urlscan.io logo urlscan.io
SecurityTrails logo

loferam.com Open in urlscan Pro
94.24.114.111  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://personverify.xyz/XLb2969C
Effective URL: https://loferam.com/?cat=2&groupds=157&clientId=282&productId=1907&tracking=63db6fa9bdb77b0001c69ab9&publisher_id=1343
Submission: On February 02 via api from JP — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 94.24.114.111, located in Sant Joan Despí, Spain and belongs to AS_ADAM Adam Datacenter, ES. The main domain is loferam.com.
TLS certificate: Issued by R3 on January 18th 2023. Valid for: 3 months.
This is the only time loferam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 94.24.114.111 15699 (AS_ADAM A...)
3 2
Apex Domain
Subdomains		 Transfer
2 loferam.com
loferam.com
9 KB
1 tendr.space
pk.tendr.space — Cisco Umbrella Rank: 982731
684 B
1 personverify.xyz
personverify.xyz
1 KB
3 3
Domain Requested by
2 loferam.com loferam.com
1 pk.tendr.space 1 redirects
1 personverify.xyz
3 3

This site contains links to these domains. Also see Links.

Domain
d.recomvoxer.com
Subject Issuer Validity Valid
*.personverify.xyz
E1		 2023-01-25 -
2023-04-25		 3 months crt.sh
loferam.com
R3		 2023-01-18 -
2023-04-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://loferam.com/?cat=2&groupds=157&clientId=282&productId=1907&tracking=63db6fa9bdb77b0001c69ab9&publisher_id=1343
Frame ID: 8B09614B2BFE317CFB48408915872D84
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Processing Download

Page URL History Show full URLs

  1. https://personverify.xyz/XLb2969C Page URL
  2. https://pk.tendr.space/click?pid=1343&offer_id=6907&sub5=1iu0bjq3m2eil HTTP 302
    https://loferam.com/?cat=2&groupds=157&clientId=282&productId=1907&tracking=63db6fa9bdb77b0001c6... Page URL

Page Statistics

3
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

10 kB
Transfer

8 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://personverify.xyz/XLb2969C Page URL
  2. https://pk.tendr.space/click?pid=1343&offer_id=6907&sub5=1iu0bjq3m2eil HTTP 302
    https://loferam.com/?cat=2&groupds=157&clientId=282&productId=1907&tracking=63db6fa9bdb77b0001c69ab9&publisher_id=1343 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
XLb2969C
personverify.xyz/ 		236 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://personverify.xyz/XLb2969C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
cf-cache-status
DYNAMIC
cf-ray
79317183be65b84f-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 02 Feb 2023 08:09:13 GMT
expires
0
last-modified
Thu, 02 Feb 2023 08:09:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1X0pnaTuxIoS%2BhV7b41DOdTDk0DQOYOOv6RdqVkKE1%2BxNjr27C%2BGSP%2FBc0DM5Vdfye1qVwFbVsS9F%2BrANGJT3f8K4%2BxkdqYIHEhqZklsV%2BLVEMEryDf8Kmg%2Fqi%2B5fC5zL%2BMv%2Fbezs3cDZYeLw2n%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Primary Request /
loferam.com/
Redirect Chain
  • https://pk.tendr.space/click?pid=1343&offer_id=6907&sub5=1iu0bjq3m2eil
  • https://loferam.com/?cat=2&groupds=157&clientId=282&productId=1907&tracking=63db6fa9bdb77b0001c69ab9&publisher_id=1343
7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://loferam.com/?cat=2&groupds=157&clientId=282&productId=1907&tracking=63db6fa9bdb77b0001c69ab9&publisher_id=1343
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.24.114.111 Sant Joan Despí, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
Software
nginx /
Resource Hash
166953521f0455083dafa674cb44822465ace2708259f2b63d7d0344fd6498af
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://personverify.xyz/XLb2969C
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Feb 2023 08:09:13 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
793171853a5b1cca-AMS
content-length
0
date
Thu, 02 Feb 2023 08:09:13 GMT
location
https://loferam.com/?cat=2&groupds=157&clientId=282&productId=1907&tracking=63db6fa9bdb77b0001c69ab9&publisher_id=1343
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=do58l8Mk790qbSmXwgfrt0rAsb07Vggir2CWUPV6QpZ5qxFVnegfHGxcRHF32CiNbPLG5DuD%2BC7IhO8MfWKjxvwXkhcpo1La7K0MgqGhgTvUYtpAaZUCkgeCyVFb0qTWcBfjoFExbOnNf7duXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-adjust-use-original-forwarded-for
1
backlink_back_button.js
loferam.com/assets/js/ 		632 B
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://loferam.com/assets/js/backlink_back_button.js
Requested by
Host: loferam.com
URL: https://loferam.com/?cat=2&groupds=157&clientId=282&productId=1907&tracking=63db6fa9bdb77b0001c69ab9&publisher_id=1343
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.24.114.111 Sant Joan Despí, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
Software
nginx /
Resource Hash
b1b1b5affe702bae9e97deabbdb3f19bcf8f12a1ddd410ff189c61c3bc159c06
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://loferam.com/?cat=2&groupds=157&clientId=282&productId=1907&tracking=63db6fa9bdb77b0001c69ab9&publisher_id=1343
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 08:09:13 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Nov 2022 14:36:48 GMT
Server
nginx
ETag
"6384c780-278"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
632

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange string| backLinkURL

7 Cookies

Domain/Path Name / Value
personverify.xyz/ Name: _subid
Value: 1iu0bjq3m2eil
personverify.xyz/ Name: _token
Value: uuid_1iu0bjq3m2eil_1iu0bjq3m2eil63db6fa9972df4.72861095
personverify.xyz/ Name: add17
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4OTRcIjoxNjc1MzI1MzUzfSxcImNhbXBhaWduc1wiOntcIjMwMlwiOjE2NzUzMjUzNTN9LFwidGltZVwiOjE2NzUzMjUzNTN9In0.4Mxb5KZcQCiXJZ8E1Ls6ZhGUXSbpqTdRsPz0sGxQ398
pk.tendr.space/ Name: afclick
Value: 63db6fa9bdb77b0001c69ab9
pk.tendr.space/ Name: afoffers
Value: {"6907":1675325353}
loferam.com/ Name: redirect_user_data
Value: %7B%22country%22%3A%22NL%22%2C%22city%22%3Anull%2C%22isp%22%3A%22i3d.net+b.v%22%2C%22netspeed%22%3A%22%22%7D
loferam.com/ Name: _tracker_ikangoo
Value: a%3A5%3A%7Bs%3A4%3A%22_key%22%3Bs%3A7%3A%22IKPANEL%22%3Bs%3A6%3A%22_subid%22%3Bs%3A16%3A%225002118849715132%22%3Bs%3A8%3A%22_country%22%3Bs%3A2%3A%22NL%22%3Bs%3A4%3A%22_isp%22%3Bs%3A11%3A%22i3d.net+b.v%22%3Bs%3A5%3A%22_time%22%3Bi%3A1675325353%3B%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

loferam.com
personverify.xyz
pk.tendr.space
2a06:98c1:3121::3
2a06:98c1:3121::c
94.24.114.111
166953521f0455083dafa674cb44822465ace2708259f2b63d7d0344fd6498af
b1b1b5affe702bae9e97deabbdb3f19bcf8f12a1ddd410ff189c61c3bc159c06