dgbhj.localdats.com Open in urlscan Pro
142.132.150.101 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://myprostitut.com/0.3208975979176938
Effective URL:
https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938
Submission: On October 24 via api (October 24th 2024, 12:42:29 pm UTC) from US — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 142.132.150.101, located in Falkenstein, Germany and belongs to HETZNER-AS, DE. The main domain is dgbhj.localdats.com.
TLS certificate: Issued by R11 on September 16th 2024. Valid for: 3 months.

This is the only time dgbhj.localdats.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Porn Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
19 19	185.68.92.11 185.68.92.11	56577 (ASRELINK) (ASRELINK)
13	142.132.150.101 142.132.150.101	24940 (HETZNER-AS) (HETZNER-AS)
13	1

19 185.68.92.11 (Russian Federation) 19 redirects

ASN56577 (ASRELINK, RU)
PTR: b1.cishost.ru

myprostitut.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.132.150.101 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.101.150.132.142.clients.your-server.de

dgbhj.localdats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	myprostitut.com 19 redirects myprostitut.com	8 KB
13	localdats.com dgbhj.localdats.com	432 KB
13	2

	Domain	Requested by
19	myprostitut.com	19 redirects
13	dgbhj.localdats.com	dgbhj.localdats.com
13	2

This site contains no links.

Subject Issuer	Validity	Valid
localdats.com R11	`2024-09-16` - `2024-12-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938
Frame ID: 2CE9BD4AC89389E28D142CC3B9E83FB1
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anna94 will Nacktfotos mit dir tauschen.

Page URL History Show full URLs

http://myprostitut.com/0.3208975979176938 HTTP 307
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 307
http://myprostitut.com/0.3208975979176938 HTTP 301
https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

432 kB
Transfer

664 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://myprostitut.com/0.3208975979176938 HTTP 307
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 301
https://myprostitut.com/0.3208975979176938 HTTP 307
http://myprostitut.com/0.3208975979176938 HTTP 301
https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request 5be21c1a30252 Show response dgbhj.localdats.com/s/ Redirect Chain http://myprostitut.com/0.3208975979176938 https://myprostitut.com/0.3208975979176938 https://myprostitut.com/0.3208975979176938 https://myprostitut.com/0.3208975979176938 https://myprostitut.com/0.3208975979176938 https://myprostitut.com/0.3208975979176938 https://myprostitut.com/0.3208975979176938 https://myprostitut.com/0.3208975979176938 https://myprostitut.com/0.3208975979176938 https://myprostitut.com/0.3208975979176938 https://myprostitut.com/0.3208975979176938 https://myprostitut.com/0.3208975979176938 https://myprostitut.com/0.3208975979176938 https://myprostitut.com/0.3208975979176938 https://myprostitut.com/0.3208975979176938 https://myprostitut.com/0.3208975979176938 https://myprostitut.com/0.3208975979176938 https://myprostitut.com/0.3208975979176938 https://myprostitut.com/0.3208975979176938 https://myprostitut.com/0.3208975979176938 http://myprostitut.com/0.3208975979176938 https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938	51 KB 19 KB	537ms 112ms	Document text/html	142.132.150.101 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 142.132.150.101 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.101.150.132.142.clients.your-server.de Software openresty / Resource Hash `c60ab8db0dbadec4a4feebfdaa7b108499b4adeaded179d0c49055e20a8cf05c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Thu, 24 Oct 2024 12:42:23 GMT Expires 0 Pragma no-cache Server openresty Transfer-Encoding chunked Vary Accept-Encoding Accept-Encoding Redirect headers Connection keep-alive Content-Length 285 Content-Type text/html; charset=iso-8859-1 Date Thu, 24 Oct 2024 12:42:22 GMT Location https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Server nginx/1.23.1
GET H/1.1	200 OK	style.css dgbhj.localdats.com/bundle/1089/assets/css/	10 KB 3 KB	12ms 12ms	Stylesheet text/css	142.132.150.101 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dgbhj.localdats.com/bundle/1089/assets/css/style.css Requested by Host: dgbhj.localdats.com URL: https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 142.132.150.101 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.101.150.132.142.clients.your-server.de Software openresty / Resource Hash `7492454d1a0b19bd1115cf7b931f9a27259eb8b43168173e28b1aa477ad0ba1a` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Response headers Transfer-Encoding chunked Cache-Control max-age=2592000, private Content-Encoding gzip ETag W/"670fc27a-27c8" Connection keep-alive Expires Sat, 23 Nov 2024 12:42:23 GMT Date Thu, 24 Oct 2024 12:42:23 GMT Last-Modified Wed, 16 Oct 2024 13:41:14 GMT Content-Type text/css Vary Accept-Encoding, Accept-Encoding Server openresty
GET H/1.1	200 OK	bootstrap.css dgbhj.localdats.com/bundle/1089/assets/css/	108 KB 17 KB	26ms 12ms	Stylesheet text/css	142.132.150.101 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dgbhj.localdats.com/bundle/1089/assets/css/bootstrap.css Requested by Host: dgbhj.localdats.com URL: https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 142.132.150.101 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.101.150.132.142.clients.your-server.de Software openresty / Resource Hash `37d237c2cfc632735d5a1c48184e7e7afc5358ffd8ab8d6bd9f90a16d1e2993f` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Response headers Transfer-Encoding chunked Cache-Control max-age=2592000, private Content-Encoding gzip ETag W/"670fc270-1ae9f" Connection keep-alive Expires Sat, 23 Nov 2024 12:42:23 GMT Date Thu, 24 Oct 2024 12:42:23 GMT Last-Modified Wed, 16 Oct 2024 13:41:04 GMT Content-Type text/css Vary Accept-Encoding, Accept-Encoding Server openresty
GET H/1.1	200 OK	bootstrap-slider.min.css dgbhj.localdats.com/bundle/1089/assets/css/	7 KB 2 KB	21ms 7ms	Stylesheet text/css	142.132.150.101 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dgbhj.localdats.com/bundle/1089/assets/css/bootstrap-slider.min.css Requested by Host: dgbhj.localdats.com URL: https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 142.132.150.101 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.101.150.132.142.clients.your-server.de Software openresty / Resource Hash `a27ecbe0f63af48cceb0dc93fb842d3161462ca44d16bae13ea4a85488a7a8ce` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Response headers Transfer-Encoding chunked Cache-Control max-age=2592000, private Content-Encoding gzip ETag W/"670fc26c-1c3b" Connection keep-alive Expires Sat, 23 Nov 2024 12:42:23 GMT Date Thu, 24 Oct 2024 12:42:23 GMT Last-Modified Wed, 16 Oct 2024 13:41:00 GMT Content-Type text/css Vary Accept-Encoding, Accept-Encoding Server openresty
GET H/1.1	200 OK	blue.css dgbhj.localdats.com/bundle/1089/assets/css/	1 KB 867 B	23ms 9ms	Stylesheet text/css	142.132.150.101 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dgbhj.localdats.com/bundle/1089/assets/css/blue.css Requested by Host: dgbhj.localdats.com URL: https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 142.132.150.101 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.101.150.132.142.clients.your-server.de Software openresty / Resource Hash `0ca1d39f999294e137c538278732cd5f2e0f6bd54617ec7e347773ac5b3d8272` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Response headers Transfer-Encoding chunked Cache-Control max-age=2592000, private Content-Encoding gzip ETag W/"670fc268-5e1" Connection keep-alive Expires Sat, 23 Nov 2024 12:42:23 GMT Date Thu, 24 Oct 2024 12:42:23 GMT Last-Modified Wed, 16 Oct 2024 13:40:56 GMT Content-Type text/css Vary Accept-Encoding, Accept-Encoding Server openresty
GET H/1.1	200 OK	radar.gif dgbhj.localdats.com/bundle/1089/assets/images/	172 KB 172 KB	35ms 16ms	Image image/gif	142.132.150.101 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dgbhj.localdats.com/bundle/1089/assets/images/radar.gif Requested by Host: dgbhj.localdats.com URL: https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 142.132.150.101 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.101.150.132.142.clients.your-server.de Software openresty / Resource Hash `89495896bcc3deb0b6a643cf55ddfe620ada0cdb66cd09ce4ba801a06396fcef` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Response headers Cache-Control max-age=2592000, private ETag "670fc28c-2aeaf" Connection keep-alive Expires Sat, 23 Nov 2024 12:42:23 GMT Accept-Ranges bytes Content-Length 175791 Date Thu, 24 Oct 2024 12:42:23 GMT Content-Type image/gif Last-Modified Wed, 16 Oct 2024 13:41:32 GMT Server openresty
GET H/1.1	200 OK	jquery.min.js Show response dgbhj.localdats.com/bundle/1089/assets/js/	91 KB 33 KB	45ms 23ms	Script application/javascript	142.132.150.101 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dgbhj.localdats.com/bundle/1089/assets/js/jquery.min.js Requested by Host: dgbhj.localdats.com URL: https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 142.132.150.101 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.101.150.132.142.clients.your-server.de Software openresty / Resource Hash `f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Response headers Transfer-Encoding chunked Cache-Control max-age=2592000, private Content-Encoding gzip ETag W/"670fc29c-16cfb" Connection keep-alive Expires Sat, 23 Nov 2024 12:42:23 GMT Date Thu, 24 Oct 2024 12:42:23 GMT Last-Modified Wed, 16 Oct 2024 13:41:48 GMT Content-Type application/javascript Vary Accept-Encoding, Accept-Encoding Server openresty
GET H/1.1	200 OK	bootstrap.min.js Show response dgbhj.localdats.com/bundle/1089/assets/js/	28 KB 8 KB	10ms 9ms	Script application/javascript	142.132.150.101 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dgbhj.localdats.com/bundle/1089/assets/js/bootstrap.min.js Requested by Host: dgbhj.localdats.com URL: https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 142.132.150.101 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.101.150.132.142.clients.your-server.de Software openresty / Resource Hash `898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Response headers Transfer-Encoding chunked Cache-Control max-age=2592000, private Content-Encoding gzip ETag W/"670fc298-71b6" Connection keep-alive Expires Sat, 23 Nov 2024 12:42:23 GMT Date Thu, 24 Oct 2024 12:42:23 GMT Last-Modified Wed, 16 Oct 2024 13:41:44 GMT Content-Type application/javascript Vary Accept-Encoding, Accept-Encoding Server openresty
GET H/1.1	200 OK	bootstrap-slider.min.js Show response dgbhj.localdats.com/bundle/1089/assets/js/	26 KB 7 KB	9ms 9ms	Script application/javascript	142.132.150.101 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dgbhj.localdats.com/bundle/1089/assets/js/bootstrap-slider.min.js Requested by Host: dgbhj.localdats.com URL: https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 142.132.150.101 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.101.150.132.142.clients.your-server.de Software openresty / Resource Hash `926ac5c114974a527367752eef1ab86bdb364c34fafb39e9b976c7ab0c2adda6` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Response headers Transfer-Encoding chunked Cache-Control max-age=2592000, private Content-Encoding gzip ETag W/"670fc294-6647" Connection keep-alive Expires Sat, 23 Nov 2024 12:42:23 GMT Date Thu, 24 Oct 2024 12:42:23 GMT Last-Modified Wed, 16 Oct 2024 13:41:40 GMT Content-Type application/javascript Vary Accept-Encoding, Accept-Encoding Server openresty
GET H/1.1	200 OK	functions.js Show response dgbhj.localdats.com/bundle/1089/assets/js/	1 KB 773 B	9ms 9ms	Script application/javascript	142.132.150.101 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dgbhj.localdats.com/bundle/1089/assets/js/functions.js Requested by Host: dgbhj.localdats.com URL: https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 142.132.150.101 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.101.150.132.142.clients.your-server.de Software openresty / Resource Hash `ebd7a92af4d051891df2bbad59bbf1b2a36fc68f1108b15504d12550d656f566` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Response headers Transfer-Encoding chunked Cache-Control max-age=2592000, private Content-Encoding gzip ETag W/"670fc2a8-5a6" Connection keep-alive Expires Sat, 23 Nov 2024 12:42:23 GMT Date Thu, 24 Oct 2024 12:42:23 GMT Last-Modified Wed, 16 Oct 2024 13:42:00 GMT Content-Type application/javascript Vary Accept-Encoding, Accept-Encoding Server openresty
GET H/1.1	200 OK	outdoor_alt2.jpg dgbhj.localdats.com/bundle/1089/assets/images/	166 KB 167 KB	28ms 27ms	Image image/jpeg	142.132.150.101 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dgbhj.localdats.com/bundle/1089/assets/images/outdoor_alt2.jpg Requested by Host: dgbhj.localdats.com URL: https://dgbhj.localdats.com/bundle/1089/assets/css/style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 142.132.150.101 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.101.150.132.142.clients.your-server.de Software openresty / Resource Hash `c0bcbd8d13940ce39c9003ef356801201320955c109aff1167911c72fcc98807` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://dgbhj.localdats.com/bundle/1089/assets/css/style.css Response headers Cache-Control max-age=2592000, private ETag "670fc286-299db" Connection keep-alive Expires Sat, 23 Nov 2024 12:42:23 GMT Accept-Ranges bytes Content-Length 170459 Date Thu, 24 Oct 2024 12:42:23 GMT Content-Type image/jpeg Last-Modified Wed, 16 Oct 2024 13:41:26 GMT Server openresty
GET H/1.1	200 OK	favicon.png dgbhj.localdats.com/bundle/1089/assets/images/	2 KB 2 KB	16ms 16ms	Other image/png	142.132.150.101 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dgbhj.localdats.com/bundle/1089/assets/images/favicon.png Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 142.132.150.101 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.101.150.132.142.clients.your-server.de Software openresty / Resource Hash `117ea4bcc2c28854c3cd094c6ae225ad24b6622860ea1901a098c73e1583fe4e` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 Response headers Cache-Control max-age=2592000, private ETag "670fbb62-842" Connection keep-alive Expires Sat, 23 Nov 2024 12:42:23 GMT Accept-Ranges bytes Content-Length 2114 Date Thu, 24 Oct 2024 12:42:23 GMT Content-Type image/png Last-Modified Wed, 16 Oct 2024 13:10:58 GMT Server openresty
POST H/1.1	200 OK	track.php Show response dgbhj.localdats.com/	0 268 B	19ms 18ms	XHR text/html	142.132.150.101 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://dgbhj.localdats.com/track.php Requested by Host: dgbhj.localdats.com URL: https://dgbhj.localdats.com/bundle/1089/assets/js/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 142.132.150.101 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.101.150.132.142.clients.your-server.de Software openresty / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://dgbhj.localdats.com/s/5be21c1a30252?subsource=sallo0.3208975979176938 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept / Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Transfer-Encoding chunked Content-Encoding gzip Date Thu, 24 Oct 2024 12:42:23 GMT Content-Type text/html; charset=UTF-8 Vary Accept-Encoding, Accept-Encoding Server openresty Connection keep-alive

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Porn Scam (Online)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.localdats.com/	1970-01-21 00:31:00	Name: s Value: NbsEa0s4mc233%2B3lwa2GC193tbdHY9wBIYv2Yh3M3Un2tExxzlUdrFwz%2FMLnssXtsKsD1GyLly%2FiWjMzHscZ%2FyB%2BJvkRH5tb%2FTdQUiJj4bZWNh8CdbK4HYcBbniH%2BVR7z%2BAjuTy8SryIUth%2BFsnEWbobaEudE5hT%2BBMS1YJdo4rKwLfirJUSFgMCxPNLEnIIXIv2NtlT9XmvdJYB96VtUBjqWxdXmwABeMTryjyknaiDN2epvZt7%2FYWUu8A6%2BuncYxm6i1eCywjY%2BYvf5W5FQ8iFXRGyjWBmdIM0Q6SYBwsLwL%2FCWAzKHI12F7SrhddqEHK8DiRoWN3m450%2FovKDgaN8lI1Yoq22sbiWH7E2YMnVdDNOdMEUVDFRxEpdukGeqtXA8nCtGAWnYCqTboCbltQqGAaAekYsq4BuYKyqut%2FarebgLifaWbxzCMrJF25LWU1TMwFb14iAi5qTt2nzJLr%2FuSjkEs2m6e7xYgRsge2onD2y%2FH%2By4ixXfn1Sdo7FAqqMdn15mAx5R9pyBc3eztwTIyYg7j8nj1X%2BBSQkF%2B0vAZGOYe8%2FRve2Tw5t9uGmdV05hkgnA3q42G%2FMyQRB0U787EkMdPOZ7WrXXtwH5TdPDh2E8RMDRbiy4Bxa5V0hlMbXngCWIsie66UWfyuhdAyIwhuzPX7PCk%2BZqMeOuMgRHsZPhDcgSpsO%2B8yLiPSwP2L9Tt%2BvSMChmmIcyhWKzPmwgxCGJjMS4Mv8jtRM95G%2FWDPJJ1VdIebxgmm034FJhGC51h9aAIXuuuyAg37B05hHrk2xvmU79xmcqWunxZ2ICE90%2FgDL%2F%2FUbC%2FFV3ezQFrVgyVZWIr4sztlN9dHMyLw%2FgnCwQ73z6K1fPL1n6pBFpTg5uGCr6ZGSe9V%2B6SncGP%2Bu4qgA57Nid5a1wQ2gdmLoo%2BbMWxbatqtc0QMB9Sz4%2Fm7u8MsPcxkA%2Bre7X4eERsep8DG4snPJaCMe5IBCBijxK93HOD8%2FLjbopzTKENpiFhNDQ2UqtXpswWs7v5HfPnTZpzyUC5%2BXcGiF5YSw65mDgl7G0%2FWVxKPgICucnwbEMgcDcgolh%2FGvkzD19TK69UygWxv216nHDPrWdBzykbJvIJR9b1w%2FCsQbyvVr6h8m7qFn0%2Bzz783YJ65MefC4No%2FMF%2BwUTTUTik%2B11DQ%2BkgI0KMvs9jIPwOEgT%2BLYb40L4tFuFMojoRvSMu%2Fy4SqcZYYZjNWwJQO%2BZNKtxVc%2FuQ33zq0dtBdHzeAYj1lxsBwDTxT%2FpWgMmVe8wvW6gCp2EnFGU3Fem9KtF98HkdfE4YdYu4KS52b%2Fgs%2FXhPV%2Fexi095yVYlDn%2B34hF5Iv0rfQ618MwSDTXbKR96ozZp9UZr7ZefxoITdPpX4LvQ8xM7vI%2B4D4UCqyN8jT%2F%2BoqEoZZuKlrSO0m6qa8%2BGklhffleQaJF%2FYHwKG%2F2FPtTQEfWTAeDgpDH9GsMDcnZxtxBwl6FdB9rL3jrPxBUhBodIv5666lmGtX%2FejWUZm39yHW3m0YtvHCj57DlHKxMiML5vraeieYFkBqCEBaGyedk9%2BFFl5txGka60zrSBasbTz1gpRokSEPn0dYuQiOiU%2FX3ftsqAQbH8TPHCRepq5hXQQ6Iob0X%2BlodNzs7dnfixeBrzh%2BOeDPXOJWNAtnmwJPsjwnZKxiKAe1NBCHqneixo1pDgHhva9jAssghysBFYDjqcU9Hn6ddaJUlMfmHmzFSQmIv6VTWlvZFY67ukK01%2FJqocIO%2FpxxgjuCudl8s%2FMBL5ivcMLUaS7lupXwuCu%2BkFu8T84PkTfqxNcCjkFGJwHual615TV5EGAg1n7xkEA%3D
			dgbhj.localdats.com/	1969-12-31 23:59:59	Name: CF Value: ZfTLJWgMPn1uACvu1ziqKQ__

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dgbhj.localdats.com
myprostitut.com
142.132.150.101
185.68.92.11
0ca1d39f999294e137c538278732cd5f2e0f6bd54617ec7e347773ac5b3d8272
117ea4bcc2c28854c3cd094c6ae225ad24b6622860ea1901a098c73e1583fe4e
37d237c2cfc632735d5a1c48184e7e7afc5358ffd8ab8d6bd9f90a16d1e2993f
7492454d1a0b19bd1115cf7b931f9a27259eb8b43168173e28b1aa477ad0ba1a
89495896bcc3deb0b6a643cf55ddfe620ada0cdb66cd09ce4ba801a06396fcef
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
926ac5c114974a527367752eef1ab86bdb364c34fafb39e9b976c7ab0c2adda6
a27ecbe0f63af48cceb0dc93fb842d3161462ca44d16bae13ea4a85488a7a8ce
c0bcbd8d13940ce39c9003ef356801201320955c109aff1167911c72fcc98807
c60ab8db0dbadec4a4feebfdaa7b108499b4adeaded179d0c49055e20a8cf05c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebd7a92af4d051891df2bbad59bbf1b2a36fc68f1108b15504d12550d656f566
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

dgbhj.localdats.com Open in urlscan Pro 142.132.150.101 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

432 kBTransfer

664 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

18 JavaScript Global Variables

2 Cookies

Indicators

dgbhj.localdats.com Open in urlscan Pro
142.132.150.101 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

432 kB
Transfer

664 kB
Size

2
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!