www.bhis.net
Open in
urlscan Pro
202.191.120.48
Malicious Activity!
Public Scan
Effective URL: https://www.bhis.net/wp-content/upgrade/cddir/afcu/user.html
Submission Tags: threatview.io malwar3ninja rule: suspected phishing scam automated-submission Search All
Submission: On August 21 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 11th 2024. Valid for: 3 months.
This is the only time www.bhis.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 6 | 172.66.47.136 172.66.47.136 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
24 | 202.191.120.48 202.191.120.48 | 24556 (BIJOY-BD-...) (BIJOY-BD-AS-AP Bijoy Online Ltd. Multihome Internet Service Provider) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::200a | 15169 (GOOGLE) (GOOGLE) | |
6 | 2a00:1450:400... 2a00:1450:4001:830::2008 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
1 | 2a00:1450:400... 2a00:1450:4001:82a::2003 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2001:4860:480... 2001:4860:4802:38::178 | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.186.132 142.250.186.132 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
49 | 11 |
ASN24556 (BIJOY-BD-AS-AP Bijoy Online Ltd. Multihome Internet Service Provider, BD)
PTR: cp2.bijoyweb.com
www.bhis.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net
www.google.com |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
bhis.net
www.bhis.net |
142 KB |
6 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112 |
521 KB |
6 |
pages.dev
1 redirects
americafirstonline.pages.dev |
10 KB |
5 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123 |
21 KB |
4 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236 |
164 KB |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 108 |
3 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 10 |
|
1 |
gstatic.com
fonts.gstatic.com |
48 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110 |
2 KB |
49 | 9 |
Domain | Requested by | |
---|---|---|
24 | www.bhis.net |
americafirstonline.pages.dev
www.bhis.net |
6 | www.googletagmanager.com |
www.bhis.net
www.googletagmanager.com |
6 | americafirstonline.pages.dev |
1 redirects
americafirstonline.pages.dev
|
4 | connect.facebook.net |
www.bhis.net
connect.facebook.net |
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com www.bhis.net |
2 | www.facebook.com |
www.bhis.net
|
2 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | www.google.com |
www.googletagmanager.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
www.bhis.net
|
49 | 10 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
americafirstonline.pages.dev WE1 |
2024-08-19 - 2024-11-17 |
3 months | crt.sh |
bhis.net cPanel, Inc. Certification Authority |
2024-06-11 - 2024-09-09 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-05-30 - 2024-08-28 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
*.google.com WR2 |
2024-07-30 - 2024-10-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.bhis.net/wp-content/upgrade/cddir/afcu/user.html
Frame ID: C9F8667F63632B240AA8C048DBFB4F60
Requests: 50 HTTP requests in this frame
Screenshot
Page Title
BHIS Page not found - BHISPage URL History Show full URLs
-
http://americafirstonline.pages.dev/
HTTP 307
https://americafirstonline.pages.dev/ Page URL
-
https://americafirstonline.pages.dev/cdn-cgi/phish-bypass?atok=YO.TZPJ84_UxgPkFes4oX0XyKayDtoAufHE5u8D1mgQ-172420...
HTTP 301
https://americafirstonline.pages.dev/ Page URL
- https://www.bhis.net/wp-content/upgrade/cddir/afcu/user.html Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Yoast SEO (SEO) Expand
Detected patterns
- <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: HOME
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://americafirstonline.pages.dev/
HTTP 307
https://americafirstonline.pages.dev/ Page URL
-
https://americafirstonline.pages.dev/cdn-cgi/phish-bypass?atok=YO.TZPJ84_UxgPkFes4oX0XyKayDtoAufHE5u8D1mgQ-1724206361-0.0.1.1-%2F
HTTP 301
https://americafirstonline.pages.dev/ Page URL
- https://www.bhis.net/wp-content/upgrade/cddir/afcu/user.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://americafirstonline.pages.dev/ HTTP 307
- https://americafirstonline.pages.dev/
- https://americafirstonline.pages.dev/cdn-cgi/phish-bypass?atok=YO.TZPJ84_UxgPkFes4oX0XyKayDtoAufHE5u8D1mgQ-1724206361-0.0.1.1-%2F HTTP 301
- https://americafirstonline.pages.dev/
49 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
/
americafirstonline.pages.dev/ Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cf.errors.css
americafirstonline.pages.dev/cdn-cgi/styles/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-exclamation.png
americafirstonline.pages.dev/cdn-cgi/images/ |
452 B 635 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
americafirstonline.pages.dev/ |
5 KB 2 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
americafirstonline.pages.dev/ Redirect Chain
|
217 B 592 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
user.html
www.bhis.net/wp-content/upgrade/cddir/afcu/ |
33 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.min.css
www.bhis.net/wp-includes/css/dist/block-library/ |
108 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
www.bhis.net/wp-content/themes/frame/ |
627 B 786 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core.css
www.bhis.net/wp-content/themes/frame/css/core/ |
1 KB 788 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.css
www.bhis.net/wp-content/themes/frame/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-responsive.css
www.bhis.net/wp-content/themes/frame/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
plugins.css
www.bhis.net/wp-content/themes/frame/css/ |
34 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
theme.css
www.bhis.net/wp-content/themes/frame/css/ |
106 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsive.css
www.bhis.net/wp-content/themes/frame/css/ |
57 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
skin_dark.css
www.bhis.net/wp-content/themes/frame/css/ |
32 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fs_gllaery.css
www.bhis.net/wp-content/themes/frame/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core.css
www.bhis.net/wp-content/cache/busting/1/wp-content/themes/frame/css/core/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
38 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tablepress-combined.min.css
www.bhis.net/wp-content/ |
5 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
www.bhis.net/wp-includes/js/jquery/ |
86 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-migrate.min.js
www.bhis.net/wp-includes/js/jquery/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
run.js
www.bhis.net/wp-content/themes/frame/js/ |
360 B 630 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fs_gllaery.js
www.bhis.net/wp-content/themes/frame/js/ |
10 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
206 KB 74 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
229 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
272 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_GB/ |
3 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
submit.js
www.bhis.net/wp-content/plugins/creative-mail-by-constant-contact/assets/js/block/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core.min.js
www.bhis.net/wp-includes/js/jquery/ui/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
theme.js
www.bhis.net/wp-content/themes/frame/js/ |
85 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core.js
www.bhis.net/wp-content/cache/busting/1/wp-content/themes/frame/js/core/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smush-lazy-load-native.min.js
www.bhis.net/wp-content/plugins/wp-smushit/app/assets/js/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
225 KB 60 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
37 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ |
47 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_GB/ |
305 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
www.bhis.net/wp-content/uploads/2021/08/ |
609 B 985 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
252409326743473
connect.facebook.net/signals/config/ |
61 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
270 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
229 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
272 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google.com/ccm/ |
0 0 |
Ping
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 274 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ |
67 B 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 142 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/ |
35 B 194 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.jpg
www.bhis.net/wp-content/uploads/2021/08/ |
330 B 699 B |
Other
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| mixajaxurl string| themerooturl function| $ function| jQuery function| gtag object| dataLayer function| fbq function| _fbq object| ce4wp_form_submit_data function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig boolean| fixed_menu function| featured_slider_setup boolean| demo object| FB object| lazySizes object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| __buffer function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData boolean| doresize object| scroll_pos8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.americafirstonline.pages.dev/ | Name: __cf_mw_byp Value: YO.TZPJ84_UxgPkFes4oX0XyKayDtoAufHE5u8D1mgQ-1724206361-0.0.1.1-/ |
|
.bhis.net/ | Name: _gcl_au Value: 1.1.663478553.1724206373 |
|
.bhis.net/ | Name: _ga_4ZMEZ6TN1F Value: GS1.1.1724206372.1.0.1724206372.0.0.0 |
|
.bhis.net/ | Name: _ga_60K0P8W4P9 Value: GS1.1.1724206372.1.0.1724206372.0.0.0 |
|
.bhis.net/ | Name: _fbp Value: fb.1.1724206372670.950811333954409312 |
|
.bhis.net/ | Name: _ga Value: GA1.2.426025486.1724206373 |
|
.bhis.net/ | Name: _gid Value: GA1.2.1355811204.1724206373 |
|
.bhis.net/ | Name: _gat_gtag_UA_202004756_1 Value: 1 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
americafirstonline.pages.dev
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
www.bhis.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
142.250.186.132
172.66.47.136
2001:4860:4802:34::36
2001:4860:4802:38::178
202.191.120.48
2a00:1450:4001:813::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
0c84ffb010c28a154c26fb1baa7ed3aeaa97fa5b34037392e7aace91d0a8afd3
10ad7ccd86de43c7948db0375859697113791dc4dc6e1cec70a7c0313ce183c1
10f3b393b1e60c701ed95921c83c70f437cfadd583de1c037b1d9b8ff91d2704
1b9759ec6968561113e7df80e5b6bf3a5330f9b093a37908205cb49e492c3de9
22fbbe74fe6185a3e4fa49d8ed5ad06291281ed8bfdb42473f4ebb6f51970bd5
2f955cd34f195bc9300e1c2ccc19c8bffe0c1cca82b7316f88a4c9426514ecf1
324c98a1ef34ff10b482452bded11787ceafd3c796b80755daac82910632bacd
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
487ac887189dc41709d9b2feb39e9ad4c0c6cbf08c26d0fd44f45ffa3b62178f
4e69b8750fb6f41633cef22eeb5f806a37094d386d3d593b049fc8c97ffd1e11
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
563a7cba1f5bbdeb10fd0b9dd8aea958ea60a9b05d69e95bf0b4126e52b5cb73
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7eb1d49fc692fc10ea56fa15d7e4af27bc1feaa317463ada74be41129cad3dbd
817ef16fd248b597764c0fe34eea567a60ea97b5780148198c6642522c8cd1ab
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842accfab9b736591aeb6e0951a301e6f478db2af5aa2d4c2b766f1d346c15fc
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
92c811b4ac9b3f23ec0c8eadae3be374682a860d290aac9cde2a8a8911b7412c
930d1ff8771a7ae99e44a9e42cfd8f26c7400a8add7e7a780bb01984115cc781
9980f67f8f47e1b119714ef8d763ba5b36a2f7aa5017807b3f75c3e56b5cf61a
9e9df6761f7184d93f7511bd9b2eeebdab9589592a590e9feb73d8d2bef2b306
9ee04327cf1ed7835c8414219ac8d194bcad31f2bca293c84d5d8dc492d8b477
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b1514044800419f795e6e916c03601abb777213f5ab61394eb7d9834ff116305
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be5dc8499f6431aee0c63976b364f372cce800f436ca1688e7c60c56f2046526
bf823212219cf36622655011d6e326631ae49ffd3ab2d9acb22c9f0bb62d0b58
c1c24871f9ecd4cee25f2440c7dedd19aec05055ed2e02a1da9d8bb3e8f1f790
c9cc9377c4886c561cdac703246af9cec15eb5b2e8b07b8cb932ae77ac13eddf
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d5a6bd0e8d01c50ec7aba03d049dee587d2d61a53f976b2c3f631d6b2ff671de
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d61259022738e1f58960794b512e3a3a9458c57b41263d1b0fa0bfd8a7e34e
eacd616eb47377a929a3a6fbfdac93b525fe1c3c1fd1b532186deccc774b29ed
ef51cd51cfb0b7be2ed2dd685c47ffa3de86e2b0dee545343f48b939f6974abf
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
f19b20d1e9cf0a2b22ec1899106f15b4bf8bf12b6c255fbd9ce8087a85615834
f6a04b2c2a85bf7d494a67bf89c2862c77abe22d9857e9cc8fa8056a37fb0f9c
f6c9c8a6b9e46096f372c3d2458dbac943f5bca621ce4bdca4596e3f14e0c844
f7968840a0fab6e929fdb97897d7b39037090710826b92d0538fbe5a1beb56e4
f980c1f95edb631c9f3a15f25f4d7670fda9f5d9a0f7a883b454a9bad3510f52