hairlessskin.hailessskin-dev.de
Open in
urlscan Pro
2a01:4f8:d0a:61bd::2
Malicious Activity!
Public Scan
URL:
https://hairlessskin.hailessskin-dev.de/
Submission: On July 23 via api from US — Scanned from DE
Submission: On July 23 via api from US — Scanned from DE
Summary
This website contacted 2 IPs
in 2 countries
across 2 domains to perform 35 HTTP transactions.
The main IP is 2a01:4f8:d0a:61bd::2, located in
Bad Soden-Salmuenster, Germany and
belongs to HETZNER-AS, DE.
The main domain is hairlessskin.hailessskin-dev.de.
TLS certificate: Issued by R3 on June 3rd 2024. Valid for: 3 months.
This is the only time hairlessskin.hailessskin-dev.de was scanned on urlscan.io!
TLS certificate: Issued by R3 on June 3rd 2024. Valid for: 3 months.
This is the only time hairlessskin.hailessskin-dev.de was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Verizon (Telecommunication)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 34 | 2a01:4f8:d0a:... 2a01:4f8:d0a:61bd::2 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 1 | 2606:4700::68... 2606:4700::6810:281c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 35 | 2 |
34
2a01:4f8:d0a:61bd::2
(Bad Soden-Salmuenster, Germany)
ASN24940 (HETZNER-AS, DE)
ASN24940 (HETZNER-AS, DE)
| hairlessskin.hailessskin-dev.de |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 34 |
hailessskin-dev.de
hairlessskin.hailessskin-dev.de |
438 KB |
| 1 |
fonts.net
fast.fonts.net — Cisco Umbrella Rank: 7667 |
557 B |
| 35 | 2 |
| Domain | Requested by | |
|---|---|---|
| 34 | hairlessskin.hailessskin-dev.de |
hairlessskin.hailessskin-dev.de
|
| 1 | fast.fonts.net |
hairlessskin.hailessskin-dev.de
|
| 35 | 2 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| hairlessskinshop.firstvoucher.com |
| 777spinslots.com |
| gratowin-casino.com |
| 1dollarcasinos.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| hairlessskin.hailessskin-dev.de R3 |
2024-06-03 - 2024-09-01 |
3 months | crt.sh |
| fonts.net GTS CA 1P5 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://hairlessskin.hailessskin-dev.de/
Frame ID: 00F031B1225864284D67E02A902A33A2
Requests: 35 HTTP requests in this frame
Screenshot
Page Title
Home - Hairless SkinDetected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Yoast SEO
(SEO)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://hairlessskinshop.firstvoucher.com/
Title: Gutscheine
Title: Gutscheine
Search URL Search Domain Scan URL
URL: https://777spinslots.com/free-spins-bonus/20-no-deposit/
Title: 20 free spins no deposit
Title: 20 free spins no deposit
Search URL Search Domain Scan URL
URL: https://gratowin-casino.com/
Title: gratowin
Title: gratowin
Search URL Search Domain Scan URL
URL: https://1dollarcasinos.com/payment/paypal/
Title: https://1dollarcasinos.com/payment/paypal/
Title: https://1dollarcasinos.com/payment/paypal/
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
35 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
hairlessskin.hailessskin-dev.de/ |
32 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hairless-skin.svg
hairlessskin.hailessskin-dev.de/wp-content/uploads/2021/06/ |
83 KB 52 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0d60b5e9-11ea-45b8-8bee-d9659106584c.woff2
hairlessskin.hailessskin-dev.de/wp-content/themes/hairless-skin/build/fonts/825490/ |
51 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fe9a797a-a83d-4d3f-be98-de8440b9d893.woff2
hairlessskin.hailessskin-dev.de/wp-content/themes/hairless-skin/build/fonts/825496/ |
42 KB 41 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5568e4de-fd13-4909-9b1e-0b79eaf56697.woff2
hairlessskin.hailessskin-dev.de/wp-content/themes/hairless-skin/build/fonts/5548979/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5e356b56-25c1-43ac-9524-44e597eb7172.woff2
hairlessskin.hailessskin-dev.de/wp-content/themes/hairless-skin/build/fonts/5549031/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fa-solid-900.d824df7e.woff2
hairlessskin.hailessskin-dev.de/wp-content/themes/hairless-skin/build/lib/@fortawesome/fontawesome-free/webfonts/ |
76 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all.min.ad39dddb.css
hairlessskin.hailessskin-dev.de/wp-content/themes/hairless-skin/build/lib/@fortawesome/fontawesome-free/css/ |
58 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
frontend.926db9b9.css
hairlessskin.hailessskin-dev.de/wp-content/themes/hairless-skin/build/css/ |
219 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
borlabs-cookie-1-de.css
hairlessskin.hailessskin-dev.de/wp-content/cache/borlabs-cookie/1/ |
111 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
borlabs-cookie-config-de.json.js
hairlessskin.hailessskin-dev.de/wp-content/cache/borlabs-cookie/1/ |
43 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
borlabs-cookie-prioritize.min.js
hairlessskin.hailessskin-dev.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
borlabs-cookie.min.js
hairlessskin.hailessskin-dev.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
1 KB 610 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.8fb8fee4.js
hairlessskin.hailessskin-dev.de/wp-content/themes/hairless-skin/build/lib/jquery/dist/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
theme.22aaa7ef.js
hairlessskin.hailessskin-dev.de/wp-content/themes/hairless-skin/build/js/ |
2 KB 735 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
util.min.3261fbf8.js
hairlessskin.hailessskin-dev.de/wp-content/themes/hairless-skin/build/js/bootstrap/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
consents.CgUqh9Tk.min.js
hairlessskin.hailessskin-dev.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
45 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
observer.OJYZYBmK.min.js
hairlessskin.hailessskin-dev.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vue.Btt25mje.min.js
hairlessskin.hailessskin-dev.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
69 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mtiFontTrackingCode.js
hairlessskin.hailessskin-dev.de/ |
775 B 617 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5ee1fd77-894c-4a45-a96a-5a09b2d40869.woff2
hairlessskin.hailessskin-dev.de/wp-content/themes/hairless-skin/build/fonts/5548964/ |
16 KB 0 |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.css
fast.fonts.net/lt/ |
0 557 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
borlabs-cookie-box.CUG8Tpel.min.js
hairlessskin.hailessskin-dev.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
_plugin-vue_export-helper.DlAUqK2U.min.js
hairlessskin.hailessskin-dev.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
use-iabtcf-vendors.CKyfQLJn.min.js
hairlessskin.hailessskin-dev.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iabtcf.msnLqmNR.min.js
hairlessskin.hailessskin-dev.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
use-iabtcf-purposes.DMJAn7Ws.min.js
hairlessskin.hailessskin-dev.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
use-special-features.AiBqyHeL.min.js
hairlessskin.hailessskin-dev.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
x-icon.BS2s18GK.min.js
hairlessskin.hailessskin-dev.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
base-button.Cb7yVyJu.min.js
hairlessskin.hailessskin-dev.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
base-button.k3qGhxl_.min.css
hairlessskin.hailessskin-dev.de/wp-content/plugins/borlabs-cookie/assets/css/ |
0 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
use-iabtcf-legitimate-interests.VvSrMX9x.min.js
hairlessskin.hailessskin-dev.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
borlabs-cookie-box.B4WFoAUE.min.css
hairlessskin.hailessskin-dev.de/wp-content/plugins/borlabs-cookie/assets/css/ |
0 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
borlabs-widget.CTEFc16J.min.js
hairlessskin.hailessskin-dev.de/wp-content/plugins/borlabs-cookie/assets/javascript/ |
0 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dcd2e1fc-ae82-4e3d-bc30-4f3786479f15.woff
hairlessskin.hailessskin-dev.de/wp-content/themes/hairless-skin/build/fonts/5548964/ |
24 KB 25 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Verizon (Telecommunication)21 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| borlabsCookieConfig function| gtag object| dataLayer function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig function| $ function| jQuery object| Util string| MTUserId object| MTFontIds object| BorlabsCookie object| BorlabsCookiePrioritizeHandle string| userId string| pf object| mtTracking object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| borlabsCookiePrioritized boolean| __VUE__1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .fonts.net/ | Name: __cf_bm Value: PV5Z0EOydrzNmx9FZAp5sOKCl05z0UJEcg.b38VJ.g4-1721723627-1.0.1.1-NV0RBklu5Kz1Z2LsIViNK71FYy1ijMFORbbXUZO_Ds5SuauLikeD8cgWbDnlTpHxJn_32GsahnzNnl6XrDArGQ |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | upgrade-insecure-requests; |
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | sameorigin |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fast.fonts.net
hairlessskin.hailessskin-dev.de
2606:4700::6810:281c
2a01:4f8:d0a:61bd::2
396ed1370e52d28193cf3972a3b5d645de0f33b205b80dcf78653537353aa296
50ed69e879a6ddd3862ae19be6e36926a46e24dacb0e68f3f3177c2da1f263c7
58ee9c25aaff637bc0d49bc1ad6721875f6b89e5749946007251df88b128172c
66fa90046a32c45c4437b2800a83bb30ac55fb0dc9d0fb58e02b1239261e5db2
8159e770281d621287793aa993b4db3b608e5a4014d2ffef68ed8c4da80af390
963fe9e991c104eb3e1744dd9da84d75f16f8e3f27f6f3fc447158804393968c
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9e4c85fce05a4e78c4e801a9dadf7ef8a4b6da1bf96bdd2dc5e8bc5eb4a406b1
b1e45351cfa1020bfa509335485d0c6bae80acf2e91b63398dfe373958906dc5
b2352e5fee3438c93d8e3dd6af49cc0a2f949f619bd8a6e5e44726e07a924e3f
b753b8dafc301a57e079527150f184ee9e9143d7f13ee35fc48c6c04284cc2ab
b809e35d49e84f9fff8a081500000f3ceb8b0a1adbdc48fb6a19a4a14f2652a6
bebd4a886aa038eda79c3bcdd0e3fadc37770771b7678297f6ba35b433c6cf27
d64540def19749a57cba1d329f0a83e7b85cdf310c9cc532c2fd8e18d8c90d21
dcb65e121e22091eb2946cb89c792b3cad9ad88340130a6c9ac832c4d21438cb
de01cee0334c2c1f9ea74c2b5f8ad81ce869eaf1c6bc351ddbb440d0c14a0406
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec3fe7c7f333bcefbe8b05fa3b9b9106cc1e6bb46d3a44074bbc01366e43c7e3
edcdbb1a1f82786a8d338587ced4433e5a2d4cde65029d137a4276980aaa9346
f5328e56323b9d54ca2c1ecbd0302aa3b52c8bbd43ba49e366398cf54c292b04
fc303683139d72ac0ba8265659baeafa6b6df48b18ed42cfe2ad9a766b4e686b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e