100paypal.topsweeps.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://100paypal.topsweeps.com/
Submission: On March 02 via automatic, source certstream-suspicious (March 2nd 2023, 6:32:26 am UTC) — Scanned from NL

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 13 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is 100paypal.topsweeps.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 17th 2022. Valid for: a year.

This is the only time 100paypal.topsweeps.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	34.216.230.103 34.216.230.103	16509 (AMAZON-02) (AMAZON-02)
2	18.66.17.116 18.66.17.116	16509 (AMAZON-02) (AMAZON-02)
1	138.197.235.123 138.197.235.123	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
13	6

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

100paypal.topsweeps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

impressure-c630.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.216.230.103 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-230-103.us-west-2.compute.amazonaws.com

events.impressure.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.17.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-17-116.vie50.r.cloudfront.net

djk97zng6lbya.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.197.235.123 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

csshake.surge.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	kxcdn.com impressure-c630.kxcdn.com — Cisco Umbrella Rank: 63002	139 KB
2	cloudfront.net djk97zng6lbya.cloudfront.net	167 KB
2	impressure.io events.impressure.io — Cisco Umbrella Rank: 244843	2 KB
1	surge.sh csshake.surge.sh — Cisco Umbrella Rank: 664283	3 KB
1	topsweeps.com 100paypal.topsweeps.com	11 KB
13	5

	Domain	Requested by
7	impressure-c630.kxcdn.com	100paypal.topsweeps.com impressure-c630.kxcdn.com
2	djk97zng6lbya.cloudfront.net	100paypal.topsweeps.com
2	events.impressure.io	100paypal.topsweeps.com impressure-c630.kxcdn.com
1	csshake.surge.sh	impressure-c630.kxcdn.com
1	100paypal.topsweeps.com
13	5

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-07-17` - `2023-07-17`	a year	crt.sh
*.kxcdn.com Thawte RSA CA 2018	`2022-07-28` - `2023-07-24`	a year	crt.sh
impressure.io Amazon RSA 2048 M02	`2023-02-10` - `2023-08-24`	6 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.surge.sh Sectigo RSA Domain Validation Secure Server CA	`2022-04-18` - `2023-05-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://100paypal.topsweeps.com/
Frame ID: DFCAE6ED46385315F894BE3E2BC06DBD
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Prize Picker (Template) (TopSweeps 100 Paypal)

Page Statistics

13
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

322 kB
Transfer

773 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
100paypal.topsweeps.com/ 60 KB
11 KB 444ms
378ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://100paypal.topsweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3d83a0c7188c82cbc3b7adf1d3bd0e040ebe74f7fc24dfab41d270ebc68e81a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7a179a13cf920e2f-AMS
content-encoding: br
content-type: text/html
date: Thu, 02 Mar 2023 06:32:20 GMT
last-modified: Mon, 29 Mar 2021 19:19:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JBPaqbJ4jmUYLfrl1cjMmqpmkyS9iMXYF6NxNXpJHoKe%2BYDkf%2BmIroHKW3XOcnDgRhpeLNi3UsRqEkZ75qM08YrPiPcJgs3enmYq2nOBg%2FAOXXvcTF9AGSuJxGX3yqkCySgGbpw%2F7%2Fhg4EqjCj7ajLn1i8sgQA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-amz-version-id: FbACCYZOsxXfGKIcMC6ZEv1dX421EUT6
x-cache: MISS
x-cache-status: HIT
x-edge-location: nlam

GET
H2 200 presenter.4717d24.css
impressure-c630.kxcdn.com/ 19 KB
5 KB 498ms
390ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/presenter.4717d24.css
Requested by: Host: 100paypal.topsweeps.com
URL: https://100paypal.topsweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: baacbac8ea102fe556f4d7d75f0ed28614f1c6712ef7c124df6ad7cfbc4cf744

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://100paypal.topsweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:32:20 GMT
content-encoding: br
x-amz-request-id: REWDPXGC7DN7A5FW
x-edge-location: defr
x-cache: MISS
content-length: 4928
x-amz-id-2: IYBXOkdobl0cm4Ew9rQVAvsHavx8v20dJ0QGROuUzUQmuLMFheiSpQUIqlRsGrkwLwiHUzSYce0=
last-modified: Wed, 09 Oct 2019 17:37:18 GMT
server: keycdn-engine
etag: "e39087b2545506688b40e35efb46751b"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Thu, 09 Mar 2023 06:32:20 GMT

GET
H2 200 presenter.473070e.js Show response
impressure-c630.kxcdn.com/ 394 KB
105 KB 775ms
668ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/presenter.473070e.js
Requested by: Host: 100paypal.topsweeps.com
URL: https://100paypal.topsweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 61d209a38eb261fd73db6b21314a9fbe683582e8b2014568ab90e99338e722da

Request headers

Referer: https://100paypal.topsweeps.com/
Origin: https://100paypal.topsweeps.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:32:20 GMT
content-encoding: br
x-amz-request-id: REWEHC89EWAJAWB8
x-edge-location: defr
x-cache: MISS
content-length: 106778
x-amz-id-2: w9JG0q0xEGib8EQzGrrMMENG9LZpjzoRnoLrlDXkGiyftiYoxIv3duI7JM+vSpCv+VzduJzrSsE=
last-modified: Mon, 28 Sep 2020 04:36:37 GMT
server: keycdn-engine
etag: "399bc418707e540a42b4a31c42fa707b"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Thu, 09 Mar 2023 06:32:20 GMT

GET
H/1.1 200
OK info Show response
events.impressure.io/ 902 B
1 KB 774ms
178ms XHR
application/json 34.216.230.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.impressure.io/info?v=2&nonce=11308538951516382&userId=

Requested by

Host: 100paypal.topsweeps.com
URL: https://100paypal.topsweeps.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.216.230.103 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-216-230-103.us-west-2.compute.amazonaws.com

Software

nginx / Express

Resource Hash

07a0f01e2077677c8fd2a0e3a487565f4e3b560cd33a317e6046a84a841f879e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://100paypal.topsweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 06:32:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"386-WMypzGd/08m/XnB0cSPgbW/pdPg"
X-Powered-By: Express
Vary: Accept-Encoding, Origin
P3P: CP="Impressure does not have a P3P policy."
Access-Control-Allow-Origin: https://100paypal.topsweeps.com
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 631

GET
DATA 200
OK truncated
/ 24 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 866a16ed24f1fa83115a250c8ef38f561e0850e499604cb8210d813de56708dc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 chunk.4.14607f3.css
impressure-c630.kxcdn.com/ 2 KB
1 KB 368ms
367ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.4.14607f3.css
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.473070e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: af4184fcac0beab4133f96dad725c066cddedb9db58107af8928c9486d140d2b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://100paypal.topsweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:32:21 GMT
content-encoding: br
x-amz-request-id: C0MHWRST29EWXJN9
x-edge-location: defr
x-cache: MISS
content-length: 794
x-amz-id-2: xi/ll1U38ofqQkjMs2BH9UE42/vovRIkiGjuj1w/4OxYz/FHUWuaSTO1QC4nFpSo+oex+zFU0wU=
last-modified: Wed, 09 Oct 2019 17:37:10 GMT
server: keycdn-engine
etag: "92cf1ed8bfc5123b1b1c5ae4a995d8d6"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Thu, 09 Mar 2023 06:32:21 GMT

GET
H2 200 chunk.4.7eecc8f.js Show response
impressure-c630.kxcdn.com/ 56 KB
18 KB 569ms
568ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.4.7eecc8f.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.473070e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: e482a06fd3cc015f2a9fbb2a1af521d39d1bdda7bc560557d86a82f98c05f8ca

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://100paypal.topsweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:32:21 GMT
content-encoding: gzip
x-amz-request-id: C0MV9H6XY8VCHWQ9
x-edge-location: defr
x-cache: MISS
content-length: 17771
x-amz-id-2: IBEuqa6+H9DPhi+LeKINRZ38RJLDeGwfgaZXGurPZNNS722k8FT8Bcu+mECc0v2yAlAY+Sb/JAg=
last-modified: Wed, 06 Apr 2022 22:23:44 GMT
server: keycdn-engine
etag: W/"68f02e7cf4450835bcc3bef3fad4cc32"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Thu, 09 Mar 2023 06:32:21 GMT

GET
H2 200 chunk.7.6caa6e6.css
impressure-c630.kxcdn.com/ 1 KB
963 B 399ms
399ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.7.6caa6e6.css
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.473070e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 340d633e2738fe02c289dc44662122655656ba9d48c268a61f9c761f6a8252ba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://100paypal.topsweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:32:21 GMT
content-encoding: br
x-amz-request-id: C0MV8YSZ1EXFMZYD
x-edge-location: defr
x-cache: MISS
content-length: 538
x-amz-id-2: stJRzoY/MUDMoBtYT0nbM/ydUJcl8YqCXGvXcvhEgql3CloCn8CyY2Ph8W28CXCQSxqk3xvxmAM=
last-modified: Wed, 09 Oct 2019 17:37:11 GMT
server: keycdn-engine
etag: "e73681ade786069d4cb8563abe3a911e"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Thu, 09 Mar 2023 06:32:21 GMT

GET
H2 200 chunk.7.6b4aa76.js Show response
impressure-c630.kxcdn.com/ 11 KB
4 KB 375ms
375ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.7.6b4aa76.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.473070e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: bb567a6877cd9fbf0c08d55c7d64b5ebbf21a8de27fc9292e445708cf81f8cbe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://100paypal.topsweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:32:21 GMT
content-encoding: br
x-amz-request-id: C0MP9WSHEZTXQHRY
x-edge-location: defr
x-cache: MISS
content-length: 3359
x-amz-id-2: twKzGa5VjEIKn5FJvhQZI4o8LqejY7LbJ7QYIoVpHcwW5ieMYgoK8hcR3yp4f3VIlu6hIeltvKc=
last-modified: Sat, 19 Sep 2020 17:57:48 GMT
server: keycdn-engine
etag: "4a8e2010be8daac0eb417e28d5590e05"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Thu, 09 Mar 2023 06:32:21 GMT

POST
H/1.1 200
OK events Show response
events.impressure.io/ 72 B
498 B 209ms
209ms Fetch
application/json 34.216.230.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.impressure.io/events

Requested by

Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.473070e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.216.230.103 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-216-230-103.us-west-2.compute.amazonaws.com

Software

nginx / Express

Resource Hash

71522fb8347e7e50df6cc6a0e5871b103affd56eab5015fa9220f4c779ba31c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://100paypal.topsweeps.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 02 Mar 2023 06:32:21 GMT
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"48-DDAd+Y0s/eIxReUSr5orSs3DOQA"
X-Powered-By: Express
Vary: Origin
P3P: CP="Impressure does not have a P3P policy."
Access-Control-Allow-Origin: https://100paypal.topsweeps.com
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 72

GET
H2 200 b5335587-bbdc-4337-81ea-99c680f24fa3.png
djk97zng6lbya.cloudfront.net/2021/03/10/18/44/39/ 50 KB
50 KB 829ms
676ms Image
image/png 18.66.17.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2021/03/10/18/44/39/b5335587-bbdc-4337-81ea-99c680f24fa3.png
Requested by: Host: 100paypal.topsweeps.com
URL: https://100paypal.topsweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.17.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-17-116.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f49bdc3594cd53bfcb75d3dcba618a7a1c796c8893e283fbbd71a358eb6a41d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://100paypal.topsweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:32:23 GMT
via: 1.1 127e1ddb6224f10ae9e484392afd1b6c.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 18:44:40 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
etag: "1a2a5312e0b600a117ad0f634ca756df"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 50834
x-amz-cf-id: YntYVkJbXJi4W_4ehblmW4U5wNgvYABpyR1QTuQ683WSQhRnz5K1iQ==

GET
H2 200 chunk.13.5f3a945.js Show response
impressure-c630.kxcdn.com/ 17 KB
5 KB 421ms
408ms Script
application/javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.13.5f3a945.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.473070e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: ecb5f9a97229a42a05d070bf1fb26ccf785e89c4dd8aeda12f820923cdeffc42

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://100paypal.topsweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:32:22 GMT
content-encoding: br
x-amz-request-id: ZVEP3F4QGKKV67E4
x-edge-location: defr
x-cache: MISS
content-length: 5062
x-amz-id-2: YcuOj2M3Osv4xXRv1FC36uWDsG8WBJzsd7bVKD8giV8Ft6AP5uDsYaXT/fGDu5qEbruWrXRdq1s=
last-modified: Wed, 09 Oct 2019 17:37:16 GMT
server: keycdn-engine
etag: "99d0c075b044b783e3f3e92fdf9ab9cc"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Thu, 09 Mar 2023 06:32:22 GMT

GET
H/1.1 200
OK csshake.min.css
csshake.surge.sh/ 22 KB
3 KB 995ms
171ms Stylesheet
text/css 138.197.235.123
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://csshake.surge.sh/csshake.min.css
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/chunk.13.5f3a945.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.197.235.123 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Surge /
Resource Hash: 2cf8e605dc253cf952dfad72b9c12d3ab182be582b18552d568e90fa31922927

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://100paypal.topsweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 06:32:23 GMT
Content-Encoding: gzip
Surge-Stamp: 2837::1549615243744-cb42373502821ab0b283616b27ca1e1d
Server: Surge
Age: 60642195
ETag: "2cf8e605dc253cf952dfad72b9c12d3ab182be582b18552d568e90fa31922927"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/css; charset=UTF-8
Response-Time: 1ms
Cache-Control: public, max-age=0, must-revalidate
Connection: close
Accept-Ranges: bytes
Surge-Cache: HIT

GET
H2 200 d5760a1a-cf61-4c39-858e-c76e958b478e.gif
djk97zng6lbya.cloudfront.net/2020/08/25/15/22/14/ 117 KB
117 KB 734ms
733ms Image
image/gif 18.66.17.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2020/08/25/15/22/14/d5760a1a-cf61-4c39-858e-c76e958b478e.gif
Requested by: Host: 100paypal.topsweeps.com
URL: https://100paypal.topsweeps.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.17.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-17-116.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4bf827295f3d042210504a5046ec75895138c32fa32b46ed06a8e3dbb054c976

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://100paypal.topsweeps.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:32:23 GMT
via: 1.1 127e1ddb6224f10ae9e484392afd1b6c.cloudfront.net (CloudFront)
last-modified: Tue, 25 Aug 2020 15:22:15 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
etag: "14bf0cb176daedefcd5c815874d03091"
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 119580
x-amz-cf-id: qyp0Cpicfs-HAy6-4W51zdocqLkRGL1via-qO6kbIIjCaRzaQOcTXw==

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.topsweeps.com/	1970-01-20 19:38:18	Name: _user_time Value: 1677738741286\|1677738741286
.topsweeps.com/	1970-01-20 19:38:18	Name: _user_id Value: 9fbb46dd-d752-49d9-bf06-030016557be6-l1Oi1PYyDnUV9u5AsHeOv5GlNrGAVpyGyA2r90U5X0
100paypal.topsweeps.com/	1970-01-20 19:38:18	Name: _user_random Value: 0.7589207021812538

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

100paypal.topsweeps.com
csshake.surge.sh
djk97zng6lbya.cloudfront.net
events.impressure.io
impressure-c630.kxcdn.com
138.197.235.123
18.66.17.116
2a06:98c1:3120::3
2a0b:4d07:102::1
34.216.230.103
07a0f01e2077677c8fd2a0e3a487565f4e3b560cd33a317e6046a84a841f879e
2cf8e605dc253cf952dfad72b9c12d3ab182be582b18552d568e90fa31922927
340d633e2738fe02c289dc44662122655656ba9d48c268a61f9c761f6a8252ba
4bf827295f3d042210504a5046ec75895138c32fa32b46ed06a8e3dbb054c976
4f49bdc3594cd53bfcb75d3dcba618a7a1c796c8893e283fbbd71a358eb6a41d
61d209a38eb261fd73db6b21314a9fbe683582e8b2014568ab90e99338e722da
71522fb8347e7e50df6cc6a0e5871b103affd56eab5015fa9220f4c779ba31c6
866a16ed24f1fa83115a250c8ef38f561e0850e499604cb8210d813de56708dc
af4184fcac0beab4133f96dad725c066cddedb9db58107af8928c9486d140d2b
b3d83a0c7188c82cbc3b7adf1d3bd0e040ebe74f7fc24dfab41d270ebc68e81a
baacbac8ea102fe556f4d7d75f0ed28614f1c6712ef7c124df6ad7cfbc4cf744
bb567a6877cd9fbf0c08d55c7d64b5ebbf21a8de27fc9292e445708cf81f8cbe
e482a06fd3cc015f2a9fbb2a1af521d39d1bdda7bc560557d86a82f98c05f8ca
ecb5f9a97229a42a05d070bf1fb26ccf785e89c4dd8aeda12f820923cdeffc42

100paypal.topsweeps.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

13 Requests

100 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

6 IPs

2 Countries

322 kBTransfer

773 kBSize

3 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

3 Cookies

Indicators

100paypal.topsweeps.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

322 kB
Transfer

773 kB
Size

3
Cookies

13 HTTP transactions
1 data transactions