cbjbdhb.offrsmatcher.com Open in urlscan Pro
5.104.107.248 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://vsmid.nakula.fun/a/MnQ3M1N1MDNHTWhIQkowa0J0b21MNzQxVmh3Z1ZXei9NWVh3cXVxUVhwZlNlUWlQMjZhWFd6UjV1MmplQjNxV2Q5YStmM0...
Effective URL:
https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=CIKGU&track=CIKGU&subsource=Q0lLR1UsRVMsMTQ2LjcwLjEyOC4xODIsV0VCLFRSQUZFRQ
Submission: On December 01 via manual (December 1st 2024, 9:05:10 pm UTC) from ES — Scanned from ES

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 12 HTTP transactions. The main IP is 5.104.107.248, located in Düsseldorf, Germany and belongs to MYLOC-AS WIIT AG, DE. The main domain is cbjbdhb.offrsmatcher.com.
TLS certificate: Issued by R10 on November 6th 2024. Valid for: 3 months.

This is the only time cbjbdhb.offrsmatcher.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 2 votes Show Verdicts

Domain & IP information

	IP Address	AS Autonomous System
1	172.67.216.220 172.67.216.220	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	68.66.226.114 68.66.226.114	55293 (A2HOSTING) (A2HOSTING)
5	5.104.107.248 5.104.107.248	24961 (MYLOC-AS ...) (MYLOC-AS WIIT AG)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
12	6

1 172.67.216.220 (United States)

ASN13335 (CLOUDFLARENET, US)

vsmid.nakula.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.66.226.114 (United States) 1 redirects

ASN55293 (A2HOSTING, US)
PTR: az1-ss99.a2hosting.com

susankatarina.onlapsnow.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 5.104.107.248 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS WIIT AG, DE)
PTR: srv11409.dus4.dedicated.server-hosting.expert

cbjbdhb.offrsmatcher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	offrsmatcher.com cbjbdhb.offrsmatcher.com	101 KB
4	onlapsnow.buzz 1 redirects susankatarina.onlapsnow.buzz	4 KB
1	gstatic.com fonts.gstatic.com	48 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 847	30 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	nakula.fun vsmid.nakula.fun	1 KB
12	6

	Domain	Requested by
5	cbjbdhb.offrsmatcher.com	susankatarina.onlapsnow.buzz cbjbdhb.offrsmatcher.com
4	susankatarina.onlapsnow.buzz	1 redirects vsmid.nakula.fun susankatarina.onlapsnow.buzz
1	fonts.gstatic.com	fonts.googleapis.com
1	code.jquery.com	cbjbdhb.offrsmatcher.com
1	fonts.googleapis.com	cbjbdhb.offrsmatcher.com
1	vsmid.nakula.fun
12	6

This site contains no links.

Subject Issuer	Validity	Valid
nakula.fun WE1	`2024-10-14` - `2025-01-12`	3 months	crt.sh
.onlapsnow.buzz .onlapsnow.buzz	`2024-05-30` - `2025-05-30`	a year	crt.sh
offrsmatcher.com R10	`2024-11-06` - `2025-02-04`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=CIKGU&track=CIKGU&subsource=Q0lLR1UsRVMsMTQ2LjcwLjEyOC4xODIsV0VCLFRSQUZFRQ
Frame ID: 61F3E5972D5663060D5FBA14FA1F6D06
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Delicias de citas :)

Page URL History Show full URLs

https://vsmid.nakula.fun/a/MnQ3M1N1MDNHTWhIQkowa0J0b21MNzQxVmh3Z1ZXei9NWVh3cXVxUVhwZlNlUWlQMjZhWFd6Uj... Page URL
http://susankatarina.onlapsnow.buzz/YVFJQkssQ0lLR1UsMTczMjk0MzY3MywsVFJBRkVFLEhpISBJJ206IEthc2FuZHJhIC0gT24gbGl2... HTTP 307
https://susankatarina.onlapsnow.buzz/YVFJQkssQ0lLR1UsMTczMjk0MzY3MywsVFJBRkVFLEhpISBJJ206IEthc2FuZHJhIC0gT24gbGl2... Page URL
https://susankatarina.onlapsnow.buzz/_meetups/?click_id=CIKGU&country_code=ES&user_agent=WEB&ip_address=146.70.12... HTTP 302
https://susankatarina.onlapsnow.buzz/_meetups/r.php?click_id=CIKGU&country_code=ES&user_agent=WEB&ip_address=146.... Page URL
https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=CIKGU&track=CIKGU&subsource=Q0lLR1UsRVMsMTQ2LjcwLjEyOC4... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

75 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

185 kB
Transfer

294 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://vsmid.nakula.fun/a/MnQ3M1N1MDNHTWhIQkowa0J0b21MNzQxVmh3Z1ZXei9NWVh3cXVxUVhwZlNlUWlQMjZhWFd6UjV1MmplQjNxV2Q5YStmM0hXeVVxaExGbDUvaVNGUnB4TmhRMCtmb0dVcnRLYjhnY0src0o2bzFnQklzUTZjWkQwMjg2TGMzYUZkUnE4bS9IbFNQN3JXM2MwM01FUVFvVVZQSTYyUnQxemJ2STRyRHV0b0FtbXRHaVlhVnJCZEQ4WmNiRFZEVHZxY0NkZGx0N3BCTnRSN2w3dndGK1dvbXltaElhSmw5aGdWd0x3ckxjVjBrZW5XdWFjdnRXTnRWZzhQM2xuWU92TDhyZElYVE1MU09saU5qQUlGbEU1a0R3eXUwUDgzTnpaWlFPRGZMcWp4aGxaTjdvWGx4RHNYRmhHVnhpNTUzMzVuTFpXNkpzTXhYK1R3MGpLRXpVRTVBN2RaVUd2Nk5NWUhURXRrclFyWkp0OW1oNms1OUlmY1FNaGdBaXN0bExDOTJIcFZSdEMzaWs4aWg3d3dJR0o4WEF4ci9ZYmFBamkvTWVxR2hWb1hPaytZc21TNVZHOGJERk4vTXFqWkZlbWwxZlV6SUM0Tm5aQVRZWDJZWWp1enc9PQ==?0e5i4fsu65ub Page URL
http://susankatarina.onlapsnow.buzz/YVFJQkssQ0lLR1UsMTczMjk0MzY3MywsVFJBRkVFLEhpISBJJ206IEthc2FuZHJhIC0gT24gbGl2ZSBzaG93cyEs HTTP 307
https://susankatarina.onlapsnow.buzz/YVFJQkssQ0lLR1UsMTczMjk0MzY3MywsVFJBRkVFLEhpISBJJ206IEthc2FuZHJhIC0gT24gbGl2ZSBzaG93cyEs Page URL
https://susankatarina.onlapsnow.buzz/_meetups/?click_id=CIKGU&country_code=ES&user_agent=WEB&ip_address=146.70.128.182&user_lp=TRAFEE HTTP 302
https://susankatarina.onlapsnow.buzz/_meetups/r.php?click_id=CIKGU&country_code=ES&user_agent=WEB&ip_address=146.70.128.182&user_lp=TRAFEE Page URL
https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=CIKGU&track=CIKGU&subsource=Q0lLR1UsRVMsMTQ2LjcwLjEyOC4xODIsV0VCLFRSQUZFRQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://susankatarina.onlapsnow.buzz/YVFJQkssQ0lLR1UsMTczMjk0MzY3MywsVFJBRkVFLEhpISBJJ206IEthc2FuZHJhIC0gT24gbGl2ZSBzaG93cyEs HTTP 307
https://susankatarina.onlapsnow.buzz/YVFJQkssQ0lLR1UsMTczMjk0MzY3MywsVFJBRkVFLEhpISBJJ206IEthc2FuZHJhIC0gT24gbGl2ZSBzaG93cyEs

Request Chain 3

https://susankatarina.onlapsnow.buzz/_meetups/?click_id=CIKGU&country_code=ES&user_agent=WEB&ip_address=146.70.128.182&user_lp=TRAFEE HTTP 302
https://susankatarina.onlapsnow.buzz/_meetups/r.php?click_id=CIKGU&country_code=ES&user_agent=WEB&ip_address=146.70.128.182&user_lp=TRAFEE

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 MnQ3M1N1MDNHTWhIQkowa0J0b21MNzQxVmh3Z1ZXei9NWVh3cXVxUVhwZlNlUWlQMjZhWFd6UjV1MmplQjNxV2Q5YStmM0hXeVVxaExGbDUvaVNGUnB4TmhRMCtmb0dVcnRLYjhnY0src0o2bzFnQklzUTZjWkQwMjg2TGMzYUZkUnE4bS9IbFNQN3JXM2MwM01FU...
vsmid.nakula.fun/a/ 2 KB
1 KB 287ms
191ms Document
text/html 172.67.216.220
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vsmid.nakula.fun/a/MnQ3M1N1MDNHTWhIQkowa0J0b21MNzQxVmh3Z1ZXei9NWVh3cXVxUVhwZlNlUWlQMjZhWFd6UjV1MmplQjNxV2Q5YStmM0hXeVVxaExGbDUvaVNGUnB4TmhRMCtmb0dVcnRLYjhnY0src0o2bzFnQklzUTZjWkQwMjg2TGMzYUZkUnE4bS9IbFNQN3JXM2MwM01FUVFvVVZQSTYyUnQxemJ2STRyRHV0b0FtbXRHaVlhVnJCZEQ4WmNiRFZEVHZxY0NkZGx0N3BCTnRSN2w3dndGK1dvbXltaElhSmw5aGdWd0x3ckxjVjBrZW5XdWFjdnRXTnRWZzhQM2xuWU92TDhyZElYVE1MU09saU5qQUlGbEU1a0R3eXUwUDgzTnpaWlFPRGZMcWp4aGxaTjdvWGx4RHNYRmhHVnhpNTUzMzVuTFpXNkpzTXhYK1R3MGpLRXpVRTVBN2RaVUd2Nk5NWUhURXRrclFyWkp0OW1oNms1OUlmY1FNaGdBaXN0bExDOTJIcFZSdEMzaWs4aWg3d3dJR0o4WEF4ci9ZYmFBamkvTWVxR2hWb1hPaytZc21TNVZHOGJERk4vTXFqWkZlbWwxZlV6SUM0Tm5aQVRZWDJZWWp1enc9PQ==?0e5i4fsu65ub
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.216.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8eb6087f7d37cfb5-MAD
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Sun, 01 Dec 2024 21:05:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDy8hvq2vQ12%2BvRGpxKicpYxtm4Cp9bVI%2Fq7Vr%2FpXqid1bqg5l%2B3%2BSc9idK%2FiVJVm5a3jwGM9V9450V1ysARdXerc7E2j8UUYrSkmNVRLN9pvXLn5jkdHsYMmgCVpkF%2B7DEb"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=42584&min_rtt=41932&rtt_var=7220&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4137&recv_bytes=5015&delivery_rate=417&cwnd=12000&unsent_bytes=0&cid=3e7aebbda3ace046&ts=191&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-powered-by: PHP/8.0.30
x-turbo-charged-by: LiteSpeed

GET
H/1.1

200
OK

YVFJQkssQ0lLR1UsMTczMjk0MzY3MywsVFJBRkVFLEhpISBJJ206IEthc2FuZHJhIC0gT24gbGl2ZSBzaG93cyEs
susankatarina.onlapsnow.buzz/
Redirect Chain

http://susankatarina.onlapsnow.buzz/YVFJQkssQ0lLR1UsMTczMjk0MzY3MywsVFJBRkVFLEhpISBJJ206IEthc2FuZHJhIC0gT24gbGl2ZSBzaG93cyEs
https://susankatarina.onlapsnow.buzz/YVFJQkssQ0lLR1UsMTczMjk0MzY3MywsVFJBRkVFLEhpISBJJ206IEthc2FuZHJhIC0gT24gbGl2ZSBzaG93cyEs

2 KB
1 KB

589ms
192ms

Document
text/html

68.66.226.114
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://susankatarina.onlapsnow.buzz/YVFJQkssQ0lLR1UsMTczMjk0MzY3MywsVFJBRkVFLEhpISBJJ206IEthc2FuZHJhIC0gT24gbGl2ZSBzaG93cyEs

Requested by

Host: vsmid.nakula.fun
URL: https://vsmid.nakula.fun/a/MnQ3M1N1MDNHTWhIQkowa0J0b21MNzQxVmh3Z1ZXei9NWVh3cXVxUVhwZlNlUWlQMjZhWFd6UjV1MmplQjNxV2Q5YStmM0hXeVVxaExGbDUvaVNGUnB4TmhRMCtmb0dVcnRLYjhnY0src0o2bzFnQklzUTZjWkQwMjg2TGMzYUZkUnE4bS9IbFNQN3JXM2MwM01FUVFvVVZQSTYyUnQxemJ2STRyRHV0b0FtbXRHaVlhVnJCZEQ4WmNiRFZEVHZxY0NkZGx0N3BCTnRSN2w3dndGK1dvbXltaElhSmw5aGdWd0x3ckxjVjBrZW5XdWFjdnRXTnRWZzhQM2xuWU92TDhyZElYVE1MU09saU5qQUlGbEU1a0R3eXUwUDgzTnpaWlFPRGZMcWp4aGxaTjdvWGx4RHNYRmhHVnhpNTUzMzVuTFpXNkpzTXhYK1R3MGpLRXpVRTVBN2RaVUd2Nk5NWUhURXRrclFyWkp0OW1oNms1OUlmY1FNaGdBaXN0bExDOTJIcFZSdEMzaWs4aWg3d3dJR0o4WEF4ci9ZYmFBamkvTWVxR2hWb1hPaytZc21TNVZHOGJERk4vTXFqWkZlbWwxZlV6SUM0Tm5aQVRZWDJZWWp1enc9PQ==?0e5i4fsu65ub

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.66.226.114 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ss99.a2hosting.com

Software

Apache / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://vsmid.nakula.fun/a/MnQ3M1N1MDNHTWhIQkowa0J0b21MNzQxVmh3Z1ZXei9NWVh3cXVxUVhwZlNlUWlQMjZhWFd6UjV1MmplQjNxV2Q5YStmM0hXeVVxaExGbDUvaVNGUnB4TmhRMCtmb0dVcnRLYjhnY0src0o2bzFnQklzUTZjWkQwMjg2TGMzYUZkUnE4bS9IbFNQN3JXM2MwM01FUVFvVVZQSTYyUnQxemJ2STRyRHV0b0FtbXRHaVlhVnJCZEQ4WmNiRFZEVHZxY0NkZGx0N3BCTnRSN2w3dndGK1dvbXltaElhSmw5aGdWd0x3ckxjVjBrZW5XdWFjdnRXTnRWZzhQM2xuWU92TDhyZElYVE1MU09saU5qQUlGbEU1a0R3eXUwUDgzTnpaWlFPRGZMcWp4aGxaTjdvWGx4RHNYRmhHVnhpNTUzMzVuTFpXNkpzTXhYK1R3MGpLRXpVRTVBN2RaVUd2Nk5NWUhURXRrclFyWkp0OW1oNms1OUlmY1FNaGdBaXN0bExDOTJIcFZSdEMzaWs4aWg3d3dJR0o4WEF4ci9ZYmFBamkvTWVxR2hWb1hPaytZc21TNVZHOGJERk4vTXFqWkZlbWwxZlV6SUM0Tm5aQVRZWDJZWWp1enc9PQ==?0e5i4fsu65ub
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 703
Content-Type: text/html; charset=UTF-8
Date: Sun, 01 Dec 2024 21:05:04 GMT
Keep-Alive: timeout=3, max=500
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.4.33

Redirect headers

Location: https://susankatarina.onlapsnow.buzz/YVFJQkssQ0lLR1UsMTczMjk0MzY3MywsVFJBRkVFLEhpISBJJ206IEthc2FuZHJhIC0gT24gbGl2ZSBzaG93cyEs
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK 1000w
susankatarina.onlapsnow.buzz/ 2 KB
2 KB 188ms
188ms Image
text/html 68.66.226.114
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://susankatarina.onlapsnow.buzz/1000w

Requested by

Host: susankatarina.onlapsnow.buzz
URL: https://susankatarina.onlapsnow.buzz/YVFJQkssQ0lLR1UsMTczMjk0MzY3MywsVFJBRkVFLEhpISBJJ206IEthc2FuZHJhIC0gT24gbGl2ZSBzaG93cyEs

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.66.226.114 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ss99.a2hosting.com

Software

Apache / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://susankatarina.onlapsnow.buzz/YVFJQkssQ0lLR1UsMTczMjk0MzY3MywsVFJBRkVFLEhpISBJJ206IEthc2FuZHJhIC0gT24gbGl2ZSBzaG93cyEs

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
Cache-Control: no-cache
Content-Encoding: gzip
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Content-Length: 676
Keep-Alive: timeout=3, max=499
Date: Sun, 01 Dec 2024 21:05:04 GMT
Content-Type: text/html; charset=UTF-8
X-Powered-By: PHP/7.4.33
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H/1.1

200
OK

r.php
susankatarina.onlapsnow.buzz/_meetups/
Redirect Chain

https://susankatarina.onlapsnow.buzz/_meetups/?click_id=CIKGU&country_code=ES&user_agent=WEB&ip_address=146.70.128.182&user_lp=TRAFEE
https://susankatarina.onlapsnow.buzz/_meetups/r.php?click_id=CIKGU&country_code=ES&user_agent=WEB&ip_address=146.70.128.182&user_lp=TRAFEE

760 B
841 B

191ms
191ms

Document
text/html

68.66.226.114
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://susankatarina.onlapsnow.buzz/_meetups/r.php?click_id=CIKGU&country_code=ES&user_agent=WEB&ip_address=146.70.128.182&user_lp=TRAFEE

Requested by

Host: susankatarina.onlapsnow.buzz
URL: https://susankatarina.onlapsnow.buzz/YVFJQkssQ0lLR1UsMTczMjk0MzY3MywsVFJBRkVFLEhpISBJJ206IEthc2FuZHJhIC0gT24gbGl2ZSBzaG93cyEs

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

68.66.226.114 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ss99.a2hosting.com

Software

Apache / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://susankatarina.onlapsnow.buzz/YVFJQkssQ0lLR1UsMTczMjk0MzY3MywsVFJBRkVFLEhpISBJJ206IEthc2FuZHJhIC0gT24gbGl2ZSBzaG93cyEs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 410
Content-Type: text/html; charset=UTF-8
Date: Sun, 01 Dec 2024 21:05:05 GMT
Keep-Alive: timeout=3, max=497
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.4.33

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sun, 01 Dec 2024 21:05:04 GMT
Keep-Alive: timeout=3, max=498
Location: /_meetups/r.php?click_id=CIKGU&country_code=ES&user_agent=WEB&ip_address=146.70.128.182&user_lp=TRAFEE
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: PHP/7.4.33

GET
H/1.1 200
OK Primary Request 002d12a170722 Show response
cbjbdhb.offrsmatcher.com/s/ 45 KB
18 KB 725ms
267ms Document
text/html 5.104.107.248
MYLOC-AS WIIT AG

General

Check archive.org

Show headers Download Go to

Full URL: https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=CIKGU&track=CIKGU&subsource=Q0lLR1UsRVMsMTQ2LjcwLjEyOC4xODIsV0VCLFRSQUZFRQ
Requested by: Host: susankatarina.onlapsnow.buzz
URL: https://susankatarina.onlapsnow.buzz/_meetups/r.php?click_id=CIKGU&country_code=ES&user_agent=WEB&ip_address=146.70.128.182&user_lp=TRAFEE
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS: srv11409.dus4.dedicated.server-hosting.expert
Software: openresty /
Resource Hash: 05ea2c202537b3282e5a34a109d6ecc0b0be772cf42ff31d4cace94caa01ab8e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: must-revalidate, no-cache, no-store, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 01 Dec 2024 21:05:05 GMT
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding
expires: -1
pragma: no-cache

GET
H2 200 css2
fonts.googleapis.com/ 22 KB
1 KB 193ms
69ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: cbjbdhb.offrsmatcher.com
URL: https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=CIKGU&track=CIKGU&subsource=Q0lLR1UsRVMsMTQ2LjcwLjEyOC4xODIsV0VCLFRSQUZFRQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a01210a2b1a7e2c2249e9afad4e30bf8c0d7feb7fb6d56badd923fa3bc1a992a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cbjbdhb.offrsmatcher.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 01 Dec 2024 21:05:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 01 Dec 2024 21:05:06 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 01 Dec 2024 19:46:32 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK style.css
cbjbdhb.offrsmatcher.com/bundle/1109/assets/css/ 9 KB
3 KB 61ms
61ms Stylesheet
text/css 5.104.107.248
MYLOC-AS WIIT AG

General

Check archive.org

Show headers Download Go to

Full URL: https://cbjbdhb.offrsmatcher.com/bundle/1109/assets/css/style.css
Requested by: Host: cbjbdhb.offrsmatcher.com
URL: https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=CIKGU&track=CIKGU&subsource=Q0lLR1UsRVMsMTQ2LjcwLjEyOC4xODIsV0VCLFRSQUZFRQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS: srv11409.dus4.dedicated.server-hosting.expert
Software: openresty /
Resource Hash: 614deae5611f629f5d85bd5916ebb02de4acc41914a9db272183334f91ba4e38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=CIKGU&track=CIKGU&subsource=Q0lLR1UsRVMsMTQ2LjcwLjEyOC4xODIsV0VCLFRSQUZFRQ

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=2592000, private
Content-Encoding: gzip
ETag: W/"67164f70-24c7"
Connection: keep-alive
Expires: Tue, 31 Dec 2024 21:05:05 GMT
Date: Sun, 01 Dec 2024 21:05:05 GMT
Last-Modified: Mon, 21 Oct 2024 12:56:16 GMT
Content-Type: text/css
Vary: Accept-Encoding
Server: openresty

GET
H2 200 jquery-3.7.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 108ms
35ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.1.min.js
Requested by: Host: cbjbdhb.offrsmatcher.com
URL: https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=CIKGU&track=CIKGU&subsource=Q0lLR1UsRVMsMTQ2LjcwLjEyOC4xODIsV0VCLFRSQUZFRQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://cbjbdhb.offrsmatcher.com
Referer: https://cbjbdhb.offrsmatcher.com/

Response headers

content-encoding: gzip
etag: W/"28feccc0-155ed"
age: 2267255
x-cache: HIT, HIT
date: Sun, 01 Dec 2024 21:05:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits: 90678, 112049
x-served-by: cache-lga21978-LGA, cache-mad2200096-MAD
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1733087106.122015,VS0,VE0
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30336
server: nginx

GET
H/1.1 200
OK functions.js Show response
cbjbdhb.offrsmatcher.com/bundle/1109/assets/js/ 1 KB
790 B 122ms
60ms Script
application/javascript 5.104.107.248
MYLOC-AS WIIT AG

General

Check archive.org

Show headers Download Go to

Full URL: https://cbjbdhb.offrsmatcher.com/bundle/1109/assets/js/functions.js
Requested by: Host: cbjbdhb.offrsmatcher.com
URL: https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=CIKGU&track=CIKGU&subsource=Q0lLR1UsRVMsMTQ2LjcwLjEyOC4xODIsV0VCLFRSQUZFRQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS: srv11409.dus4.dedicated.server-hosting.expert
Software: openresty /
Resource Hash: 667865f0c8ad237ab1efdd85bf9873ae1222161b5198640ab742dda0676031d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=CIKGU&track=CIKGU&subsource=Q0lLR1UsRVMsMTQ2LjcwLjEyOC4xODIsV0VCLFRSQUZFRQ

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=2592000, private
Content-Encoding: gzip
ETag: W/"67164d52-490"
Connection: keep-alive
Expires: Tue, 31 Dec 2024 21:05:06 GMT
Date: Sun, 01 Dec 2024 21:05:06 GMT
Last-Modified: Mon, 21 Oct 2024 12:47:14 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Server: openresty

GET
H/1.1 200
OK bg.jpg
cbjbdhb.offrsmatcher.com/bundle/1109/assets/images/ 76 KB
77 KB 61ms
61ms Image
image/jpeg 5.104.107.248
MYLOC-AS WIIT AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbjbdhb.offrsmatcher.com/bundle/1109/assets/images/bg.jpg
Requested by: Host: cbjbdhb.offrsmatcher.com
URL: https://cbjbdhb.offrsmatcher.com/bundle/1109/assets/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS: srv11409.dus4.dedicated.server-hosting.expert
Software: openresty /
Resource Hash: 30aaeece920a492807daebe729a9cf10c1ce1d50807ae93320b6ef7762d662a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cbjbdhb.offrsmatcher.com/bundle/1109/assets/css/style.css

Response headers

Cache-Control: max-age=2592000, private
ETag: "67164a44-1314d"
Connection: keep-alive
Expires: Tue, 31 Dec 2024 21:05:06 GMT
Content-Length: 78157
Date: Sun, 01 Dec 2024 21:05:06 GMT
Content-Type: image/jpeg
Last-Modified: Mon, 21 Oct 2024 12:34:12 GMT
Server: openresty

GET
H2 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 47 KB
48 KB 484ms
58ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://cbjbdhb.offrsmatcher.com
Referer: https://fonts.googleapis.com/

Response headers

age: 512845
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 25 Nov 2025 22:37:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 25 Nov 2024 22:37:41 GMT
last-modified: Mon, 29 Jul 2024 22:51:01 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48444
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK favicon.png
cbjbdhb.offrsmatcher.com/bundle/1109/assets/images/ 2 KB
2 KB 61ms
60ms Other
image/png 5.104.107.248
MYLOC-AS WIIT AG

General

Check archive.org

Show headers Download Go to

Full URL: https://cbjbdhb.offrsmatcher.com/bundle/1109/assets/images/favicon.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS: srv11409.dus4.dedicated.server-hosting.expert
Software: openresty /
Resource Hash: 117ea4bcc2c28854c3cd094c6ae225ad24b6622860ea1901a098c73e1583fe4e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=CIKGU&track=CIKGU&subsource=Q0lLR1UsRVMsMTQ2LjcwLjEyOC4xODIsV0VCLFRSQUZFRQ

Response headers

Cache-Control: max-age=2592000, private
ETag: "670fbb62-842"
Connection: keep-alive
Expires: Tue, 31 Dec 2024 21:05:06 GMT
Content-Length: 2114
Date: Sun, 01 Dec 2024 21:05:06 GMT
Content-Type: image/png
Last-Modified: Wed, 16 Oct 2024 13:10:58 GMT
Server: openresty

Verdicts & Comments Add Verdict or Comment

Malicious page.url
Submitted on December 1st 2024, 9:13:01 pm UTC — From Spain

Threats: Misc Scam Potentially Harmful Application
Comment: URLS sent in social media as spam messaged

Malicious task.url
Submitted on December 1st 2024, 9:12:40 pm UTC — From Spain

Threats: Misc Scam
Comment: URLS sent in social media as spam messaged

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.offrsmatcher.com/	1970-01-21 01:26:13	Name: s Value: fJ0jU%2B4CF79scAiMOfU3QN%2BvHcVfbRQDMFaI%2B5E7tl6a%2Bvb0N1SR9kRRB9rZf1gjovIyNxVcNbOoMOb4%2FbLNhCB%2BLvahPqNZ%2FR9Q5iRz1SDBbBDkTuq3s%2FeAIHONQEIIL%2FqHEf6uwJJWTUbls8rWHMzbXskqLnah%2BNQNlUEOqg3QaCBaiDuRFVLX%2Ff6K3hrDgsGHZq2%2BEMU85LTB8fbSYLnyGMglOAEoFyBh3LbM3UaVv%2BgK5SUnUhHu0kClrHOc%2Bmc8zYS%2FwZLVKz75KIw7Wg87ECcnlaQR5Nd7l%2BYedvfr15e6fIatl36axSAkHv6dG3bG22RoXEmL2Vde1uz4eQSitw9G%2B0sHPyPBuwv99u3S2J4ILXlmwvnjGlEfz2t%2FUqnDlDTQ1l9YKW2%2FsJS2v7q96ahDhq0Sy%2BsbnM26xsNot%2BsRNAbO%2FWIVFs1dhO2CLX%2BJ4u0jGJuxoeHbNbynUTuQY483RbiplvncZalBMjs6IZS8q6mXp4RdDOFCDrkEAW9%2BQlU29n2ylIdK8JanqWZyEG%2FSdT1a%2Fj0Q%2Fm%2B%2Bn%2F9LlHkBzdMbiReCGtiNLlN4DhJgPDcDVQXIysP%2Fkxt2XQGSaEYPt%2BTRckcbWl8PiSLfTV3kXp5HscZ%2F%2FFD7GRoyGUiiEC6Jx8BcUfTX0wJzyRdE1OiymvLQssKQuy%2B%2BkG4TjyZHe8UxoJU%2B2FYifGJ3s3%2BAmV7v4TV%2FE19ThiZ0gWgcE0Kb5YQgLNta8ogyLBrlnbdhDB4rd8Hj05ZB5yuhfqiMBtuHNezFDD3acVAWNDga8cD5WwfPnD7bjyyjrf0%2BeFIMAJVg0AgSB%2Fahj%2BKmzgPUEQmGdFqZCf%2BmKegTXn%2FdHEYzk5HDhGyibJaUIhRAqfYMlbMeVDTsf6jywYEWoUpF4a5TmX6dDEQ4ho%2FNRSTmERdP4WWMymj5fpl2YWz24wgm3Ctat9Q0UnpmXcuRVoL8M5WIY44SNyc7hcc8PlwXI%2B%2Ffocmd%2BCJkZNmkUZOM3zTzsDonAM%2BgMc8wNjP5hNllERLC5KkjxrwUjlQORf6KsvvmHd4ILh2B%2BFuwBWEIqFThcue1JXrPdeWDl3D0saaoZ8SEgWS7UBWkxwh76F2fcXlfMq8lbw%2F1YKwencW1LOdNmC9lWkfuW0sRISSqlcWONrWZnoy0be8b77022N7cxfTW0ETdYQUTkcs6s2grdUoOX2n3HqGYwptFBDpjOnkdtJlMgZ3jM215sssQvjUp7zKu1B4DL9y%2B%2Fide7%2BZ5SvXb35JxtweF%2F0eTKxBOkf8urpLG7OxCoxMgt7BLlhI4RMNmqx6GA5z24kjMR5W17eA9L9LCTrsD2tzqSUe%2FK6I8%2FlzdnjcCqcfQQj6SjYHM%2BsFO3kARyhHWYo4SN9O4VVzEq9Ig7t35J0t0kywKidw5YxGE%2B7I%2FpdTp9pHbA6g55ldGl0c8SjW9tpP%2BRyzoagTxar2WzwbZWovzpdgt%2FQiCrnuvJiELzvtW4uF8OFCzSQWem2b1rCD0Ox4Sl%2FawfESPXhBvfV82N2EJaYoI3%2FDTVQOuLJeYh5g2qCoJAUZDwCSLsEtNEDWvmCdSoNskZC%2BKehGE3W4E40aq4NSN%2Fa%2BRFXdCjrIcgHUNtL%2BtYztjXJWJLQul3ECk0%2FgWH8cLirsqHq9v076VPAEX%2BPXCBzq4ieOKuFi4kX9Ned62Ouj%2F6daE0rBfIbrJn5xTvrT3f7jerw6pylrMJjSLAWehB1oDmKABrXzGLuFyQ6zSJqKC3mQQ8I2UEIKdSE7kFZRDVWTBRIT1ewxl%2F8jPS2COE2IimxPnuvig%2BqHKmSmLtmG7akREGy9pTfAj%2FolkdXP%2Bpj3iyvMhUHA%2BaCVhyl51MK%2BRAZVmao8wWrubB3x6SzJfHFyrllUwnUmOFsukOpMRg2zsgRNWVfFGPfjUB6f4Db6BDh73bGQRQwCC8R%2BPuw%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cbjbdhb.offrsmatcher.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
susankatarina.onlapsnow.buzz
vsmid.nakula.fun
172.67.216.220
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200a
2a04:4e42:200::649
5.104.107.248
68.66.226.114
05ea2c202537b3282e5a34a109d6ecc0b0be772cf42ff31d4cace94caa01ab8e
117ea4bcc2c28854c3cd094c6ae225ad24b6622860ea1901a098c73e1583fe4e
30aaeece920a492807daebe729a9cf10c1ce1d50807ae93320b6ef7762d662a7
614deae5611f629f5d85bd5916ebb02de4acc41914a9db272183334f91ba4e38
667865f0c8ad237ab1efdd85bf9873ae1222161b5198640ab742dda0676031d4
a01210a2b1a7e2c2249e9afad4e30bf8c0d7feb7fb6d56badd923fa3bc1a992a
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

cbjbdhb.offrsmatcher.com Open in urlscan Pro 5.104.107.248 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious — 2 votes Show Verdicts

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

75 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

6 IPs

2 Countries

185 kBTransfer

294 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Malicious page.url Submitted on December 1st 2024, 9:13:01 pm UTC — From Spain

Malicious task.url Submitted on December 1st 2024, 9:12:40 pm UTC — From Spain

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

13 JavaScript Global Variables

1 Cookies

Indicators

cbjbdhb.offrsmatcher.com Open in urlscan Pro
5.104.107.248 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

75 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

185 kB
Transfer

294 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions

Malicious page.url
Submitted on December 1st 2024, 9:13:01 pm UTC — From Spain

Malicious task.url
Submitted on December 1st 2024, 9:12:40 pm UTC — From Spain

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!