wvnnr.fcukfriend.net
Open in
urlscan Pro
2a05:d018:244:5200::ab
Malicious Activity!
Public Scan
Effective URL: https://wvnnr.fcukfriend.net/c/f82757e39b1a28a9?tds_cid=7397664a202981656312547a0bf1769c7c9dba14&tds_campaign=b9445rie&s1=227...
Submission: On October 27 via manual from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on August 26th 2020. Valid for: 3 months.
This is the only time wvnnr.fcukfriend.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Porn Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 198.54.126.143 198.54.126.143 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 1 | 104.219.248.118 104.219.248.118 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
2 3 | 172.255.248.108 172.255.248.108 | 7979 (SERVERS-COM) (SERVERS-COM) | |
2 7 | 18.194.201.50 18.194.201.50 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 52.28.200.0 52.28.200.0 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a05:d018:244... 2a05:d018:244:5200::ab | 16509 (AMAZON-02) (AMAZON-02) | |
7 | 2.16.186.107 2.16.186.107 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:801::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:808::2003 | 15169 (GOOGLE) (GOOGLE) | |
22 | 7 |
ASN22612 (NAMECHEAP-NET, US)
PTR: premium3-3.web-hosting.com
john1991qe.pics.ment.website |
ASN22612 (NAMECHEAP-NET, US)
PTR: server162-2.web-hosting.com
mediadelmar.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-201-50.eu-central-1.compute.amazonaws.com
psocialx.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-200-0.eu-central-1.compute.amazonaws.com
typerock.com |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-107.deploy.static.akamaitechnologies.com
cdn-bimi.akamaized.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
akamaized.net
cdn-bimi.akamaized.net |
711 KB |
7 |
psocialx.com
2 redirects
psocialx.com |
6 KB |
6 |
typerock.com
typerock.com |
5 KB |
2 |
cm-trk4.com
1 redirects
go.cm-trk4.com |
2 KB |
1 |
gstatic.com
fonts.gstatic.com |
14 KB |
1 |
googleapis.com
fonts.googleapis.com |
475 B |
1 |
fcukfriend.net
wvnnr.fcukfriend.net |
3 KB |
1 |
cm-trk3.com
1 redirects
go.cm-trk3.com |
500 B |
1 |
mediadelmar.com
1 redirects
mediadelmar.com |
248 B |
1 |
ment.website
1 redirects
john1991qe.pics.ment.website |
244 B |
22 | 10 |
Domain | Requested by | |
---|---|---|
7 | cdn-bimi.akamaized.net |
wvnnr.fcukfriend.net
cdn-bimi.akamaized.net |
7 | psocialx.com |
2 redirects
go.cm-trk4.com
psocialx.com |
6 | typerock.com |
psocialx.com
typerock.com |
2 | go.cm-trk4.com | 1 redirects |
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
cdn-bimi.akamaized.net
|
1 | wvnnr.fcukfriend.net |
typerock.com
|
1 | go.cm-trk3.com | 1 redirects |
1 | mediadelmar.com | 1 redirects |
1 | john1991qe.pics.ment.website | 1 redirects |
22 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
track.cpamatica.com Let's Encrypt Authority X3 |
2020-09-30 - 2020-12-29 |
3 months | crt.sh |
psocialx.com Amazon |
2020-05-07 - 2021-06-07 |
a year | crt.sh |
typerock.com Amazon |
2020-05-07 - 2021-06-07 |
a year | crt.sh |
*.fcukfriend.net Let's Encrypt Authority X3 |
2020-08-26 - 2020-11-24 |
3 months | crt.sh |
a248.e.akamai.net DigiCert Secure Site ECC CA-1 |
2020-07-15 - 2021-09-13 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://wvnnr.fcukfriend.net/c/f82757e39b1a28a9?tds_cid=7397664a202981656312547a0bf1769c7c9dba14&tds_campaign=b9445rie&s1=22724&s2=938177&s3=6fbb8d5d&s5=27709_&click_id=7397664a202981656312547a0bf1769c7c9dba14&j1=1&j3=1
Frame ID: 899E467CD614F05C3F19177721EF706F
Requests: 22 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://john1991qe.pics.ment.website/
HTTP 302
http://mediadelmar.com/?aff_id=2422&media_sub=john1991qepics HTTP 302
https://go.cm-trk3.com/aff_c?offer_id=5714&aff_id=27709&url_id=0 HTTP 302
https://go.cm-trk4.com/aff_c?offer_id=5714&aff_id=27709&url_id=0 HTTP 302
https://go.cm-trk4.com/rd.html?go=https%3A%2F%2Fpsocialx.com%2Ftds%2Fcpa%3FtdsId%3Ds8877hlo_r%26tds... Page URL
-
https://psocialx.com/tds/cpa?tdsId=s8877hlo_r&tds_campaign=s8877hlo&utm_source=intc&utm_campaign=...
HTTP 302
https://psocialx.com/fg/s/b497a3cc48e4ffb17de2f66e1d05cc18?utm_campaign=6b521695&utm_source=intc&... Page URL
-
https://psocialx.com/fg/tds/cpa?utm_campaign=6b521695&utm_source=intc&tds_campaign=s8877hlo&s1=ps...
HTTP 302
https://typerock.com/fg/o/s/c3de0f985d9422c3dad70064148ccb29?tds_cid=7397664a202981656312547a0bf1... Page URL
- https://wvnnr.fcukfriend.net/c/f82757e39b1a28a9?tds_cid=7397664a202981656312547a0bf1769c7c9dba14&tds_camp... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://john1991qe.pics.ment.website/
HTTP 302
http://mediadelmar.com/?aff_id=2422&media_sub=john1991qepics HTTP 302
https://go.cm-trk3.com/aff_c?offer_id=5714&aff_id=27709&url_id=0 HTTP 302
https://go.cm-trk4.com/aff_c?offer_id=5714&aff_id=27709&url_id=0 HTTP 302
https://go.cm-trk4.com/rd.html?go=https%3A%2F%2Fpsocialx.com%2Ftds%2Fcpa%3FtdsId%3Ds8877hlo_r%26tds_campaign%3Ds8877hlo%26utm_source%3Dintc%26utm_campaign%3D6b521695%26utm_content%3D27709_%26data2%3D42_27709_5714_ef7cc597ed2c5b441f84c1fab63a0c9c%26utm_sub%3Dopnfnl%26s1%3Dps Page URL
-
https://psocialx.com/tds/cpa?tdsId=s8877hlo_r&tds_campaign=s8877hlo&utm_source=intc&utm_campaign=6b521695&utm_content=27709_&data2=42_27709_5714_ef7cc597ed2c5b441f84c1fab63a0c9c&utm_sub=opnfnl&s1=ps
HTTP 302
https://psocialx.com/fg/s/b497a3cc48e4ffb17de2f66e1d05cc18?utm_campaign=6b521695&utm_source=intc&tds_campaign=s8877hlo&s1=ps&tds_cid=7397664a202981656312547a0bf1769c7c9dba14&utm_content=27709_&data2=42_27709_5714_ef7cc597ed2c5b441f84c1fab63a0c9c&__t=1603805001133&__l=60&tds_id=s8877hlo_r&tds_oid=a Page URL
-
https://psocialx.com/fg/tds/cpa?utm_campaign=6b521695&utm_source=intc&tds_campaign=s8877hlo&s1=ps&tds_cid=7397664a202981656312547a0bf1769c7c9dba14&utm_content=27709_&data2=42_27709_5714_ef7cc597ed2c5b441f84c1fab63a0c9c&tds_id=s8877hlo_r&tds_oid=a&dci=91e8a738a1f9a5a473d84653baa571f0ca64569e&tds_host=psocialx.com&tdsId=s8877hlo_targeting_a&utm_sub=opnfnl&p_tds_cid=&tds_reason=direct
HTTP 302
https://typerock.com/fg/o/s/c3de0f985d9422c3dad70064148ccb29?tds_cid=7397664a202981656312547a0bf1769c7c9dba14&tds_campaign=b9445rie&__t=1603805001877&__l=60 Page URL
- https://wvnnr.fcukfriend.net/c/f82757e39b1a28a9?tds_cid=7397664a202981656312547a0bf1769c7c9dba14&tds_campaign=b9445rie&s1=22724&s2=938177&s3=6fbb8d5d&s5=27709_&click_id=7397664a202981656312547a0bf1769c7c9dba14&j1=1&j3=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://john1991qe.pics.ment.website/ HTTP 302
- http://mediadelmar.com/?aff_id=2422&media_sub=john1991qepics HTTP 302
- https://go.cm-trk3.com/aff_c?offer_id=5714&aff_id=27709&url_id=0 HTTP 302
- https://go.cm-trk4.com/aff_c?offer_id=5714&aff_id=27709&url_id=0 HTTP 302
- https://go.cm-trk4.com/rd.html?go=https%3A%2F%2Fpsocialx.com%2Ftds%2Fcpa%3FtdsId%3Ds8877hlo_r%26tds_campaign%3Ds8877hlo%26utm_source%3Dintc%26utm_campaign%3D6b521695%26utm_content%3D27709_%26data2%3D42_27709_5714_ef7cc597ed2c5b441f84c1fab63a0c9c%26utm_sub%3Dopnfnl%26s1%3Dps
- https://psocialx.com/tds/cpa?tdsId=s8877hlo_r&tds_campaign=s8877hlo&utm_source=intc&utm_campaign=6b521695&utm_content=27709_&data2=42_27709_5714_ef7cc597ed2c5b441f84c1fab63a0c9c&utm_sub=opnfnl&s1=ps HTTP 302
- https://psocialx.com/fg/s/b497a3cc48e4ffb17de2f66e1d05cc18?utm_campaign=6b521695&utm_source=intc&tds_campaign=s8877hlo&s1=ps&tds_cid=7397664a202981656312547a0bf1769c7c9dba14&utm_content=27709_&data2=42_27709_5714_ef7cc597ed2c5b441f84c1fab63a0c9c&__t=1603805001133&__l=60&tds_id=s8877hlo_r&tds_oid=a
- https://psocialx.com/fg/tds/cpa?utm_campaign=6b521695&utm_source=intc&tds_campaign=s8877hlo&s1=ps&tds_cid=7397664a202981656312547a0bf1769c7c9dba14&utm_content=27709_&data2=42_27709_5714_ef7cc597ed2c5b441f84c1fab63a0c9c&tds_id=s8877hlo_r&tds_oid=a&dci=91e8a738a1f9a5a473d84653baa571f0ca64569e&tds_host=psocialx.com&tdsId=s8877hlo_targeting_a&utm_sub=opnfnl&p_tds_cid=&tds_reason=direct HTTP 302
- https://typerock.com/fg/o/s/c3de0f985d9422c3dad70064148ccb29?tds_cid=7397664a202981656312547a0bf1769c7c9dba14&tds_campaign=b9445rie&__t=1603805001877&__l=60
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
rd.html
go.cm-trk4.com/ Redirect Chain
|
329 B 566 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b497a3cc48e4ffb17de2f66e1d05cc18
psocialx.com/fg/s/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
psocialx.com/fg/ |
1 KB 923 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
psocialx.com/fg/ |
1 KB 1016 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t
psocialx.com/fg/ |
35 B 553 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8871b6e5dd5347f70db643ace286f45b
typerock.com/43fbb6270523e1760fa5f0d2579dea07/ |
35 B 720 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t2
psocialx.com/fg/ |
35 B 550 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c3de0f985d9422c3dad70064148ccb29
typerock.com/fg/o/s/ Redirect Chain
|
701 B 950 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
typerock.com/fg/ |
1 KB 920 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
typerock.com/fg/ |
1 KB 1017 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t
typerock.com/fg/ |
35 B 550 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
t2
typerock.com/fg/ |
35 B 547 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
f82757e39b1a28a9
wvnnr.fcukfriend.net/c/ |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
cdn-bimi.akamaized.net/landings/156098/1551969895/css/ |
17 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
script.min.js
cdn-bimi.akamaized.net/landings/156098/1551969895/js/ |
252 KB 75 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
function.js
cdn-bimi.akamaized.net/landings/156098/1551969895/js/ |
765 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
767 B 475 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
no.png
cdn-bimi.akamaized.net/landings/156098/1551969895/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yes.png
cdn-bimi.akamaized.net/landings/156098/1551969895/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.jpg
cdn-bimi.akamaized.net/landings/156098/1551969895/images/ |
621 KB 621 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pattern.png
cdn-bimi.akamaized.net/landings/156098/1551969895/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Porn Scam (Online)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery number| chromeVersion boolean| exit3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
wvnnr.fcukfriend.net/ | Name: scriptHash Value: 200148_22724_938177 |
|
wvnnr.fcukfriend.net/ | Name: unique_id Value: 5f981f4a8f1ec112387070 |
|
wvnnr.fcukfriend.net/ | Name: unique_3320337 Value: unique_3320337 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn-bimi.akamaized.net
fonts.googleapis.com
fonts.gstatic.com
go.cm-trk3.com
go.cm-trk4.com
john1991qe.pics.ment.website
mediadelmar.com
psocialx.com
typerock.com
wvnnr.fcukfriend.net
104.219.248.118
172.255.248.108
18.194.201.50
198.54.126.143
2.16.186.107
2a00:1450:4001:801::200a
2a00:1450:4001:808::2003
2a05:d018:244:5200::ab
52.28.200.0
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0cfc72fb1a90215032764cc4aecad7d6ee6883ee75bcfcf51dda924780507a6b
25155bd764665f1335dec24598d5a787888b0faf12c5f03ef4fb58891bff430b
26081ad14814a300ba4c7d08b3950c1f367fad88c90db115988be2d2700e204f
322d600431f53fb186989dad7e4ed1365b0d3012a808cd114390855a0dce16a6
452eb955c14bff0f815d78d2ff1a041dec32aa23db4616c8dfa261d3fe57d4e3
5cbc28ef1cf07ab8956014b581aa2b96baac861237975813702e63c886b0c004
60ac8b8400210e0965737ef34328646da4c97090fa5473adcfdf798a186026a2
6bfdecff876226c1e233f71e7b0b1a6e0eb238281a52156c39f051691dd88a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
b20bf5f2d32f44a973015ff855c4a4a1c0a2134e98fc5264cbe7dbd6277f659d
cf1a21d69db6cb7df7b429a6ceefa6444ef545a582b6f2ebeb5c461d66af7445
ea929ab07b7bf2a8848a25d3073bbf9b6b6c9bad34196d4f41e7ae5cbd84bc62
fcbf6af74906eaaff4fcdcba6634e89342bd322c9cb79767bd0df3aeef124333
fedd7527d1cceee3052bf4bb62e76d56e8200a115d8a2affae23a125578b7ad1