urlscan.io logo urlscan.io
SecurityTrails logo

arrivevxms.com Open in urlscan Pro
109.206.243.142  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/41tNGfB
Effective URL: https://arrivevxms.com/s/11x301mxwxnzg/n/vb/ms/?ditertiary=avru
Submission: On February 22 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 2 HTTP transactions. The main IP is 109.206.243.142, located in Ashburn, United States and belongs to AS_DELIS, US. The main domain is arrivevxms.com.
TLS certificate: Issued by R3 on February 20th 2023. Valid for: 3 months.
This is the only time arrivevxms.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Weightloss Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-CL...)
1 1 34.247.185.136 16509 (AMAZON-02)
1 1 18.233.135.81 14618 (AMAZON-AES)
1 109.206.243.142 211252 (AS_DELIS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 3
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
1    34.247.185.136 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-185-136.eu-west-1.compute.amazonaws.com
eu.wbgaf.com
1    18.233.135.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-135-81.compute-1.amazonaws.com
thesun-vouchercodes.digidip.net
1    109.206.243.142 (Ashburn, United States)

ASN211252 (AS_DELIS, US)
arrivevxms.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 196
28 KB
1 arrivevxms.com
arrivevxms.com
309 KB
1 digidip.net
thesun-vouchercodes.digidip.net
184 B
1 wbgaf.com
eu.wbgaf.com — Cisco Umbrella Rank: 665239
679 B
1 bit.ly
bit.ly — Cisco Umbrella Rank: 5284
310 B
2 5
Domain Requested by
1 cdnjs.cloudflare.com arrivevxms.com
1 arrivevxms.com
1 thesun-vouchercodes.digidip.net 1 redirects
1 eu.wbgaf.com 1 redirects
1 bit.ly 1 redirects
2 5

This site contains links to these domains. Also see Links.

Domain
adsssite.com
Subject Issuer Validity Valid
arrivevxms.com
R3		 2023-02-20 -
2023-05-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://arrivevxms.com/s/11x301mxwxnzg/n/vb/ms/?ditertiary=avru
Frame ID: AC1E2AE9A7A14CA4819B71823ADE34B2
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Entertainment Today

Page URL History Show full URLs

  1. https://bit.ly/41tNGfB HTTP 301
    https://eu.wbgaf.com/redirect/150256?url=https://arrivevxms.com/s/11x301mxwxnzg/n/vb/ms/%3Fditert... HTTP 302
    https://thesun-vouchercodes.digidip.net/visit?ref=le0sunbfae3b828584408d9aa66bb590c96efa&url=https%3A%2F%2Farrivevxm... HTTP 302
    https://arrivevxms.com/s/11x301mxwxnzg/n/vb/ms/?ditertiary=avru Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

2
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

337 kB
Transfer

787 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/41tNGfB HTTP 301
    https://eu.wbgaf.com/redirect/150256?url=https://arrivevxms.com/s/11x301mxwxnzg/n/vb/ms/%3Fditertiary%3Davru&septaria=rktpd&microzoa=kcpy HTTP 302
    https://thesun-vouchercodes.digidip.net/visit?ref=le0sunbfae3b828584408d9aa66bb590c96efa&url=https%3A%2F%2Farrivevxms.com%2Fs%2F11x301mxwxnzg%2Fn%2Fvb%2Fms%2F%3Fditertiary%3Davru HTTP 302
    https://arrivevxms.com/s/11x301mxwxnzg/n/vb/ms/?ditertiary=avru Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
arrivevxms.com/s/11x301mxwxnzg/n/vb/ms/
Redirect Chain
  • https://bit.ly/41tNGfB
  • https://eu.wbgaf.com/redirect/150256?url=https://arrivevxms.com/s/11x301mxwxnzg/n/vb/ms/%3Fditertiary%3Davru&septaria=rktpd&microzoa=kcpy
  • https://thesun-vouchercodes.digidip.net/visit?ref=le0sunbfae3b828584408d9aa66bb590c96efa&url=https%3A%2F%2Farrivevxms.com%2Fs%2F11x301mxwxnzg%2Fn%2Fvb%2Fms%2F%3Fditertiary%3Davru
  • https://arrivevxms.com/s/11x301mxwxnzg/n/vb/ms/?ditertiary=avru
466 KB
309 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://arrivevxms.com/s/11x301mxwxnzg/n/vb/ms/?ditertiary=avru
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.206.243.142 Ashburn, United States, ASN211252 (AS_DELIS, US),
Reverse DNS
Software
nginx /
Resource Hash
3dea1c1bcbcf1c69255206f6586ebfa1563f0b9535884956347ac023d037b005

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 22 Feb 2023 19:10:25 GMT
Keep-Alive
timeout=60
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=UTF-8
date
Wed, 22 Feb 2023 19:10:24 GMT
location
https://arrivevxms.com/s/11x301mxwxnzg/n/vb/ms/?ditertiary=avru
server
nginx/1.20.2
x-digidip-program
0
x-digidip-subid
10017p3sc300
x-powered-by
PHP/7.3.33
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 		86 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: arrivevxms.com
URL: https://arrivevxms.com/s/11x301mxwxnzg/n/vb/ms/?ditertiary=avru
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://arrivevxms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 19:10:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8548497
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27748
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15851"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YfNBZWznA9XQB5Eoj9XsKkoiW4jYztcqTOUKfQnMUDeKridI2%2B4syMBZf9%2FP51CxXQkEzOL7bZ1R7Re%2BrCxUdFgIm2ZKe41Mr13rWa%2BrKO9ERNzQmalrTyNPLVrM4L1s1cWTqgcZ6A%2BSEApvJAtDF6Hi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
79da05910d9fd14f-BUF
expires
Mon, 12 Feb 2024 19:10:25 GMT
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c939f3ecb7ad3fcc8406fcd3ea391dbff7518dced02c5539f5b9a9f040798cb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e927f7e78e49247af967a276e3fba9200632d6d59aa95a72868834ccf0e66f1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		42 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8f986e9aeb07472738a151d07608515fcd334917be624af0b09c2323008921c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		45 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a06002a717de4785c991dc3ca5de39669e59ea69ef45ad915caeb92e2c1dd11a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eeefe230b8a1019b05a30d1a4986973fee695e210d17fa586f6e76e641add04a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cbafd66aff7f0c96eb262917686842549e903fd44f64d3ca0492a28a5311382

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d63d4d22013da0e9fa55666244e1d4d47654ac792dac21d19dc849ccfce3399f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4377b889f6a91c8191e3dfcc75d40d264b5302fae797a18c7e5783db033af826

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		334 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aab8ebd7fb3b60142e7ab447cf11c19b781ea63fcd0981917783909061fd907c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		25 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9fa956746742d6835a48a93849c10f29b0cbdefc90745ba5d1f1b6516487abcd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		35 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
178efc32103d3067c716b0b20dddf1d6a644e298d46cac670bba5d02cc41b424

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
645635dfd01a8c596156e98ee695caab82308343abb63d4b8ddcad0a72efe66e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		558 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31825b853e17fdd1f53cd0ad03626a9dd108418a0b91293a67d559d4563bbcbc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96d8addc621c177dd63b666d0272958c5e703d3ad73f546d3a38eb83075dcbca

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cb5d9ce505a301b6312b9e73e8f4562f6f11f9f309f3258007ae8007abcd4ad

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1bcc0665dfcc57225fc283528b0e2bdfcbcd042aa71c27f02f9b1e28c4af36f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0b4e806d14a848b60771ce921ae209b40037f6f003fd7533c122aaa4d4d7fa2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ebf0402ee62bae00a6ded482e97c47ed1cf74b9fa6a602fd4d57b376ddd539a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ed2d5dcd5cb6f1803c65c39d11a26b96f0774e8a55cb688c9b3bbbcad89cce1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
888dccfa93119ce00f9cc4764d37af91a95a3e55fbe1a4da510d4bcc579ddaba

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebefc57b6c85e09c1470ba9e0b3043215c29a2f5c1fe6e43fbd08e43b3e3b60a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab0d6ca856c3af2377dc800b8e4866d86749ce277a87073df6c49eb1d02be767

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e25c600cba012b31b5fad4527ac7605018378c55988b745add595368f9c8add

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/jpg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Weightloss Scam (Online)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| backDay function| backDay_2 function| backDay_3 function| nextday function| $ function| jQuery

2 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: n1mjan-f2add8df239730933b-003
eu.wbgaf.com/ Name: a2ee3a2bf1029ed2cf05d031cff560a4
Value: 6b3a7076527fd7d9640c0369edb2fcd0b5506c3aef8dd3829c28c112a21695b949aa50fb03f5aca1cc3e9c71c58c7ea3b30b409f8e97a9240104655d709477be

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

arrivevxms.com
bit.ly
cdnjs.cloudflare.com
eu.wbgaf.com
thesun-vouchercodes.digidip.net
109.206.243.142
18.233.135.81
2606:4700::6811:180e
34.247.185.136
67.199.248.10
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c939f3ecb7ad3fcc8406fcd3ea391dbff7518dced02c5539f5b9a9f040798cb
178efc32103d3067c716b0b20dddf1d6a644e298d46cac670bba5d02cc41b424
1cb5d9ce505a301b6312b9e73e8f4562f6f11f9f309f3258007ae8007abcd4ad
31825b853e17fdd1f53cd0ad03626a9dd108418a0b91293a67d559d4563bbcbc
3cbafd66aff7f0c96eb262917686842549e903fd44f64d3ca0492a28a5311382
3dea1c1bcbcf1c69255206f6586ebfa1563f0b9535884956347ac023d037b005
4377b889f6a91c8191e3dfcc75d40d264b5302fae797a18c7e5783db033af826
4ed2d5dcd5cb6f1803c65c39d11a26b96f0774e8a55cb688c9b3bbbcad89cce1
645635dfd01a8c596156e98ee695caab82308343abb63d4b8ddcad0a72efe66e
7e25c600cba012b31b5fad4527ac7605018378c55988b745add595368f9c8add
7ebf0402ee62bae00a6ded482e97c47ed1cf74b9fa6a602fd4d57b376ddd539a
888dccfa93119ce00f9cc4764d37af91a95a3e55fbe1a4da510d4bcc579ddaba
96d8addc621c177dd63b666d0272958c5e703d3ad73f546d3a38eb83075dcbca
9e927f7e78e49247af967a276e3fba9200632d6d59aa95a72868834ccf0e66f1
9fa956746742d6835a48a93849c10f29b0cbdefc90745ba5d1f1b6516487abcd
a06002a717de4785c991dc3ca5de39669e59ea69ef45ad915caeb92e2c1dd11a
a8f986e9aeb07472738a151d07608515fcd334917be624af0b09c2323008921c
aab8ebd7fb3b60142e7ab447cf11c19b781ea63fcd0981917783909061fd907c
ab0d6ca856c3af2377dc800b8e4866d86749ce277a87073df6c49eb1d02be767
d63d4d22013da0e9fa55666244e1d4d47654ac792dac21d19dc849ccfce3399f
e0b4e806d14a848b60771ce921ae209b40037f6f003fd7533c122aaa4d4d7fa2
ebefc57b6c85e09c1470ba9e0b3043215c29a2f5c1fe6e43fbd08e43b3e3b60a
eeefe230b8a1019b05a30d1a4986973fee695e210d17fa586f6e76e641add04a
f1bcc0665dfcc57225fc283528b0e2bdfcbcd042aa71c27f02f9b1e28c4af36f