weed-millionaires.com
Open in
urlscan Pro
2606:4700:30::681b:9d37
Malicious Activity!
Public Scan
Submitted URL: https://bit.ly/2HEAv4f#Axsn.jsv?dmjSy4ccgxj5cwj56cdcF1cmcpchjcR4Hcbbb11
Effective URL: https://weed-millionaires.com/?xparam=https://linkroi.co/c_c?url=https://weed-millionaires.com/&campaign=85062&offer_id=11313&...
Submission: On July 11 via api from BE
Effective URL: https://weed-millionaires.com/?xparam=https://linkroi.co/c_c?url=https://weed-millionaires.com/&campaign=85062&offer_id=11313&...
Submission: On July 11 via api from BE
Summary
This website contacted 12 IPs
in 4 countries
across 13 domains to perform 48 HTTP transactions.
The main IP is 2606:4700:30::681b:9d37, located in
United States and
belongs to CLOUDFLARENET - Cloudflare, Inc., US.
The main domain is weed-millionaires.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 17th 2018. Valid for: a year.
This is the only time weed-millionaires.com was scanned on urlscan.io!
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 17th 2018. Valid for: a year.
This is the only time weed-millionaires.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Investment Scam (Online)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 67.199.248.10 67.199.248.10 | 395224 (BITLY-AS) (BITLY-AS - Bitly Inc) | |
| 2 3 | 194.35.235.128 194.35.235.128 | 62240 (CLOUVIDER...) (CLOUVIDER London) | |
| 1 | 96.62.58.138 96.62.58.138 | 35908 (VPLSNET) (VPLSNET - Krypt Technologies) | |
| 1 1 | 82.165.64.247 82.165.64.247 | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
| 1 1 | 2606:4700:30:... 2606:4700:30::681b:836e | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 31 | 2606:4700:30:... 2606:4700:30::681b:9d37 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:817::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2606:4700::68... 2606:4700::6813:c397 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:814::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2606:4700:10:... 2606:4700:10::6814:3677 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 1 1 | 151.101.12.217 151.101.12.217 | 54113 (FASTLY) (FASTLY - Fastly) | |
| 1 | 2.16.186.19 2.16.186.19 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 2 | 2606:4700:30:... 2606:4700:30::681b:a869 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 6 | 2a00:1450:400... 2a00:1450:4001:814::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 2 | 68.65.122.174 68.65.122.174 | 22612 (NAMECHEAP...) (NAMECHEAP-NET - Namecheap) | |
| 48 | 12 |
3
194.35.235.128
(London, United Kingdom)
ASN62240 (CLOUVIDER London, United Kingdom, GB)
PTR: thecontrolsurfaces.com
ASN62240 (CLOUVIDER London, United Kingdom, GB)
PTR: thecontrolsurfaces.com
| 194.35.235.128 |
1
96.62.58.138
(Orange, United States)
ASN35908 (VPLSNET - Krypt Technologies, US)
PTR: customer.steadyrigid.net
ASN35908 (VPLSNET - Krypt Technologies, US)
PTR: customer.steadyrigid.net
| softwarearrangement.com |
1
2606:4700:30::681b:836e
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| afflink.co |
31
2606:4700:30::681b:9d37
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| weed-millionaires.com |
1
2a00:1450:4001:817::200a
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| ajax.googleapis.com |
1
2606:4700::6813:c397
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| cdnjs.cloudflare.com |
1
2a00:1450:4001:814::200a
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| fonts.googleapis.com |
1
2606:4700:10::6814:3677
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| cdn.pushcrew.com |
1
2.16.186.19
(Ascension Island)
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-19.deploy.static.akamaitechnologies.com
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-19.deploy.static.akamaitechnologies.com
| gcs-vimeo.akamaized.net |
2
2606:4700:30::681b:a869
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| fxform.online |
6
2a00:1450:4001:814::2003
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| fonts.gstatic.com |
2
68.65.122.174
(Los Angeles, United States)
ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: server118-1.web-hosting.com
ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)
PTR: server118-1.web-hosting.com
| uinames.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 31 |
weed-millionaires.com
weed-millionaires.com |
591 KB |
| 6 |
gstatic.com
fonts.gstatic.com |
67 KB |
| 2 |
uinames.com
uinames.com |
10 KB |
| 2 |
fxform.online
fxform.online |
|
| 2 |
googleapis.com
ajax.googleapis.com fonts.googleapis.com |
31 KB |
| 1 |
akamaized.net
gcs-vimeo.akamaized.net |
|
| 1 |
vimeo.com
1 redirects
player.vimeo.com |
1 KB |
| 1 |
pushcrew.com
cdn.pushcrew.com |
67 KB |
| 1 |
cloudflare.com
cdnjs.cloudflare.com |
16 KB |
| 1 |
afflink.co
1 redirects
afflink.co |
1 KB |
| 1 |
digclick.co
1 redirects
digclick.co |
947 B |
| 1 |
softwarearrangement.com
softwarearrangement.com |
433 B |
| 1 |
bit.ly
1 redirects
bit.ly |
421 B |
| 48 | 13 |
| Domain | Requested by | |
|---|---|---|
| 31 | weed-millionaires.com |
softwarearrangement.com
weed-millionaires.com |
| 6 | fonts.gstatic.com |
weed-millionaires.com
|
| 2 | uinames.com | |
| 2 | fxform.online |
weed-millionaires.com
|
| 1 | gcs-vimeo.akamaized.net |
weed-millionaires.com
|
| 1 | player.vimeo.com | 1 redirects |
| 1 | cdn.pushcrew.com |
weed-millionaires.com
|
| 1 | fonts.googleapis.com |
weed-millionaires.com
|
| 1 | cdnjs.cloudflare.com |
weed-millionaires.com
|
| 1 | ajax.googleapis.com |
weed-millionaires.com
|
| 1 | afflink.co | 1 redirects |
| 1 | digclick.co | 1 redirects |
| 1 | softwarearrangement.com |
194.35.235.128
|
| 1 | bit.ly | 1 redirects |
| 48 | 14 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| softwarearrangement.com COMODO RSA Domain Validation Secure Server CA |
2018-11-06 - 2019-12-20 |
a year | crt.sh |
| sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2018-12-17 - 2019-12-17 |
a year | crt.sh |
| *.googleapis.com Google Internet Authority G3 |
2019-06-18 - 2019-09-10 |
3 months | crt.sh |
| ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-03-02 - 2019-09-08 |
6 months | crt.sh |
| *.pushcrew.com Go Daddy Secure Certificate Authority - G2 |
2016-06-02 - 2019-07-31 |
3 years | crt.sh |
| a248.e.akamai.net DigiCert ECC Secure Server CA |
2018-10-18 - 2019-10-18 |
a year | crt.sh |
| sni132572.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-05-24 - 2019-11-30 |
6 months | crt.sh |
| *.google.com Google Internet Authority G3 |
2019-06-18 - 2019-09-10 |
3 months | crt.sh |
| uinames.com COMODO RSA Domain Validation Secure Server CA |
2018-01-08 - 2021-02-05 |
3 years | crt.sh |
This page contains 4 frames:
Primary Page:
https://weed-millionaires.com/?xparam=https://linkroi.co/c_c?url=https://weed-millionaires.com/&campaign=85062&offer_id=11313&aff_id=10064&creative=1918&aff_sub4=&aff_sub5=&aff_sub2=2_120312_2407939&aff_sub3=869137451&entity=premium&goal_id=1008&country_code=DE&customer_id=1918&aff_sub=690128&transaction_id=ed2f1906d8664d3d296adc1bb88e452a8c286d34&trk_sys_id=1&test=0
Frame ID: CC347586DA5D02C3FB05A0B37EEE2499
Requests: 52 HTTP requests in this frame
Frame:
https://gcs-vimeo.akamaized.net/exp=1562844057~acl=%2A%2F1178371809.mp4%2A~hmac=492037dbbb632cdcf92b18fe3e8a87d83443a951f8b338a0a8c98c43ffe2f8f2/vimeo-prod-skyfire-std-us/01/1370/12/306851243/1178371809.mp4
Frame ID: DC0E6F1DD98BD15FC6BAED2CCB58A39A
Requests: 1 HTTP requests in this frame
Frame:
https://fxform.online/?form_id=5925a8b229e01439247a6bf4&style=weed-millionairescom&flg=en&stylever=7&xparam=https://linkroi.co/c_c?url=https://weed-millionaires.com/&campaign=85062&offer_id=11313&aff_id=10064&creative=1918&aff_sub4=&aff_sub5=&aff_sub2=2_120312_2407939&aff_sub3=869137451&entity=premium&goal_id=1008&country_code=DE&customer_id=1918&aff_sub=690128&transaction_id=ed2f1906d8664d3d296adc1bb88e452a8c286d34&trk_sys_id=1&test=0
Frame ID: 2921E9160E254BF698242518823262D1
Requests: 1 HTTP requests in this frame
Frame:
https://fxform.online/?form_id=5925a8b229e01439247a6bf4&style=weed-millionairescom2&flg=en&stylever=7&xparam=https://linkroi.co/c_c?url=https://weed-millionaires.com/&campaign=85062&offer_id=11313&aff_id=10064&creative=1918&aff_sub4=&aff_sub5=&aff_sub2=2_120312_2407939&aff_sub3=869137451&entity=premium&goal_id=1008&country_code=DE&customer_id=1918&aff_sub=690128&transaction_id=ed2f1906d8664d3d296adc1bb88e452a8c286d34&trk_sys_id=1&test=0
Frame ID: BF2343E75F6707FD23646A43C82B3696
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://bit.ly/2HEAv4f
HTTP 301
http://194.35.235.128/anchor HTTP 301
http://194.35.235.128/anchor/ Page URL
-
http://194.35.235.128/Axsn.jsv?dmjSy4ccgxj5cwj56cdcF1cmcpchjcR4Hcbbb11
HTTP 302
https://softwarearrangement.com/1761e856059fb789800/2_120312_2407939/1790_611442_1549658_9/446974917 Page URL
-
https://digclick.co/?a=64&c=1918&s1=690128&s2=2_120312_2407939&s3=869137451&entity=premium
HTTP 302
https://afflink.co/c_c?url=https://weed-millionaires.com/&aff_id=64&offer_id=1313&aff_sub=69012... HTTP 302
https://weed-millionaires.com/?xparam=https://linkroi.co/c_c?url=https://weed-millionaires.com/&campaign=8... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://bit.ly/2HEAv4f
HTTP 301
http://194.35.235.128/anchor HTTP 301
http://194.35.235.128/anchor/ Page URL
-
http://194.35.235.128/Axsn.jsv?dmjSy4ccgxj5cwj56cdcF1cmcpchjcR4Hcbbb11
HTTP 302
https://softwarearrangement.com/1761e856059fb789800/2_120312_2407939/1790_611442_1549658_9/446974917 Page URL
-
https://digclick.co/?a=64&c=1918&s1=690128&s2=2_120312_2407939&s3=869137451&entity=premium
HTTP 302
https://afflink.co/c_c?url=https://weed-millionaires.com/&aff_id=64&offer_id=1313&aff_sub=690128&aff_sub2=2_120312_2407939&aff_sub5=&aff_sub3=869137451&aff_sub4=&aff_sub5=&reqid=20477484&goal_id=1008&campaign=85062&creative=1918&xparam=https://linkroi.co/c_c?url=https://weed-millionaires.com/&entity=premium HTTP 302
https://weed-millionaires.com/?xparam=https://linkroi.co/c_c?url=https://weed-millionaires.com/&campaign=85062&offer_id=11313&aff_id=10064&creative=1918&aff_sub4=&aff_sub5=&aff_sub2=2_120312_2407939&aff_sub3=869137451&entity=premium&goal_id=1008&country_code=DE&customer_id=1918&aff_sub=690128&transaction_id=ed2f1906d8664d3d296adc1bb88e452a8c286d34&trk_sys_id=1&test=0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://bit.ly/2HEAv4f HTTP 301
- http://194.35.235.128/anchor HTTP 301
- http://194.35.235.128/anchor/
- http://194.35.235.128/Axsn.jsv?dmjSy4ccgxj5cwj56cdcF1cmcpchjcR4Hcbbb11 HTTP 302
- https://softwarearrangement.com/1761e856059fb789800/2_120312_2407939/1790_611442_1549658_9/446974917
- https://player.vimeo.com/external/306851243.hd.mp4?s=1c53c856234624f02a8060d0dcfe82164e48cd86&profile_id=174 HTTP 302
- https://gcs-vimeo.akamaized.net/exp=1562844057~acl=%2A%2F1178371809.mp4%2A~hmac=492037dbbb632cdcf92b18fe3e8a87d83443a951f8b338a0a8c98c43ffe2f8f2/vimeo-prod-skyfire-std-us/01/1370/12/306851243/1178371809.mp4
48 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
194.35.235.128/anchor/ Redirect Chain
|
614 B 868 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
 Cookie set
446974917
softwarearrangement.com/1761e856059fb789800/2_120312_2407939/1790_611442_1549658_9/ Redirect Chain
|
153 B 433 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
weed-millionaires.com/ Redirect Chain
|
147 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
styles.css
weed-millionaires.com/css/ |
419 KB 70 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style_min.css
weed-millionaires.com/css/ |
6 KB 977 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.18.1/ |
50 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logos.png
weed-millionaires.com/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
as-seen-on.png
weed-millionaires.com/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
image2-sm.gif
weed-millionaires.com/images/ |
10 KB 10 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
image3-sm.gif
weed-millionaires.com/images/ |
10 KB 10 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
image4-sm.gif
weed-millionaires.com/images/ |
7 KB 7 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
testimonial-1.jpg
weed-millionaires.com/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
testimonial-2.jpg
weed-millionaires.com/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
testimonial-3.jpg
weed-millionaires.com/images/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
testimonial-4.jpg
weed-millionaires.com/images/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
testimonial-5.jpg
weed-millionaires.com/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
15_002.jpg
weed-millionaires.com/images/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6.jpg
weed-millionaires.com/images/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
13.jpg
weed-millionaires.com/images/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
10.jpg
weed-millionaires.com/images/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
11.jpg
weed-millionaires.com/images/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
7.jpg
weed-millionaires.com/images/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3.jpg
weed-millionaires.com/images/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
14 KB 983 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
form_en.png
weed-millionaires.com/images/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
step2.png
weed-millionaires.com/images/ |
36 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
step3.jpg
weed-millionaires.com/images/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logos-safe.png
weed-millionaires.com/images/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
12.jpg
weed-millionaires.com/images/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
email-decode.min.js
weed-millionaires.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 833 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
scripts_002.js
weed-millionaires.com/js/ |
399 KB 116 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
scripts.js
weed-millionaires.com/js/ |
4 KB 1005 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
custom.js
weed-millionaires.com/js/ |
56 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b83970ee0dedeaa35646b213ddc00691.js
cdn.pushcrew.com/js/ |
232 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
1178371809.mp4
gcs-vimeo.akamaized.net/exp=1562844057~acl=%2A%2F1178371809.mp4%2A~hmac=492037dbbb632cdcf92b18fe3e8a87d83443a951f8b338a0a8c98c43ffe2f8f2/vimeo-prod-skyfire-std-us/01/1370/12/306851243/ Frame DC0E Redirect Chain
|
0 0 |
Document
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
fxform.online/ Frame 2921 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
fxform.online/ Frame BF23 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.f110b07b7291ff1c6d8c.png
weed-millionaires.com/images/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lp1-intro-bg.2711d8e911a0558081c1.jpg
weed-millionaires.com/images/ |
142 KB 143 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
6 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
1011 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v19/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOjCnqEu92Fr1Mu51S7ACc6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v19/ |
12 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
fonts.gstatic.com/s/robotoslab/v8/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
13.jpg
uinames.com/api/photos/female/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.jpg
uinames.com/api/photos/male/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Investment Scam (Online)47 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| moment object| _pcq function| JQClass function| Color function| Chart object| jQuery1113036405535580005766 boolean| _pc_loaded object| PC object| VWO object| _vwo_exp_ids object| _vwo_exp string| _vwo_server_url object| _vis_opt_queue function| bowser object| __pc object| _pushcrewDebuggingQueue object| _pc_u boolean| ecomEventsInit number| winPos number| winH function| showMenu function| hideMenu function| openMenu function| closeMenu function| scaleTitles function| scrollTrigger function| regWidgetCalc function| calcHeight object| realHumans function| getRandomInt function| randomUser function| dataStart number| mousebottom number| pu boolean| ajaxwork function| reloadpage number| yesyoucan boolean| isMobileExist undefined| imported function| isIOSDevice string| lg_qs function| titleCase1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| fxform.online/ | Name: Value: undefined |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
afflink.co
ajax.googleapis.com
bit.ly
cdn.pushcrew.com
cdnjs.cloudflare.com
digclick.co
fonts.googleapis.com
fonts.gstatic.com
fxform.online
gcs-vimeo.akamaized.net
player.vimeo.com
softwarearrangement.com
uinames.com
weed-millionaires.com
151.101.12.217
194.35.235.128
2.16.186.19
2606:4700:10::6814:3677
2606:4700:30::681b:836e
2606:4700:30::681b:9d37
2606:4700:30::681b:a869
2606:4700::6813:c397
2a00:1450:4001:814::2003
2a00:1450:4001:814::200a
2a00:1450:4001:817::200a
67.199.248.10
68.65.122.174
82.165.64.247
96.62.58.138
0021ea801f48a0f9eead891a2aee41f51718080e750a2771bfc1a17ab86c4436
064e29ff061d87e2d255024c3d666f011efdba9075d8a9d9e923302a5ad1b00c
12cc23760bd5b223e369c959ec6da0fc5c1fe29eaa4129a23131c2a7dd37cdcd
1510bf40ce8c78825dc5404c047b7c5b37b148bc4b7695817175a356c9d06405
155e30341c3ff7a137f04f75baeb834f9c7aba029e406d76022322072c49e566
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16405a0590aba3591d04db96c47bd611de3e3b84aef846982b6eae6657acffbb
179480435f74026d8235d5038cf816c93f9655301a4667ec517347e569d45e6b
1b6863771c330f7b6a857dbfee3959d8e8c61c0e34f1e9ba5f6f38268d05573d
1c816c6e3d8d5fd78d074f15c9e9c4c4a55f3ab4cc7611e98c60b4b985f37504
1ee7bcc42c2cd37384ad4435b527e18aa6c9b803f7bb339fd22a765c27abf9c2
20950d09b44b93160c7f950f66bae9e5a83585b85aa40398cd06001c972065d6
25567e01770fa8f35dba5e39e2215bfb08cb2f3a39b6d620ef1b0b4ae5562f9a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
279a22f7d9f69e478d0e5896cf11b83e2560b703f0d3f39818ffb8dd4f67edbb
29cf0dc9c9f4f9fff4c69c33b15a5eb4034dcf99672ffe2538b8580a6fbf64ca
31f370b9333969eb470af102f15e6cc7d8c486f0c11bbcf1ee8f69e56893558f
4409e768a3d15eb5773f5147b796b48cf0d6db38f384a22a02e776b6edc90de8
46b5b8279e4cb2cd6a3cbabbb793f048678b97860aab73abb3e196dbed697178
4f567bb4200dbdecdc99a31542e6bc4e24fdd3e6a7adb17ed26a106920d74c41
5928188426ee863c60711ab8c58afbf19dbdd93e49c8d755a3ee6da4e94b83d2
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e04173c6e536279d3a2b746e3d1d338c5d6153e2215455c865135058140f7a0
6b82c107b3b2d032f95a1c2817e8ff9478bae7e860a3264230e6b8cd0fb83953
79f0f141625f513e9416c0d03afa3de7d8ac21a92af3341238506df5e5e712d5
8105c9a265c9e8339b4ba47c16fe0ea8b4e5bdfab81102ed633fef81d6309bc5
82cdf580655d3697dadd6f72fa9fbd5d06adbcde5f2a2e048a9e3e7cc6636b46
90c6937b951bf91a4770345919a9f27f12fb40a28a7a8a621f31bbb723ca1c6f
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
93e5e2e06a2ea9801a76fc56e3d9ca949fe1b0b646d84c93cffb94730fd1aeb9
9683d9d6d36096b5e88b4e23f36d61a6eb46996833bf095b4892626b135c7779
a4e87ab9e48124a8812db3202d7d0c42da3ea11c4dae442d95166e63c95b47a0
a54128226788402ff3bb517fcc1290dd0dbc52690670c0d58485c9991b8eb79a
a6accfb1fd3106197eece3f8daaf9561201e907a7f7719ef4ef1973d39da8e53
aaed1db5fec620518984b4ec10b6ed7d1b9880b804bec49547effc8d61856a1e
b1bf116ba35cb8d417b7e5640f915182c5340d4f230f652a1458067745d48714
b1cefd8e8678d94122b176af7bbc1114397b270a232099197917eed8d3044131
c0b397b8b0ad8aab0e558cb8e810a39c4482a0a1ac113463847eaa35535c43a9
c62f8473ee0591cce35162c92a9cd45353f7195a7252b7ef8ae00faa772cf884
c68d891f07355e5d0807b4a4f18ac8f16f6e9088277be3134c7efa570022ab2d
c6ffac31bbbcc3219bb3be8698206aac88a9963b92633868912c0691dba28183
c790b65ef63e2a5113e4e35a6ef1977dabe3a0893ff541feeedd5452780dc1d9
ca2553e79899058d447fb11cb26341ca3d48fef24b9ac73f794ff2198b30bd35
ca358be530645009e368cb68e210cc0ad14396ae4b0d32f14270d3c9dbcd4c95
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf0857efbb99c1fd879e156ae297854a058edde35f70f6626b142193f2fb8e45
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
e99a4b6f11d30c7eafaee986267a329ca3f4c5b0faef4a2e01e2e4ddcd23b042
ee48a266cdd7559deecbfab836345bf4b29fd78ad82a84561f67b11fefc7650d
ef47516c398597bf8129da611b28429cc6b9007a3cfb5a42909d5d021814da2e
f4f1ca69ad359f87f6de81f5b70675555f6b5cdb87b434d7c7a17be77b88a889