onesimple.news
Open in
urlscan Pro
2606:4700:30::6818:7e28
Malicious Activity!
Public Scan
Submitted URL: http://mlr.cookstr.com/redir.php/rd1/22340162/rd2/043b9cd26b29e2438e0d1dcbcb597be2/e/TpDvzQo7k7Qe2pON67cRHFQYk9PJ7TbJpb...
Effective URL: https://onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/
Submission: On January 19 via manual from US
Effective URL: https://onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/
Submission: On January 19 via manual from US
Summary
This website contacted 6 IPs
in 2 countries
across 7 domains to perform 50 HTTP transactions.
The main IP is 2606:4700:30::6818:7e28, located in
United States and
belongs to CLOUDFLARENET - Cloudflare, Inc., US.
The main domain is onesimple.news.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 1st 2018. Valid for: a year.
This is the only time onesimple.news was scanned on urlscan.io!
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 1st 2018. Valid for: a year.
This is the only time onesimple.news was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Weightloss Scam (Online)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 54.225.217.196 54.225.217.196 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 2 2 | 70.37.54.108 70.37.54.108 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
| 1 1 | 3.122.79.162 3.122.79.162 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 1 | 2606:4700:30:... 2606:4700:30::6818:7f28 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 1 37 | 2606:4700:30:... 2606:4700:30::6818:7e28 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:81a::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 209.197.3.15 209.197.3.15 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
| 4 | 52.36.101.21 52.36.101.21 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 7 | 2a00:1450:400... 2a00:1450:4001:819::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 50 | 6 |
1
54.225.217.196
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-225-217-196.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-225-217-196.compute-1.amazonaws.com
| mlr.cookstr.com |
2
70.37.54.108
(San Antonio, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
| rs-stripe.cookstr.com | |
| tr.clickribbon.com |
1
3.122.79.162
(Fairfield, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-122-79-162.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-122-79-162.eu-central-1.compute.amazonaws.com
| topreferral.services |
1
2606:4700:30::6818:7f28
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| onesimple.news |
37
2606:4700:30::6818:7e28
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| onesimple.news |
1
209.197.3.15
(Phoenix, United States)
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
| maxcdn.bootstrapcdn.com |
4
52.36.101.21
(Boardman, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-36-101-21.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-36-101-21.us-west-2.compute.amazonaws.com
| hurrifyme.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 38 |
onesimple.news
2 redirects
onesimple.news |
1 MB |
| 8 |
googleapis.com
ajax.googleapis.com fonts.googleapis.com |
33 KB |
| 4 |
hurrifyme.com
hurrifyme.com |
37 KB |
| 2 |
cookstr.com
2 redirects
mlr.cookstr.com rs-stripe.cookstr.com |
1 KB |
| 1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
10 KB |
| 1 |
topreferral.services
1 redirects
topreferral.services |
3 KB |
| 1 |
clickribbon.com
1 redirects
tr.clickribbon.com |
799 B |
| 50 | 7 |
| Domain | Requested by | |
|---|---|---|
| 38 | onesimple.news |
2 redirects
onesimple.news
|
| 7 | fonts.googleapis.com | |
| 4 | hurrifyme.com |
ajax.googleapis.com
|
| 1 | maxcdn.bootstrapcdn.com |
onesimple.news
|
| 1 | ajax.googleapis.com |
onesimple.news
ajax.googleapis.com |
| 1 | topreferral.services | 1 redirects |
| 1 | tr.clickribbon.com | 1 redirects |
| 1 | rs-stripe.cookstr.com | 1 redirects |
| 1 | mlr.cookstr.com | 1 redirects |
| 50 | 9 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| topreferral.services |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2018-12-01 - 2019-12-01 |
a year | crt.sh |
| *.googleapis.com Google Internet Authority G3 |
2018-12-19 - 2019-03-13 |
3 months | crt.sh |
| *.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA |
2018-10-03 - 2019-10-12 |
a year | crt.sh |
| www.hurrifyme.com COMODO RSA Domain Validation Secure Server CA |
2016-06-29 - 2019-06-29 |
3 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/
Frame ID: DB2A2B0396A1C180A15F3BC6280BB4A8
Requests: 50 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://mlr.cookstr.com/redir.php/rd1/22340162/rd2/043b9cd26b29e2438e0d1dcbcb597be2/e/TpDvzQo7k7Qe2p...
HTTP 302
http://rs-stripe.cookstr.com/stripe/redirect?cs_email=joseph.andriano%40hcahealthcare.com&cs_stripeid=120... HTTP 301
http://tr.clickribbon.com/stripe/redirect?cs_email=joseph.andriano%40hcahealthcare.com&cs_stripeid=120... HTTP 303
http://topreferral.services/path/lp.php?trvid=10049&trvx=15612366&c=0.4162566843442619&pi_containertype=... HTTP 302
http://onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal HTTP 302
https://onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal HTTP 301
https://onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/ Page URL
Detected technologies
Shopify
(Ecommerce)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^Shopify$/i
CloudFlare
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /cloudflare/i
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
Twitter Bootstrap () Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
- script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: http://topreferral.services/path/out.php?sxid=0
Title: LOVE
Title: LOVE
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://mlr.cookstr.com/redir.php/rd1/22340162/rd2/043b9cd26b29e2438e0d1dcbcb597be2/e/TpDvzQo7k7Qe2pON67cRHFQYk9PJ7TbJpbjmday2Xt9rP0jIUaJjpTNhadnGwhiH
HTTP 302
http://rs-stripe.cookstr.com/stripe/redirect?cs_email=joseph.andriano%40hcahealthcare.com&cs_stripeid=12033&cs_sendid=20190119&cs_offset=3&cs_esp=primepublishing&ml=1&utm_source=ppl-newsletter&utm_medium=email&utm_campaign=cookstr20190119 HTTP 301
http://tr.clickribbon.com/stripe/redirect?cs_email=joseph.andriano%40hcahealthcare.com&cs_stripeid=12033&cs_sendid=20190119&cs_offset=3&cs_esp=primepublishing&ml=1&utm_source=ppl-newsletter&utm_medium=email&utm_campaign=cookstr20190119 HTTP 303
http://topreferral.services/path/lp.php?trvid=10049&trvx=15612366&c=0.4162566843442619&pi_containertype=email&pi_contrainer=2521&TYP=&adimg=1001a&pi_adid=347465&pi_clickid=56cc011be8de423dbf6d90975141faf1&pi_creativeid=376893 HTTP 302
http://onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal HTTP 302
https://onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal HTTP 301
https://onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
50 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/ Redirect Chain
|
37 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.css
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/css/ |
34 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.css
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/css/ |
147 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap-theme.css
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/css/ |
19 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/css/ |
14 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ |
36 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mobile-logo.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
48 KB 48 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
asseenin.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
den.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
65 KB 65 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
238 KB 238 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
t1.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
206 KB 206 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
t2.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
93 KB 93 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
t3.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
165 KB 165 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
t4.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
102 KB 102 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lift1.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lift2.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
10 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lift3.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
checkmark.png
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
669 B 883 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hydra.png
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
101 KB 101 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
button.png
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lift4.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lift5.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lift6.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lift7.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
offer.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
checkmark-green-sm.png
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
764 B 905 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
100-guarantee-seal-1_2.png
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
35 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lewis.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tanya.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jenni.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cash.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
katy.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
amanda.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
julie.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sarah.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kirs.jpg
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/images/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
counter_app.js
onesimple.news/SkinCare/HydraYouth/b/Shark-Tank-Biggest-Deal/js/ |
21 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
hurrifyme.com/shopify/app/counter/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
getProductCounter.php
hurrifyme.com/shopify/app/counter/ |
2 KB 909 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
376 B 587 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
2 KB 553 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
447 B 343 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
767 B 389 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
841 B 408 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
2 KB 507 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
436 B 341 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui.min.css
hurrifyme.com/shopify/app/counter/ |
18 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-ui.theme.min.css
hurrifyme.com/shopify/app/counter/ |
13 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.11.0/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ajax.googleapis.com
- URL
- http://ajax.googleapis.com/ajax/libs/jqueryui/1.11.0/jquery-ui.min.js?_=1547882859851
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Weightloss Scam (Online)40 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| dayNames object| monthNames object| now number| dayOfTheWeek object| Shopify object| __st undefined| script function| hurrifyLoad number| min_scarcity_number_drop_to boolean| hurrifyMeLoaded boolean| dev boolean| one_product boolean| loyal_customer string| counter_style string| light_counter number| product_counter number| product_counter_d number| product_counter_h number| product_counter_m number| product_counter_s string| timer_backColor string| progress_bar_color string| days_label string| hours_label string| minutes_label string| seconds_label number| progress_display number| timer_display number| banner_bar_display string| banner_bar_bg_color number| product_progress_bar number| product_set_scarcity_number number| product_set_scarcity_time string| shop_progress_bar_percent string| scarcity_enable_cookies1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .onesimple.news/ | Name: __cfduid Value: d6f7be75c646c1ff32abed7db606c505e1547882859 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
fonts.googleapis.com
hurrifyme.com
maxcdn.bootstrapcdn.com
mlr.cookstr.com
onesimple.news
rs-stripe.cookstr.com
topreferral.services
tr.clickribbon.com
ajax.googleapis.com
209.197.3.15
2606:4700:30::6818:7e28
2606:4700:30::6818:7f28
2a00:1450:4001:819::200a
2a00:1450:4001:81a::200a
3.122.79.162
52.36.101.21
54.225.217.196
70.37.54.108
05cc75d7b9d361efa3d3fb7865c1a1bb3562ad26781f120f0a6c95f803bbb9ae
06d10ddd446ea86ebea46a23a233c9a5fd8df1ce12dfde397d6edbf273f3b852
12c9afd92539dbe81f96de32248facae9d53bb20de9cb9981f9ef965f3e4560f
13d08adbe165c59b33970e536408ec83abbb90125b359931a1ef2215a0a505d7
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
19f706b54e568713ae64562b5bd717ff9a030e59992ea380d4544a378d7a35a3
2217fb49750f46da73c2bb95cdc213ce42c33085b113523cdcc0b5ebf1fe6571
226e16dd690bb1711efac084c7fb3a60ccfa9cca7cbea558684b45540927e645
2386648c98991e6d0e9bada0ada9b4f46459409c2134941431ae9b28bdadbbb6
27dba2d6aef3b64c37fb49bce86599be66b991924b563f94acd13b2ccf97d777
2b4fd4a280f1480efaf6db77cda89b24b7abba82fc3dad8286dc5913aff1a54d
3409e99fb247d368acbd450c8096fe3bfd22d674f830be4adbfd2449082f045c
43e6b011a437ca601446b63dd46d93ebeac8804d626309e0ccd57e8ed81a621b
43f1cd8f211a3d776132f699d0098c39a2d8c361da41af51409c4ca19b884fce
43f20b36d779d77d2461b60a05a107c8e407f5bbec05bd5bc00152b3831e113a
4c615e31323d758a6d3dc59724914bd5953c0544af7d46c0a493309fd8025b47
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
60e0794a54d0a94b259f5b6d9ee8d7e2bd44e21c4739241375b15a9fdd23e7f9
619b16aecdcbb1c2ac4203859724cf0702956b7ceaa22aa953ab7e8d9405e2a5
62fed025435a164896df580233b6cf882072b609e1903650a23deedf2963f6c4
683beb32a4116c5d424727897c40c4de68b7aecaf283c9f0adcf6cc275dae907
6f70cf5c5450384c65e622a3e47213014751c174fddfeff444e4076a8cf8f3d4
7578952edcf6272daf950a278ae6e4e2c70f0ff9759977ac4c813ea8966eba31
7da86e9d1d258a7708bfac5b2f5b525e3dde00889bb2cef26b65ef1bae48f464
7dbdc06b4a7ad64a4f5b57ec899497ab129057cedc037f1e7c003eeec81c7f7f
81d65d75541be279e8271647f2e3eed976dce833a3f8641b60bdc2f4cb91e858
853f90b3f3829a8cb42b31b7ba0058aae3127bb5da43174157cdf85073460461
8588af96e4d4ee32c5e5740c29550d1ed9070af5e774ac19201263a0524625bb
8910e3a8048c0c3797989734ff8e2087db499411fe6cd89f7d711f980cb06fa7
8b902a6e5bcd61ac0d4e10b014a64146c165a10ec81c2c5049aecec757c68209
8d01c57f27ad80f2004a30731c99e02ce2165e5753a8baf9431a3527845f1819
8d576d4d150f200d7db2d8d068cefef4c85975d7509b5dde53abe8f66fa3aa13
916b6b2525b0fa9b5f731ac29078b80cc6ce0ac86884b375bd9a3a6539f7d92f
9cc43bd1c0e71551c95b9734f7321a6c3d892cbf4ee0d7d7c65e15edcf2b8dfa
a1c47411b2a6b6683298854657918927105923a4a2ebf4df3689e85f068df73d
ac2b8e1227f0ab8dff8be46c7af2c1701e5d0b31270836da08cce39bd2d552f3
b977f453450222a069d89dd2e776f6f21f9fa42f6e15c03c7fe6ff34d9a2c159
c01728c7eefe5d9123466c872cc72f00d4b54a7d11449d0adefc0ac32e0db54a
ce0629dc02e14d5793a5b18e7872b361e93951960bb8d4b6c2f4b698db06ee0e
cf03d4a3f38fc1faed5945c722d037231020119d59e4ec03d0854bc4fb9fbd4d
d0b20dd1a6f9e14be11bef82f73ed5f7bb9d5da63f34b062567aafcb90fd0f5b
d30e7f20c0d29b7f86352553f7ecefe9713f015ec030c64d09953f3c87739f47
d4716603b20e60c8d3b08e8f0cdd768c2567962e7ccfd3dbdb814a8458863d20
db5c11215b2a147365188f6e1ec6cd03d93a6387e16ebe09fae67ce212b25088
e05c1102a6503201c7cf8617e0efb288191c98146ae885b598877f97971f9386
eedf6f027713de262ed6414cb7aa53ed1cde25e746e5176045ad9eeafaaf3654
ef5d6cd3ab2381382829ed5b6a2fe266ca570e88ff508fd50f741b1b882d2585
f8b6d760e83e6e567ef2fb04d75813bce664b32d7ac865aa359afbab481c03b6
fe5906bf85f4342be624e167df42fb0cb34cf2067abc7ea7f83548e66c5810a4