.com URL: https://cashapp.omgthisproduct.com/?a=18&c=449&s1=SW-03-2-vz-14 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:b143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1999301c84d39ee8b6ea31d6b71f8de51a7470ea855b1080effcc67a2afe6136` Request headers :path /js/en_date.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority cashapp.omgthisproduct.com cookie __cfduid=d177e04278e84e141d9b77566718bfd491619617590 :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Apr 2021 13:46:30 GMT content-encoding br cf-cache-status REVALIDATED last-modified Mon, 13 Jul 2020 06:19:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t9CR3fWryOpgCUgrMEvnSxQ1ZaV3EVf2EyjisqmInRhtnOxg76bN%2Fe3wv%2FMDm4dzlijTZh03PzrXwaH9wh2nAEf7x29KdUqcxCZ7xLu7ZQC5c0%2F%2BYg%2BXIwmKtHht4zjRIa6TQdm%2Bew%3D%3D"}],"max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6470bcb61d924a8c-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09ba5445cf00004a8c9bb0b000000001
GET H3-29	200	jquery.min.js Show response cashapp.omgthisproduct.com/js/	95 KB 32 KB	147ms 128ms	Script application/javascript	2606:4700:3037::ac43:b143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cashapp.omgthisproduct.com/js/jquery.min.js Requested by Host: cashapp.omgthisproduct.com URL: https://cashapp.omgthisproduct.com/?a=18&c=449&s1=SW-03-2-vz-14 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:b143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3` Request headers :path /js/jquery.min.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority cashapp.omgthisproduct.com cookie __cfduid=d177e04278e84e141d9b77566718bfd491619617590 :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Apr 2021 13:46:30 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 08 Jan 2021 19:45:58 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JaKBwgt5OGM5scm3AyRUKMYq4cR4TdBxozK6j%2B3126s12y6Yo82yPIu7ulww57A8p6vHnwqv9CD5p2OYlA3AXXBC97MfxRYrNppCsMn9JD8B%2FTwk3TC1bYNf8a45SP8yn1LtLG9oAg%3D%3D"}],"max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 6470bcb61d914a8c-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 cf-request-id 09ba5445cd00004a8c8604b000000001
GET H3-29	200	box_c.png cashapp.omgthisproduct.com/img/	9 KB 9 KB	123ms 123ms	Image image/png	2606:4700:3037::ac43:b143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cashapp.omgthisproduct.com/img/box_c.png Requested by Host: cashapp.omgthisproduct.com URL: https://cashapp.omgthisproduct.com/?a=18&c=449&s1=SW-03-2-vz-14 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:b143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6b2c28e1e03c021256d67916384b83f706500edfa701080150d78bd9fab51bf2` Request headers :path /img/box_c.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority cashapp.omgthisproduct.com cookie __cfduid=d177e04278e84e141d9b77566718bfd491619617590 :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Apr 2021 13:46:30 GMT cf-cache-status REVALIDATED last-modified Mon, 13 Jul 2020 06:19:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yZn%2FJwAqQCxTFaPGXkhedfugVWRLyIm1jWICkW4nnVsuVbV2zLckzNvGsSlGJxEnJMx6WDsUaNmpIpolK4hzuUhRfhbaoAwrhY5PUrtAZWDg37wbVzzziPNd2Qez0VmxQgLYdjoRGQ%3D%3D"}],"max_age":604800} content-type image/png cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6470bcb6ded44a8c-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8814 cf-request-id 09ba54464b00004a8c7e81c000000001
GET H3-29	200	gift.gif cashapp.omgthisproduct.com/img/	15 KB 16 KB	129ms 128ms	Image image/gif	2606:4700:3037::ac43:b143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cashapp.omgthisproduct.com/img/gift.gif Requested by Host: cashapp.omgthisproduct.com URL: https://cashapp.omgthisproduct.com/?a=18&c=449&s1=SW-03-2-vz-14 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:b143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c4f1d8867d03d437694f1cac0c9df3a7f5006fb8df474023bfa1d78f88843ce8` Request headers :path /img/gift.gif pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority cashapp.omgthisproduct.com cookie __cfduid=d177e04278e84e141d9b77566718bfd491619617590 :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Apr 2021 13:46:30 GMT cf-cache-status REVALIDATED last-modified Mon, 13 Jul 2020 06:19:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sTLIqmqm%2FxZ5jgLgviKA%2F2DmQHwbNvs3CmhI4Jkv4DbV21W7iFF3pEEylp0P2KAp0XQIK06omf2evUg8Uwdh7ToFXtZ5ViJ056K%2FU%2BabDrqaib6YR%2FV8E6nxsf%2FsjmhzxYhiWD%2FZfg%3D%3D"}],"max_age":604800} content-type image/gif cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6470bcb6fefb4a8c-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15606 cf-request-id 09ba54465700004a8c702de000000001
GET H3-29	200	exit.png cashapp.omgthisproduct.com/img/	525 B 1 KB	136ms 135ms	Image image/png	2606:4700:3037::ac43:b143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cashapp.omgthisproduct.com/img/exit.png Requested by Host: cashapp.omgthisproduct.com URL: https://cashapp.omgthisproduct.com/?a=18&c=449&s1=SW-03-2-vz-14 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:b143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fdc34fd73310984f22db0235f635024c80a884c451322931892dd722567ceaaf` Request headers :path /img/exit.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority cashapp.omgthisproduct.com cookie __cfduid=d177e04278e84e141d9b77566718bfd491619617590 :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Apr 2021 13:46:31 GMT cf-cache-status REVALIDATED last-modified Mon, 13 Jul 2020 06:19:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6HmOoHUgLBWwVN0Dm4dshRdG0G7bVGr3WKPQgmjNHtRzRxOzq6io36hGdKIWS%2BMan5v6MjewoRt2JdiDIgdF%2FaEGHwxfguAyV19pBSWs4PSMRwgwladrh7JXVOhjD6Z%2FMQvj23lMMA%3D%3D"}],"max_age":604800} content-type image/png cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6470bcb71f3a4a8c-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 525 cf-request-id 09ba54466d00004a8c9f028000000001
GET H3-29	200	box_o_t.png cashapp.omgthisproduct.com/img/	2 KB 3 KB	123ms 122ms	Image image/png	2606:4700:3037::ac43:b143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cashapp.omgthisproduct.com/img/box_o_t.png Requested by Host: cashapp.omgthisproduct.com URL: https://cashapp.omgthisproduct.com/?a=18&c=449&s1=SW-03-2-vz-14 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:b143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f9e2740fb819e3748066a670f88ad743cfc3068d5ce2a99fbd1fa731537f6127` Request headers :path /img/box_o_t.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority cashapp.omgthisproduct.com cookie __cfduid=d177e04278e84e141d9b77566718bfd491619617590 :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Apr 2021 13:46:31 GMT cf-cache-status REVALIDATED last-modified Mon, 13 Jul 2020 06:19:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jvQAh87rtancnqUiqZ0870OQu3yxOcJ9jxbiK%2Fc%2BoWj0or%2BJyQcph7xtzWIe%2BAQIo3eq2WpN%2Fufq%2F%2F1HvZTCGssquDPiLLAMQfoj%2FFTFy6FTmxkqkI0tOJ%2FQiPwyAQOU1qH1jUZE6g%3D%3D"}],"max_age":604800} content-type image/png cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6470bcb71f3c4a8c-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2430 cf-request-id 09ba54466d00004a8c4d0ec000000001
GET H3-29	200	box_o_b.png cashapp.omgthisproduct.com/img/	3 KB 4 KB	127ms 126ms	Image image/png	2606:4700:3037::ac43:b143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cashapp.omgthisproduct.com/img/box_o_b.png Requested by Host: cashapp.omgthisproduct.com URL: https://cashapp.omgthisproduct.com/?a=18&c=449&s1=SW-03-2-vz-14 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:b143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ed16388bac328613e7ff4fa6933545b80a53cbcb528997e574a6f1b19f5aeeb2` Request headers :path /img/box_o_b.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority cashapp.omgthisproduct.com cookie __cfduid=d177e04278e84e141d9b77566718bfd491619617590 :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Apr 2021 13:46:31 GMT cf-cache-status REVALIDATED last-modified Mon, 13 Jul 2020 06:19:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UCNP0p%2F6XytKEEF2VrlDgiYTqGWxIDSS5KNDJwdqylW9sIZHfXbOe%2BscenIpo4f8gO%2BVl2XFxGXT9tmqEJSkJSaQxx1oKdGMeCzDPRjbLQieUwRs01V%2Filt2XciaHyTQT1AVV7WG2Q%3D%3D"}],"max_age":604800} content-type image/png cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6470bcb71f3e4a8c-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3394 cf-request-id 09ba54466d00004a8c7a101000000001
GET H3-29	200	hand_pp.png cashapp.omgthisproduct.com/img/	9 KB 10 KB	131ms 130ms	Image image/png	2606:4700:3037::ac43:b143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cashapp.omgthisproduct.com/img/hand_pp.png Requested by Host: cashapp.omgthisproduct.com URL: https://cashapp.omgthisproduct.com/?a=18&c=449&s1=SW-03-2-vz-14 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:b143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9aa69834456ec999b5305c0756728d5c6250d1214164e4b2b7d385d6c9cc7eb1` Request headers :path /img/hand_pp.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority cashapp.omgthisproduct.com cookie __cfduid=d177e04278e84e141d9b77566718bfd491619617590 :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Apr 2021 13:46:31 GMT cf-cache-status REVALIDATED last-modified Mon, 13 Jul 2020 06:19:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QKLdXk%2F8CKwGk3gWfBKY58sCd%2FHEB%2FQ3bFXyzhijgVvRJFPCg3wnlIrSWlhR64zEXjlNXkTYadtUR9kCMHm4RQHu4lfDy2J5LYF3Mg6TsHpNM%2BSL8rEqEpHWeyU6zZ6lk28WBqP7tA%3D%3D"}],"max_age":604800} content-type image/png cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6470bcb71f404a8c-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9594 cf-request-id 09ba54466d00004a8c6305b000000001
GET H3-29	200	box_o_t.png cashapp.omgthisproduct.com/img/	2 KB 3 KB	13ms 12ms	Image image/png	2606:4700:3037::ac43:b143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cashapp.omgthisproduct.com/img/box_o_t.png Requested by Host: cashapp.omgthisproduct.com URL: https://cashapp.omgthisproduct.com/?a=18&c=449&s1=SW-03-2-vz-14 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:b143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f9e2740fb819e3748066a670f88ad743cfc3068d5ce2a99fbd1fa731537f6127` Request headers :path /img/box_o_t.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority cashapp.omgthisproduct.com cookie __cfduid=d177e04278e84e141d9b77566718bfd491619617590 :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Apr 2021 13:46:31 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 0 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2430 cf-request-id 09ba54470000004a8c5ab7b000000001 last-modified Mon, 13 Jul 2020 06:19:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CTyr10w3rEiT4I1xDVfk1nDxYpHav1%2BRZmf8HmBIEeJQEW%2Fbqx%2BfdxJi8AH9k1kluZTHBnD5TjMQx%2F8uZVAr7prP3ip%2FCP%2FreVXD8GTzAhg3DaaU1q4e2n0tPGZqZyAUibdT2%2BC2EA%3D%3D"}],"max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6470bcb808fb4a8c-FRA
GET H3-29	200	box_o_b.png cashapp.omgthisproduct.com/img/	3 KB 4 KB	20ms 19ms	Image image/png	2606:4700:3037::ac43:b143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cashapp.omgthisproduct.com/img/box_o_b.png Requested by Host: cashapp.omgthisproduct.com URL: https://cashapp.omgthisproduct.com/?a=18&c=449&s1=SW-03-2-vz-14 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:b143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ed16388bac328613e7ff4fa6933545b80a53cbcb528997e574a6f1b19f5aeeb2` Request headers :path /img/box_o_b.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority cashapp.omgthisproduct.com cookie __cfduid=d177e04278e84e141d9b77566718bfd491619617590 :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Apr 2021 13:46:31 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 0 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3394 cf-request-id 09ba54470000004a8c8d33c000000001 last-modified Mon, 13 Jul 2020 06:19:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oWndC%2FTNfd1OiE8SDyzVzBEP9s9cBClobrnrahRQzkgdX1sZdXHdJj1UvurGz9C1qsTVhlrtwf4Utf2W8%2BLNIyVSieUCuVOLR2KQTLUueVlZ4yuVQCX3KE1T67B7iL0bFb54UQs6dw%3D%3D"}],"max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6470bcb808ff4a8c-FRA
GET H3-29	200	hand_pp.png cashapp.omgthisproduct.com/img/	9 KB 10 KB	27ms 27ms	Image image/png	2606:4700:3037::ac43:b143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cashapp.omgthisproduct.com/img/hand_pp.png Requested by Host: cashapp.omgthisproduct.com URL: https://cashapp.omgthisproduct.com/?a=18&c=449&s1=SW-03-2-vz-14 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:b143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9aa69834456ec999b5305c0756728d5c6250d1214164e4b2b7d385d6c9cc7eb1` Request headers :path /img/hand_pp.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority cashapp.omgthisproduct.com cookie __cfduid=d177e04278e84e141d9b77566718bfd491619617590 :scheme https sec-fetch-site same-origin :method GET Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 28 Apr 2021 13:46:31 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 0 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9594 cf-request-id 09ba54470300004a8c9c8e1000000001 last-modified Mon, 13 Jul 2020 06:19:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lxwczXA2OLVPPdGu3CKuO0RGtWVu0%2BpiyZx4QmOZb1EqoJRhQJVCZhXWFFZ6SDmlkrn590DvGTSPaJ7xVDA%2FU8jGnAytaxVxFbPHaMaIrNLbPN0L1Aebqj1prmwnWaEMLX%2BNmJJOFw%3D%3D"}],"max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 6470bcb809014a8c-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.omgthisproduct.com/	1970-01-19 18:36:49	Name: __cfduid Value: d177e04278e84e141d9b77566718bfd491619617590

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cashapp.omgthisproduct.com
sh9d6.us
2606:4700:3035::6815:2fc6
2606:4700:3037::ac43:b143
1999301c84d39ee8b6ea31d6b71f8de51a7470ea855b1080effcc67a2afe6136
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3
6b2c28e1e03c021256d67916384b83f706500edfa701080150d78bd9fab51bf2
763e4f08e9f2f001971bb16f17357c6746e8f29782e616cca5ffeef3e4ba917c
9aa69834456ec999b5305c0756728d5c6250d1214164e4b2b7d385d6c9cc7eb1
c4f1d8867d03d437694f1cac0c9df3a7f5006fb8df474023bfa1d78f88843ce8
cba7e9a65e59c62a6a4d4e9713e09d5415a4d9077a530cf51fc1747def97a248
ed16388bac328613e7ff4fa6933545b80a53cbcb528997e574a6f1b19f5aeeb2
f9e2740fb819e3748066a670f88ad743cfc3068d5ce2a99fbd1fa731537f6127
fdc34fd73310984f22db0235f635024c80a884c451322931892dd722567ceaaf

cashapp.omgthisproduct.com Open in urlscan Pro 2606:4700:3037::ac43:b143 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

101 kBTransfer

179 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

45 JavaScript Global Variables

1 Cookies

Indicators

cashapp.omgthisproduct.com Open in urlscan Pro
2606:4700:3037::ac43:b143 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

101 kB
Transfer

179 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!