urlscan.io logo urlscan.io
SecurityTrails logo

www.advidates.com Open in urlscan Pro
178.162.199.80  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/haytam2/looppanel.html#zmq.PKEszylnzkjCbgJRuYtPCRC?gLhZkdQbGRlF=SnhwjsJGlXsn17e3qu101uenb01jh9n0...
Effective URL: https://www.advidates.com/?utm_source=5fc90ada8ba62&click_id=263436426&subsource=101513_4726
Submission: On August 06 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 5 countries across 9 domains to perform 12 HTTP transactions. The main IP is 178.162.199.80, located in Germany and belongs to LEASEWEB-DE-FRA-10, DE. The main domain is www.advidates.com.
TLS certificate: Issued by R3 on June 21st 2022. Valid for: 3 months.
This is the only time www.advidates.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Porn Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 1 62.75.195.145 8972 (GD-EMEA-D...)
1 1 35.195.30.15 396982 (GOOGLE-CL...)
1 1 35.233.80.224 396982 (GOOGLE-CL...)
1 1 34.90.46.36 396982 (GOOGLE-CL...)
1 1 18.194.134.212 16509 (AMAZON-02)
1 1 54.235.90.142 14618 (AMAZON-AES)
1 1 54.157.70.142 14618 (AMAZON-AES)
11 178.162.199.80 28753 (LEASEWEB-...)
12 2
1    2a00:1450:4001:811::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    62.75.195.145 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: looppanel.co.uk
looppanel.co.uk
1    35.195.30.15 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 15.30.195.35.bc.googleusercontent.com
accerpunt.com
1    35.233.80.224 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 224.80.233.35.bc.googleusercontent.com
grapefort.com
1    34.90.46.36 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.46.90.34.bc.googleusercontent.com
my.smart-e.xyz
1    18.194.134.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-134-212.eu-central-1.compute.amazonaws.com
pansen-infichel.com
1    54.235.90.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-90-142.compute-1.amazonaws.com
trackingalltracks.com
1    54.157.70.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-70-142.compute-1.amazonaws.com
youtrackbest.com
11    178.162.199.80 (Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
www.advidates.com
Apex Domain
Subdomains		 Transfer
11 advidates.com
www.advidates.com
409 KB
1 youtrackbest.com
youtrackbest.com
779 B
1 trackingalltracks.com
trackingalltracks.com
306 B
1 pansen-infichel.com
pansen-infichel.com
613 B
1 smart-e.xyz
my.smart-e.xyz
353 B
1 grapefort.com
grapefort.com
732 B
1 accerpunt.com
accerpunt.com
327 B
1 looppanel.co.uk
looppanel.co.uk
291 B
1 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 457
1 KB
12 9
Domain Requested by
11 www.advidates.com storage.googleapis.com
www.advidates.com
1 youtrackbest.com 1 redirects
1 trackingalltracks.com 1 redirects
1 pansen-infichel.com 1 redirects
1 my.smart-e.xyz 1 redirects
1 grapefort.com 1 redirects
1 accerpunt.com 1 redirects
1 looppanel.co.uk 1 redirects
1 storage.googleapis.com
12 9

This site contains no links.

Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
advidates.com
R3		 2022-06-21 -
2022-09-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.advidates.com/?utm_source=5fc90ada8ba62&click_id=263436426&subsource=101513_4726
Frame ID: 282C551D0C18B56D367E0B87ADD1337B
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Die populärste Datingseite in diesem Monat

Page URL History Show full URLs

  1. https://storage.googleapis.com/haytam2/looppanel.html Page URL
  2. http://looppanel.co.uk/zmq.PKEszylnzkjCbgJRuYtPCRC?gLhZkdQbGRlF=SnhwjsJGlXsn17e3qu101uenb01jh9n021c... HTTP 302
    https://accerpunt.com/?a=907&oc=14224&c=40147&p=r&m=3&s1=2_178391_2588459&s2=1733_3098279_0htpz1e_... HTTP 302
    https://grapefort.com/?a=907&oc=14224&c=40147&p=r&m=3&s1=2_178391_2588459&s2=1733_3098279_0htpz1e_... HTTP 302
    https://my.smart-e.xyz/click?pid=4726&offer_id=5242&sub2=259258418&sub4=907 HTTP 302
    https://pansen-infichel.com/a757149c-fd88-4a9b-9a99-827e6ad49ebc?var1=4726&var2=907&var3=&var4=&clickid=... HTTP 302
    https://trackingalltracks.com/?a=101513&c=112997&s1=907&s2=w4oonj4ugh2ps14i2ba0hdcq&s3=4726 HTTP 302
    https://youtrackbest.com/?a=101513&c=112997&s1=907&s2=w4oonj4ugh2ps14i2ba0hdcq&s3=4726&ckmguid=7dccc4... HTTP 302
    https://www.advidates.com/?utm_source=5fc90ada8ba62&click_id=263436426&subsource=101513_4726 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

100 %
HTTPS

11 %
IPv6

9
Domains

9
Subdomains

2
IPs

5
Countries

410 kB
Transfer

409 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/haytam2/looppanel.html Page URL
  2. http://looppanel.co.uk/zmq.PKEszylnzkjCbgJRuYtPCRC?gLhZkdQbGRlF=SnhwjsJGlXsn17e3qu101uenb01jh9n021c5140htpz1e3tnb HTTP 302
    https://accerpunt.com/?a=907&oc=14224&c=40147&p=r&m=3&s1=2_178391_2588459&s2=1733_3098279_0htpz1e_40&s3=446952601_80-255-7-102 HTTP 302
    https://grapefort.com/?a=907&oc=14224&c=40147&p=r&m=3&s1=2_178391_2588459&s2=1733_3098279_0htpz1e_40&s3=446952601_80-255-7-102&ckmguid=bc42a7cf-fa0c-475f-beda-fd1ee52c3936 HTTP 302
    https://my.smart-e.xyz/click?pid=4726&offer_id=5242&sub2=259258418&sub4=907 HTTP 302
    https://pansen-infichel.com/a757149c-fd88-4a9b-9a99-827e6ad49ebc?var1=4726&var2=907&var3=&var4=&clickid=62edbea0d17d09000108ce61 HTTP 302
    https://trackingalltracks.com/?a=101513&c=112997&s1=907&s2=w4oonj4ugh2ps14i2ba0hdcq&s3=4726 HTTP 302
    https://youtrackbest.com/?a=101513&c=112997&s1=907&s2=w4oonj4ugh2ps14i2ba0hdcq&s3=4726&ckmguid=7dccc4cb-8a45-4e36-84ff-bd32511903de HTTP 302
    https://www.advidates.com/?utm_source=5fc90ada8ba62&click_id=263436426&subsource=101513_4726 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
looppanel.html
storage.googleapis.com/haytam2/ 		635 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/haytam2/looppanel.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3209
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-length
635
content-type
text/html
date
Sat, 06 Aug 2022 00:13:09 GMT
etag
"059c5cdc0976d5647bb26fd4a1ddab14"
expires
Sat, 06 Aug 2022 01:13:09 GMT
last-modified
Fri, 23 Jul 2021 20:10:37 GMT
server
UploadServer
x-goog-generation
1627071037175771
x-goog-hash
crc32c=CE1oqA== md5=BZxc3Al21WR7sm/Uod2rFA==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
635
x-guploader-uploadid
ADPycdv6xK6IdDv1UsIR-4g76bE0ygQ4aQr4jReVdxqP7qeLZBEQEIAG1PmRq4GayBH9wE4CieSPeAfoqc20X5uIYdpd-c4la1Je
Primary Request /
www.advidates.com/
Redirect Chain
  • http://looppanel.co.uk/zmq.PKEszylnzkjCbgJRuYtPCRC?gLhZkdQbGRlF=SnhwjsJGlXsn17e3qu101uenb01jh9n021c5140htpz1e3tnb
  • https://accerpunt.com/?a=907&oc=14224&c=40147&p=r&m=3&s1=2_178391_2588459&s2=1733_3098279_0htpz1e_40&s3=446952601_80-255-7-102
  • https://grapefort.com/?a=907&oc=14224&c=40147&p=r&m=3&s1=2_178391_2588459&s2=1733_3098279_0htpz1e_40&s3=446952601_80-255-7-102&ckmguid=bc42a7cf-fa0c-475f-beda-fd1ee52c3936
  • https://my.smart-e.xyz/click?pid=4726&offer_id=5242&sub2=259258418&sub4=907
  • https://pansen-infichel.com/a757149c-fd88-4a9b-9a99-827e6ad49ebc?var1=4726&var2=907&var3=&var4=&clickid=62edbea0d17d09000108ce61
  • https://trackingalltracks.com/?a=101513&c=112997&s1=907&s2=w4oonj4ugh2ps14i2ba0hdcq&s3=4726
  • https://youtrackbest.com/?a=101513&c=112997&s1=907&s2=w4oonj4ugh2ps14i2ba0hdcq&s3=4726&ckmguid=7dccc4cb-8a45-4e36-84ff-bd32511903de
  • https://www.advidates.com/?utm_source=5fc90ada8ba62&click_id=263436426&subsource=101513_4726
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.advidates.com/?utm_source=5fc90ada8ba62&click_id=263436426&subsource=101513_4726
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/haytam2/looppanel.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
d75b6f4f5aee2a7c03e89f9c0fd042e2b1e1c8e79495c2767e107f3846c6f616

Request headers

Referer
https://storage.googleapis.com/haytam2/looppanel.html#zmq.PKEszylnzkjCbgJRuYtPCRC?gLhZkdQbGRlF=SnhwjsJGlXsn17e3qu101uenb01jh9n021c5140htpz1e3tnb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 06 Aug 2022 01:06:42 GMT
Server
openresty/1.19.3.1
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Cache-Control
private
Connection
close
Content-Length
217
Content-Type
text/html; charset=utf-8
Date
Sat, 06 Aug 2022 01:06:41 GMT
Location
https://www.advidates.com/?utm_source=5fc90ada8ba62&click_id=263436426&subsource=101513_4726
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
css.css
www.advidates.com/bundle/2/assets/css/ 		71 KB
71 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.advidates.com/bundle/2/assets/css/css.css
Requested by
Host: www.advidates.com
URL: https://www.advidates.com/?utm_source=5fc90ada8ba62&click_id=263436426&subsource=101513_4726
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
3836b0592b467da4cab99eb40b0fc44f34622144bac13a784ac88848b2890bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.advidates.com/?utm_source=5fc90ada8ba62&click_id=263436426&subsource=101513_4726
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 06 Aug 2022 01:06:43 GMT
Last-Modified
Fri, 09 Feb 2018 12:09:57 GMT
Server
openresty/1.19.3.1
ETag
"5a7d8f95-11ca8"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
72872
jquery-2.js
www.advidates.com/bundle/2/assets/js/ 		84 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.advidates.com/bundle/2/assets/js/jquery-2.js
Requested by
Host: www.advidates.com
URL: https://www.advidates.com/?utm_source=5fc90ada8ba62&click_id=263436426&subsource=101513_4726
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer
https://www.advidates.com/?utm_source=5fc90ada8ba62&click_id=263436426&subsource=101513_4726
Origin
https://www.advidates.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 06 Aug 2022 01:06:43 GMT
Last-Modified
Fri, 09 Feb 2018 12:09:57 GMT
Server
openresty/1.19.3.1
ETag
"5a7d8f95-14e4a"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
85578
js.js
www.advidates.com/bundle/2/assets/js/ 		414 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.advidates.com/bundle/2/assets/js/js.js
Requested by
Host: www.advidates.com
URL: https://www.advidates.com/?utm_source=5fc90ada8ba62&click_id=263436426&subsource=101513_4726
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
f92df46462c54bc2ac714a834a336ca1c8c961992495b6f641311ecb587a9a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.advidates.com/?utm_source=5fc90ada8ba62&click_id=263436426&subsource=101513_4726
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 06 Aug 2022 01:06:43 GMT
Last-Modified
Fri, 09 Feb 2018 12:09:57 GMT
Server
openresty/1.19.3.1
ETag
"5a7d8f95-19e"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
414
click.js
www.advidates.com/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.advidates.com/js/click.js
Requested by
Host: www.advidates.com
URL: https://www.advidates.com/?utm_source=5fc90ada8ba62&click_id=263436426&subsource=101513_4726
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
21796d03b31b6f7f1be149aa71b5a56a25de6003291b6950b51bc862452ded49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.advidates.com/?utm_source=5fc90ada8ba62&click_id=263436426&subsource=101513_4726
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 06 Aug 2022 01:06:43 GMT
Last-Modified
Thu, 28 Jul 2022 12:41:42 GMT
Server
openresty/1.19.3.1
ETag
"62e28406-1208"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4616
no.png
www.advidates.com/bundle/2/assets/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.advidates.com/bundle/2/assets/img/no.png
Requested by
Host: www.advidates.com
URL: https://www.advidates.com/bundle/2/assets/css/css.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
fedd7527d1cceee3052bf4bb62e76d56e8200a115d8a2affae23a125578b7ad1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.advidates.com/bundle/2/assets/css/css.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 06 Aug 2022 01:06:43 GMT
Last-Modified
Fri, 09 Feb 2018 12:09:57 GMT
Server
openresty/1.19.3.1
ETag
"5a7d8f95-c3e"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3134
yes.png
www.advidates.com/bundle/2/assets/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.advidates.com/bundle/2/assets/img/yes.png
Requested by
Host: www.advidates.com
URL: https://www.advidates.com/bundle/2/assets/css/css.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
6bfdecff876226c1e233f71e7b0b1a6e0eb238281a52156c39f051691dd88a43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.advidates.com/bundle/2/assets/css/css.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 06 Aug 2022 01:06:43 GMT
Last-Modified
Fri, 09 Feb 2018 12:09:57 GMT
Server
openresty/1.19.3.1
ETag
"5a7d8f95-d98"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3480
1.jpg
www.advidates.com/bundle/2/assets/img/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.advidates.com/bundle/2/assets/img/1.jpg
Requested by
Host: www.advidates.com
URL: https://www.advidates.com/bundle/2/assets/css/css.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
15d4127cd56e1b50b5d57340161ff54d22713da009df6904925833779ab125d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.advidates.com/bundle/2/assets/css/css.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 06 Aug 2022 01:06:43 GMT
Last-Modified
Fri, 09 Feb 2018 12:09:57 GMT
Server
openresty/1.19.3.1
ETag
"5a7d8f95-16197"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
90519
pattern.png
www.advidates.com/bundle/2/assets/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.advidates.com/bundle/2/assets/img/pattern.png
Requested by
Host: www.advidates.com
URL: https://www.advidates.com/bundle/2/assets/css/css.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
5cbc28ef1cf07ab8956014b581aa2b96baac861237975813702e63c886b0c004

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.advidates.com/bundle/2/assets/css/css.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 06 Aug 2022 01:06:43 GMT
Last-Modified
Fri, 09 Feb 2018 12:09:57 GMT
Server
openresty/1.19.3.1
ETag
"5a7d8f95-af1"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2801
Lato-Regular.ttf
www.advidates.com/bundle/2/assets/css/fonts/ 		117 KB
118 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.advidates.com/bundle/2/assets/css/fonts/Lato-Regular.ttf
Requested by
Host: www.advidates.com
URL: https://www.advidates.com/bundle/2/assets/css/css.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7

Request headers

Referer
https://www.advidates.com/bundle/2/assets/css/css.css
Origin
https://www.advidates.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 06 Aug 2022 01:06:43 GMT
Last-Modified
Fri, 09 Feb 2018 12:09:57 GMT
Server
openresty/1.19.3.1
ETag
"5a7d8f95-1d584"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
120196
fp2.min.js
www.advidates.com/js/ 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.advidates.com/js/fp2.min.js
Requested by
Host: www.advidates.com
URL: https://www.advidates.com/js/click.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.162.199.80 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.advidates.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Sat, 06 Aug 2022 01:06:43 GMT
Last-Modified
Thu, 28 Jul 2022 12:41:42 GMT
Server
openresty/1.19.3.1
ETag
"62e28406-77dd"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30685

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Porn Scam (Online)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery string| fpDataEncoded function| fingerprintGo function| closingConfirm function| handleError function| getParameterByName function| collectParams function| Fingerprint2

11 Cookies

Domain/Path Name / Value
.grapefort.com/ Name: st
Value: e8j6axsSS5mTto9OgDd2eoXkacAFBzWbWw7MsMHt76rSZ6n3NUXfNQ==
.grapefort.com/ Name: tib
Value: wWiPNHbuSMmTto9OgDd2eoXkacAFBzWbWw7MsMHt76rSZ6n3NUXfNQ==
.grapefort.com/ Name: c14175
Value: e8j6axsSS5moq86jIHeOiaN6qv32+zceKXjRyKpJhLtbn6hx2/IRqQ==
my.smart-e.xyz/ Name: afclick
Value: 62edbea0d17d09000108ce61
my.smart-e.xyz/ Name: afoffers
Value: {"5242":1659748000}
.pansen-infichel.com/ Name: a757149c-fd88-4a9b-9a99-827e6ad49ebc-v4
Value: aS9OYJFLmQzj1ZnIr6A6Jt_VciB6-luzfmgy82fd5U8
.pansen-infichel.com/ Name: cc-v4
Value: 9mk39tR1BhjBuDJYjLPPs29hw2TU83hlfwSvQi40qEYn68sgzQI3wW4WEEK7Kfoeg3GtdlyWSoQ1xT8sN4P3B2s%2BmWwMhP0zPfNTQti7XfjXtDLSl6FmP7KvEPL9RNx%2B9eKiE5DNsoHW%2Fksh3Ev2ZQ%3D%3D
.youtrackbest.com/ Name: sid
Value: u0V5OGXgyAVPYj3u+q5RhzadwnH42hAzQdWTvUJoCCM4wbUK8f6hVg==
.youtrackbest.com/ Name: trk
Value: t7lWe2G9WfAc5K+MQKjqITadwnH42hAzQdWTvUJoCCM4wbUK8f6hVg==
.youtrackbest.com/ Name: c108515
Value: u0V5OGXgyAWpF3onc+0rIMk72D2gOXOhbtsvYaSzT4w53xhFOBAE1Q==
.advidates.com/ Name: SID
Value: e4c78b91f9ac55cb2da168a735b11dad