ypoccgold.groupfire.com Open in urlscan Pro
65.9.95.31 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://url9669.groupfire.com/ls/click?upn=U-2BWhr6B2h8eb7FLUtDlMsOG4gS1izTo-2FSyXqY3pnoqCuBlS-2FP9sXgc7OlajbxeXnXjT61jbH7eOc-...
Effective URL:
https://ypoccgold.groupfire.com/
Submission: On January 03 via manual (January 3rd 2024, 7:49:50 pm UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 15 HTTP transactions. The main IP is 65.9.95.31, located in United States and belongs to AMAZON-02, US. The main domain is ypoccgold.groupfire.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 29th 2023. Valid for: a year.

This is the only time ypoccgold.groupfire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.120 167.89.115.120	11377 (SENDGRID) (SENDGRID)
6	65.9.95.31 65.9.95.31	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3038::6815:eaea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2600:9000:212... 2600:9000:2127:4c00:15:a6a9:1600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.219.113.153 52.219.113.153	16509 (AMAZON-02) (AMAZON-02)
15	6

1 167.89.115.120 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x120.outbound-mail.sendgrid.net

url9669.groupfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.9.95.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-31.prg50.r.cloudfront.net

ypoccgold.groupfire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eaea (United States)

ASN13335 (CLOUDFLARENET, US)

rsms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2127:4c00:15:a6a9:1600:93a1 (United States)

ASN16509 (AMAZON-02, US)

ypoccgold.back4app.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.113.153 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-w.amazonaws.com

production-mobilize.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	groupfire.com 1 redirects url9669.groupfire.com ypoccgold.groupfire.com	1 MB
3	back4app.io ypoccgold.back4app.io	9 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	3 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 395	10 KB
1	amazonaws.com production-mobilize.s3.amazonaws.com	139 KB
1	rsms.me rsms.me — Cisco Umbrella Rank: 21908
15	6

	Domain	Requested by
6	ypoccgold.groupfire.com	ypoccgold.groupfire.com
3	ypoccgold.back4app.io	ypoccgold.groupfire.com
2	fonts.googleapis.com	ypoccgold.groupfire.com
2	cdnjs.cloudflare.com	ypoccgold.groupfire.com
1	production-mobilize.s3.amazonaws.com	ypoccgold.groupfire.com
1	rsms.me	ypoccgold.groupfire.com
1	url9669.groupfire.com	1 redirects
15	7

This site contains no links.

Subject Issuer	Validity	Valid
*.groupfire.com Amazon RSA 2048 M02	`2023-11-29` - `2024-12-27`	a year	crt.sh
rsms.me E1	`2023-12-29` - `2024-03-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.back4app.io Amazon RSA 2048 M03	`2023-08-09` - `2024-09-05`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh

This page contains 1 frames:

Primary Page: https://ypoccgold.groupfire.com/
Frame ID: 784C9025CD5E411473EA6F47825ABDD3
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login | YPOCCGold

Page URL History Show full URLs

http://url9669.groupfire.com/ls/click?upn=U-2BWhr6B2h8eb7FLUtDlMsOG4gS1izTo-2FSyXqY3pnoqCuBlS-2FP9sXgc7Ol... HTTP 302
https://ypoccgold.groupfire.com/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

Page Statistics

15
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

1450 kB
Transfer

5262 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://url9669.groupfire.com/ls/click?upn=U-2BWhr6B2h8eb7FLUtDlMsOG4gS1izTo-2FSyXqY3pnoqCuBlS-2FP9sXgc7OlajbxeXnXjT61jbH7eOc-2FA-2FXX-2FM9g30PZ1MhyKIVY0q8T4UO2zRm4h2H53fgF9wqMnUO5ecVzTj0_RFKF4R8qbXCXymrd0CABoqtAPCoQ5BmrKVZpTDvIw7U81NjrzEpUyN2oC1HtE5NTs2JBwq9HFLjAPiMCDOPPKt-2FL-2Fq55EPgQmLkEBVeRWyb-2Bqz-2Fut75hnTBExiEDUfLbpLbnmhI24HvNXxRHoKE9qm2cy3LDMIm-2BHww2GirHq2Cyq3O8sx3fY4ArAMBZztEAK4Xb-2F-2FBNPyTkXbQ7DqLErzs4cKugqXK36NTIbbA-2BUzFTzf8FZpdTlsNCFWsNnhpFusm15jNytZH0YOX8ch-2FZoXN4rSknTkAcxGLB15xYpj6BFHgASzbs9UxdKRTIhjPiCA9fmAL1vGTkSau8wfHfZHG-2FdoTGd2C5SB4rthTvDkbWIAgucAj1WCFu-2BcEqTiElZLiIsVcQLUjZlRsDUV4fGA-3D-3D HTTP 302
https://ypoccgold.groupfire.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ypoccgold.groupfire.com/
Redirect Chain

http://url9669.groupfire.com/ls/click?upn=U-2BWhr6B2h8eb7FLUtDlMsOG4gS1izTo-2FSyXqY3pnoqCuBlS-2FP9sXgc7OlajbxeXnXjT61jbH7eOc-2FA-2FXX-2FM9g30PZ1MhyKIVY0q8T4UO2zRm4h2H53fgF9wqMnUO5ecVzTj0_RFKF4R8qbX...
https://ypoccgold.groupfire.com/

3 KB
2 KB

946ms
792ms

Document
text/html

65.9.95.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ypoccgold.groupfire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-31.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 284cb5be6f55a0de0ffe49c349edcdd4603d2a31409141d987822aafff004f6c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 03 Jan 2024 19:49:43 GMT
etag: W/"a66643782dba685dca1a05ad9a5fc1cb"
last-modified: Wed, 09 Feb 2022 05:55:41 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
x-amz-cf-id: HmejRG1xR0pjYIOlKnNt8UbiREvouqxXTRv2uoprkXRCZHYXfZQREA==
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront

Redirect headers

Connection: keep-alive
Content-Length: 103
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Jan 2024 19:49:41 GMT
Location: https://ypoccgold.groupfire.com/#/payment-alert-detail/zYQiXkYyBO?uid=Chdg1Gqgt9
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 404 inter-ui.css
rsms.me/inter/ 0
0 66ms
23ms Stylesheet
text/html 2606:4700:3038::6815:eaea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/inter-ui.css
Requested by: Host: ypoccgold.groupfire.com
URL: https://ypoccgold.groupfire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eaea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ypoccgold.groupfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 simple-line-icons.css
cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/ 13 KB
3 KB 34ms
16ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/simple-line-icons/2.4.1/css/simple-line-icons.css

Requested by

Host: ypoccgold.groupfire.com
URL: https://ypoccgold.groupfire.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab9f855e542893de23c7b7e4897eb91066c9dbbfeaa1b1fa73a826867833b4b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ypoccgold.groupfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:49:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1735262
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2217
last-modified: Mon, 04 May 2020 16:16:18 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd2-329e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rq4%2BBzjphrzi%2BrxPB7NnYcvxcXZ7RaTMECpHKEJteVpM2cvkSGJzyZgsCBEjwL9rgd1FBQU3OsryqjXUIvSDBtyc8QVw1oActLebq6UCDaMcMzAqUNl0ME7AhTKgvck7XpEfCZ1zEWP1PxmzhofcqTy"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83fdc43fdaf918af-FRA
expires: Mon, 23 Dec 2024 19:49:43 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 44ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: ypoccgold.groupfire.com
URL: https://ypoccgold.groupfire.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ypoccgold.groupfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Jan 2024 19:49:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 19:49:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Jan 2024 19:49:43 GMT

GET
H2 200 2.06475605.chunk.css
ypoccgold.groupfire.com/static/css/ 116 KB
38 KB 721ms
720ms Stylesheet
text/css 65.9.95.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ypoccgold.groupfire.com/static/css/2.06475605.chunk.css
Requested by: Host: ypoccgold.groupfire.com
URL: https://ypoccgold.groupfire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-31.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d9c34bce500d28e629059b412fc7cdad65679f9f0ebc8f0bc3c439821f07640

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ypoccgold.groupfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:49:44 GMT
content-encoding: gzip
via: 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 05:55:41 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: W/"442eeb44472f7573d0a473cecd6bf5f8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: duusG_8Yn-hTM92Xoym2bXtk2UBOcKP-tBrLQ8hbZwbrZH9ZOQ3JgA==

GET
H2 200 main.c1fd46ef.chunk.css
ypoccgold.groupfire.com/static/css/ 243 KB
38 KB 741ms
740ms Stylesheet
text/css 65.9.95.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ypoccgold.groupfire.com/static/css/main.c1fd46ef.chunk.css
Requested by: Host: ypoccgold.groupfire.com
URL: https://ypoccgold.groupfire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-31.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69ca7261afb2d7e67e26d4481dc350df5b57d168f511edd8c32c5c91761da55b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ypoccgold.groupfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:49:44 GMT
content-encoding: gzip
via: 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 05:55:41 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: W/"f85ecd05a96ba02f5f78f2ecb2ac8df9"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: Hr3925wfy5dBA9ozy-ILxmyc_AWRctUdG5kqnGteqKibatOmBx75og==

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.3/umd/ 19 KB
7 KB 31ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.3/umd/popper.min.js

Requested by

Host: ypoccgold.groupfire.com
URL: https://ypoccgold.groupfire.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e95b881702116fa860c3e41ef7ebaac83c3ecf0db026aaae023b46671db74ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ypoccgold.groupfire.com/
Origin: https://ypoccgold.groupfire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:49:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3088342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6174
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4b24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9gdxa5h13yCVtfmH%2BLAcPS7%2BmekMiZm96nC1ILQdT9570I%2FxCjNgtPhAf2FsoFqDpVgCJbLZPSfotbIHUZ9cNdsQcnhz2ihF17OeeXhBqPI3Fqm%2B%2BOQHBtIGCVg1XQNc%2FqxPGliRkGf7FPZ5DL74NGgx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83fdc43fd9552bd6-FRA
expires: Mon, 23 Dec 2024 19:49:43 GMT

GET
H2 200 2.55857935.chunk.js Show response
ypoccgold.groupfire.com/static/js/ 3 MB
891 KB 749ms
749ms Script
application/javascript 65.9.95.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ypoccgold.groupfire.com/static/js/2.55857935.chunk.js
Requested by: Host: ypoccgold.groupfire.com
URL: https://ypoccgold.groupfire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-31.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 379b456e37bbee6344f293d90e4956b4d6f83110b4211601d9b1318ec2293e4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ypoccgold.groupfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:49:44 GMT
content-encoding: gzip
via: 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 05:55:41 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: W/"3540e290a712bb15abe2f5f7864583f3"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: n81wgz4IZjboQFtSp6-sMxw1I30XB2Ac48yc5E6UwID2ucPTGvwPHQ==

GET
H2 200 main.20d80f96.chunk.js Show response
ypoccgold.groupfire.com/static/js/ 1019 KB
255 KB 745ms
745ms Script
application/javascript 65.9.95.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ypoccgold.groupfire.com/static/js/main.20d80f96.chunk.js
Requested by: Host: ypoccgold.groupfire.com
URL: https://ypoccgold.groupfire.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-31.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0e2ee4d5affc683e0ee60986670ece4509d30d12b5b5b951829d8ed39d4cb7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ypoccgold.groupfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:49:44 GMT
content-encoding: gzip
via: 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 05:55:41 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: W/"9cf7376faef68f9ee57a98eb452f0f35"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: 6aMxek0h_wgqXsGGBlSjAZOvDNv5Qnm0IYU_rGnMsajdfIWPCtHo5w==

GET
H2 200 css
fonts.googleapis.com/ 17 KB
2 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700&display=swap

Requested by

Host: ypoccgold.groupfire.com
URL: https://ypoccgold.groupfire.com/static/css/main.c1fd46ef.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74d6cb4a2d2fcffe0efc528c81be5916b17b126eb18af8d4711d11f29cdaf92f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ypoccgold.groupfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Jan 2024 19:49:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 18:54:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Jan 2024 19:49:44 GMT

GET
H2 200 Roboto.df7b648c.ttf
ypoccgold.groupfire.com/static/media/ 123 KB
65 KB 742ms
742ms Font
font/ttf 65.9.95.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ypoccgold.groupfire.com/static/media/Roboto.df7b648c.ttf
Requested by: Host: ypoccgold.groupfire.com
URL: https://ypoccgold.groupfire.com/static/css/main.c1fd46ef.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-31.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bde8a188e37aa936b167aecc5e5a3da40262f6e51fd54c584f2cf2b6b99d96ca

Request headers

Referer: https://ypoccgold.groupfire.com/static/css/main.c1fd46ef.chunk.css
Origin: https://ypoccgold.groupfire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 19:49:46 GMT
content-encoding: gzip
via: 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 05:55:47 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
etag: W/"df7b648ce5356ea1ebce435b3459fd60"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: font/ttf
x-amz-cf-id: 4J-V7_QAwqVe4_dwlxmFFG-pq0i5zLKOf7V1UPBApRT7dAPo3z0w1w==

POST
H2 200 getAppSettings Show response
ypoccgold.back4app.io/functions/ 13 KB
5 KB 447ms
350ms XHR
application/json 2600:9000:2127:4c00:15:a6a9:1600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ypoccgold.back4app.io/functions/getAppSettings

Requested by

Host: ypoccgold.groupfire.com
URL: https://ypoccgold.groupfire.com/static/js/2.55857935.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:4c00:15:a6a9:1600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / Express

Resource Hash

de31e2bf9885a7e80c20791216cc88096feb82a6850175c9a2028424456dbb0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ypoccgold.groupfire.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Jan 2024 19:49:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
server: nginx
etag: W/"3501-cBr546ZegVJHOvLZHdSFZ5TwM7g"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Parse-Job-Status-Id, X-Parse-Push-Status-Id
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
access-control-allow-headers: DNT, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, X-Application-ID, X-Access-Token, X-Parse-Master-Key, X-Parse-REST-API-Key, X-Parse-Javascript-Key, X-Parse-Application-Id, X-Parse-Client-Version, X-Parse-Session-Token, X-Requested-With, X-Parse-Revocable-Session, X-CSRF-Token
x-amz-cf-id: MEVOBRVA8HC-7n-IUblu4prn7BoG9gSSOEU_qFoW2dmxTSewe-eV7g==

POST
H2 200 getAppConfigs Show response
ypoccgold.back4app.io/functions/ 3 KB
2 KB 407ms
310ms XHR
application/json 2600:9000:2127:4c00:15:a6a9:1600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ypoccgold.back4app.io/functions/getAppConfigs

Requested by

Host: ypoccgold.groupfire.com
URL: https://ypoccgold.groupfire.com/static/js/2.55857935.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:4c00:15:a6a9:1600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / Express

Resource Hash

3d90144e26cbc95e8741e5e368904e66112f764d7fd8cd7bd076a408a3018e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ypoccgold.groupfire.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Jan 2024 19:49:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
server: nginx
etag: W/"c61-/azhUpIDZNJsZB4iEmCnqdnTYMo"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Parse-Job-Status-Id, X-Parse-Push-Status-Id
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
access-control-allow-headers: DNT, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, X-Application-ID, X-Access-Token, X-Parse-Master-Key, X-Parse-REST-API-Key, X-Parse-Javascript-Key, X-Parse-Application-Id, X-Parse-Client-Version, X-Parse-Session-Token, X-Requested-With, X-Parse-Revocable-Session, X-CSRF-Token
x-amz-cf-id: wxddDlPLEdysctZj_Cczcp57XNHGR243eKKoRNbpMGQdhJpjFTIw0Q==

POST
H2 200 getFeatureSettings Show response
ypoccgold.back4app.io/functions/ 4 KB
2 KB 462ms
365ms XHR
application/json 2600:9000:2127:4c00:15:a6a9:1600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ypoccgold.back4app.io/functions/getFeatureSettings

Requested by

Host: ypoccgold.groupfire.com
URL: https://ypoccgold.groupfire.com/static/js/2.55857935.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:4c00:15:a6a9:1600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx / Express

Resource Hash

f9853acc456e2883c86796f95fdcc5faa9b24fcace4c9ae2453957875276e870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ypoccgold.groupfire.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Jan 2024 19:49:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
server: nginx
etag: W/"1075-iI+Cx+lHGmDBBxvjd4HcsrpocnY"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Parse-Job-Status-Id, X-Parse-Push-Status-Id
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
access-control-allow-headers: DNT, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, X-Application-ID, X-Access-Token, X-Parse-Master-Key, X-Parse-REST-API-Key, X-Parse-Javascript-Key, X-Parse-Application-Id, X-Parse-Client-Version, X-Parse-Session-Token, X-Requested-With, X-Parse-Revocable-Session, X-CSRF-Token
x-amz-cf-id: tYpkvAB0xgahXhbW7gwC6U8Ofx_BiZbSPfTEuDYuMFcGoabzZYZBFg==

GET
H/1.1 200
OK mini_magick20180910-16-179jjio.jpeg
production-mobilize.s3.amazonaws.com/uploads/ypoccgold/app_setting/ 139 KB
139 KB 719ms
274ms Image
image/jpeg 52.219.113.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://production-mobilize.s3.amazonaws.com/uploads/ypoccgold/app_setting/mini_magick20180910-16-179jjio.jpeg
Requested by: Host: ypoccgold.groupfire.com
URL: https://ypoccgold.groupfire.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.113.153 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f14893ad3072c2ebb8cf78b8203971cd4d0fb849ab20cd68a3aae7dfea9bebee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ypoccgold.groupfire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 19:49:47 GMT
Last-Modified: Mon, 10 Sep 2018 21:33:45 GMT
Server: AmazonS3
x-amz-request-id: 2FNSK0MY2EPB8627
ETag: "0f7a867bc4dd5e42bc2602129cb3144f"
Content-Type: image/jpeg
Cache-Control: max-age=315576000
Accept-Ranges: bytes
Content-Length: 142216
x-amz-id-2: qE9E5Wz33iF14Z9CYIlQ6lgHMbEpRn+MIfC93Qqt2pOvZmn4zA+9lkMFHOUeJ4K++MoFmkm3dA0=

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rsms.me/inter/inter-ui.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
production-mobilize.s3.amazonaws.com
rsms.me
url9669.groupfire.com
ypoccgold.back4app.io
ypoccgold.groupfire.com
167.89.115.120
2600:9000:2127:4c00:15:a6a9:1600:93a1
2606:4700:3038::6815:eaea
2606:4700::6811:180e
2a00:1450:4001:831::200a
52.219.113.153
65.9.95.31
284cb5be6f55a0de0ffe49c349edcdd4603d2a31409141d987822aafff004f6c
379b456e37bbee6344f293d90e4956b4d6f83110b4211601d9b1318ec2293e4c
3d90144e26cbc95e8741e5e368904e66112f764d7fd8cd7bd076a408a3018e1c
4d9c34bce500d28e629059b412fc7cdad65679f9f0ebc8f0bc3c439821f07640
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
69ca7261afb2d7e67e26d4481dc350df5b57d168f511edd8c32c5c91761da55b
74d6cb4a2d2fcffe0efc528c81be5916b17b126eb18af8d4711d11f29cdaf92f
8e95b881702116fa860c3e41ef7ebaac83c3ecf0db026aaae023b46671db74ce
ab9f855e542893de23c7b7e4897eb91066c9dbbfeaa1b1fa73a826867833b4b1
bde8a188e37aa936b167aecc5e5a3da40262f6e51fd54c584f2cf2b6b99d96ca
de31e2bf9885a7e80c20791216cc88096feb82a6850175c9a2028424456dbb0e
f0e2ee4d5affc683e0ee60986670ece4509d30d12b5b5b951829d8ed39d4cb7c
f14893ad3072c2ebb8cf78b8203971cd4d0fb849ab20cd68a3aae7dfea9bebee
f9853acc456e2883c86796f95fdcc5faa9b24fcace4c9ae2453957875276e870

ypoccgold.groupfire.com Open in urlscan Pro 65.9.95.31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

57 %IPv6

6 Domains

7 Subdomains

6 IPs

2 Countries

1450 kBTransfer

5262 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

ypoccgold.groupfire.com Open in urlscan Pro
65.9.95.31 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

1450 kB
Transfer

5262 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions