checkpointxxx.com
Open in
urlscan Pro
45.119.212.153
Malicious Activity!
Public Scan
Submission: On July 18 via manual from IL — Scanned from DE
Summary
This is the only time checkpointxxx.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Gaming (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 45.119.212.153 45.119.212.153 | 131423 (LVHN-AS-V...) (LVHN-AS-VN Branch of Long Van System Solution JSC - Hanoi) | |
2 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 151.101.112.193 151.101.112.193 | 54113 (FASTLY) (FASTLY) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
2 | 2a00:1450:400... 2a00:1450:4001:827::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2001:4860:480... 2001:4860:4802:36::178 | 15169 (GOOGLE) (GOOGLE) | |
13 | 7 |
ASN131423 (LVHN-AS-VN Branch of Long Van System Solution JSC - Hanoi, VN)
checkpointxxx.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
imgur.com
i.imgur.com — Cisco Umbrella Rank: 5687 |
53 KB |
3 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2603 www.google-analytics.com — Cisco Umbrella Rank: 69 |
20 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 101 |
110 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 258 |
11 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 695 |
82 KB |
1 |
checkpointxxx.com
checkpointxxx.com |
4 KB |
13 | 6 |
Domain | Requested by | |
---|---|---|
4 | i.imgur.com |
checkpointxxx.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | www.googletagmanager.com |
checkpointxxx.com
www.googletagmanager.com |
2 | cdnjs.cloudflare.com |
checkpointxxx.com
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | code.jquery.com |
checkpointxxx.com
|
1 | checkpointxxx.com | |
13 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-08 - 2023-03-16 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-06-27 - 2022-09-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://checkpointxxx.com/
Frame ID: 59FA5BDCE97B3CD85F5241DB58B161BB
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Page VerificationDetected technologies
animate.css (Web Frameworks) ExpandDetected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
checkpointxxx.com/ |
15 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ |
69 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/ |
57 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4uqVWeJ.png
i.imgur.com/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c0xZpCT.png
i.imgur.com/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tbwYrfT.png
i.imgur.com/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KPCCWDQ.png
i.imgur.com/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
code.jquery.com/ |
276 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
196 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
103 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 348 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
1 B 21 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Gaming (Entertainment)22 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation function| $ function| jQuery function| gtag object| dataLayer function| open_facebook function| tutup_facebook function| showFbPassword function| hideFbPassword object| google_tag_manager function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.checkpointxxx.com/ | Name: _ga_W50CEEM8DQ Value: GS1.1.1658144036.1.0.1658144036.0 |
|
.checkpointxxx.com/ | Name: _ga Value: GA1.2.1820919703.1658144036 |
|
.checkpointxxx.com/ | Name: _gid Value: GA1.2.752830369.1658144037 |
|
.checkpointxxx.com/ | Name: _gat_gtag_UA_221453014_1 Value: 1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
checkpointxxx.com
code.jquery.com
i.imgur.com
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
151.101.112.193
2001:4860:4802:34::36
2001:4860:4802:36::178
2001:4de0:ac18::1:a:1b
2606:4700::6811:190e
2a00:1450:4001:827::2008
45.119.212.153
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295
3e13a8267b27aecc825ea7b99d576a0c3c5eb1f297113f0df08e21527e948e37
434d7d2c5fdc9892618a69577d586d8d73a23ecc8c32da37f0280c2a622aedcd
6267852924d2a63c3e29bfa4e2246c95167cd419005060dd01030ca19c126e97
6ae1bcf6667677b5515b5e356c289f699e9751a76e6b44d36449fd1d4c79347d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b3158c245f40207d575836ec3ca91b82a905705d162081c3372ba19640cc8cc2
bd78dea76608cd4bdb4e1cd981f8d8dd1e950b0be597887401103c7121b358c2
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855