lovebonus.xyz
Open in
urlscan Pro
2606:4700:30::681c:165d
Malicious Activity!
Public Scan
Effective URL: https://lovebonus.xyz/
Submission: On December 20 via manual from US
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 19th 2019. Valid for: 10 months.
This is the only time lovebonus.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Instagram (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 104.27.149.53 104.27.149.53 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 1 | 2606:4700:30:... 2606:4700:30::681b:8690 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 29 | 2606:4700:30:... 2606:4700:30::681c:165d | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
29 | 2 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
hachget.xyz |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
lovebonus.xyz |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
lovebonus.xyz
1 redirects
lovebonus.xyz |
420 KB |
1 |
facebook.net
connect.facebook.net |
30 KB |
1 |
hachget.xyz
1 redirects
hachget.xyz |
439 B |
1 |
1bob4all.blue
1 redirects
1bob4all.blue |
707 B |
29 | 4 |
Domain | Requested by | |
---|---|---|
29 | lovebonus.xyz |
1 redirects
lovebonus.xyz
|
1 | connect.facebook.net |
lovebonus.xyz
|
1 | hachget.xyz | 1 redirects |
1 | 1bob4all.blue | 1 redirects |
29 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-12-19 - 2020-10-09 |
10 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-12-06 - 2020-03-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://lovebonus.xyz/
Frame ID: 3FF1C8BECC1100669EE43032E1C1957E
Requests: 29 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://1bob4all.blue/
HTTP 302
https://hachget.xyz/920cc9/ HTTP 302
https://lovebonus.xyz/link/1 HTTP 302
https://lovebonus.xyz/ Page URL
Detected technologies
animate.css (Web Frameworks) ExpandDetected patterns
- html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://1bob4all.blue/
HTTP 302
https://hachget.xyz/920cc9/ HTTP 302
https://lovebonus.xyz/link/1 HTTP 302
https://lovebonus.xyz/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
lovebonus.xyz/ Redirect Chain
|
20 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
lovebonus.xyz/offer_22/css/ |
19 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.min.css
lovebonus.xyz/offer_22/css/ |
54 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
lovebonus.xyz/offer_22/img/ |
10 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
money-bag.png
lovebonus.xyz/offer_22/img/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
credit-card.png
lovebonus.xyz/offer_22/img/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ng.png
lovebonus.xyz/offer_22/img/ |
68 KB 68 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moneygif.gif
lovebonus.xyz/offer_22/img/ |
124 KB 124 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
help.png
lovebonus.xyz/offer_22/img/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Visa_Logo.png
lovebonus.xyz/offer_22/img/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mc_hrz_thmb_282_2x.png
lovebonus.xyz/offer_22/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mir-logo-h229px.png
lovebonus.xyz/offer_22/img/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w23.jpg
lovebonus.xyz/offer_22/img/p/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w22.jpg
lovebonus.xyz/offer_22/img/p/ |
9 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m22.jpg
lovebonus.xyz/offer_22/img/p/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w21.jpg
lovebonus.xyz/offer_22/img/p/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m21.jpg
lovebonus.xyz/offer_22/img/p/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w20.jpg
lovebonus.xyz/offer_22/img/p/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w19.jpg
lovebonus.xyz/offer_22/img/p/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w18.jpg
lovebonus.xyz/offer_22/img/p/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m20.jpg
lovebonus.xyz/offer_22/img/p/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
w17.jpg
lovebonus.xyz/offer_22/img/p/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
lovebonus.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 856 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-2.1.3.min.js
lovebonus.xyz/offer_22/js/ |
82 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
redirect.js
lovebonus.xyz/offer_22/js/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
lovebonus.xyz/offer_22/js/ |
241 B 194 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
126 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
piggy-bank.png
lovebonus.xyz/offer_22/img/ |
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WhitneySSm-Book-ProCy.woff
lovebonus.xyz/offer_22/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Instagram (Social Network)51 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate number| page_id function| fbq function| _fbq function| getCookie object| notification object| hostingerLogo undefined| mainContent object| newList undefined| googleFont undefined| css undefined| style undefined| sheet undefined| button undefined| link undefined| h1Tag undefined| paragraph undefined| list undefined| listElements undefined| org_html undefined| new_html undefined| saleImage function| $ function| jQuery string| CRedirectName boolean| redirectLastPage undefined| cookee_page_id object| pages function| setCookie function| readCookie function| redirectPage function| load function| init function| buttonH undefined| waitTUpdateVal function| waitTUpdate undefined| notificationHideTime undefined| notificationInterval undefined| vipMoneyStart undefined| vipBonusStart undefined| moneyNotIn undefined| mDataNotification undefined| notificationDiv undefined| notificationHideShow undefined| notificationHideInt function| notificationShow function| notificationHide undefined| isAddNotificationPage function| addNotificationPage function| uprBonus2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
lovebonus.xyz/ | Name: PHPSESSID Value: 4f77e460c5d6b59206f1ff71c86ecf75 |
|
.lovebonus.xyz/ | Name: __cfduid Value: db5a0ce8671116b9430370b93ae01a4641576849119 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1bob4all.blue
connect.facebook.net
hachget.xyz
lovebonus.xyz
104.27.149.53
2606:4700:30::681b:8690
2606:4700:30::681c:165d
2a03:2880:f01c:8012:face:b00c:0:3
031509b92bc00559d84e8cf350dcd2a3cdc846a3879122eeb6d7ef5ec1623a00
04f12eecf10f46d7bdcc8b14e14c3a0d6ce9da2f9ed19ee68e02aa16a113622d
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
1f7ca6b299181b7ef462bd002cfa099343f9e4434358d63bdffc1c2175a11b44
2379eed253f22d5a0fceb797236f84708a567fb05c380fdb114f6ff937596aa4
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
286aa7f452ef5fddfc63883d5c654ace48331a4b98fcd03d7aa4f1b0ed2d1088
4e692ff70f8915593c4855d47faf894c883da2f5399c2b21779dcb7a9f8a9363
521420cdb908f67ff3574920c419e11d6ba9e30859b709f61e356c05b2c520d0
549fa0b9eb0f03a788b9220fe1e1c4b6ec87253bf7f91eb445de9dcce1455dce
5a42daf1921ea54fa43ac117b6ed1d6255337d0aa523e5185ca84351d03c05fb
6f8160f2120207ce028853d90765c9fbe0c11af7b585b0b3e988aafb1caf8af0
70fa8a457b77c7ce8ec47c16f4c917590deddd1f437732a0821aea1821f7ab90
760291ea0eb4cecf85da06c9cb6f6b04662261c86af3e4608a2304fde3f96abe
76cca5a69d4bb2b6d8d8057eeb2c33262cf1c858480c1d4ae9ffefdda1f5082d
8530938f31a6030e55d0af6880d810cafe11adf129284005ab495a5fbad8d83c
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
935d0e2482cbf3d612c09214145cf8146ba22abd6e17ccb36bc98ac1c4b64b9b
99b7f9d00b216c54a642973a6012a6f9fdb75de2c948afef9c3686820df12cdd
b01402fa4cf588ad5a8d53c7a5c2908759ed31533311f8089230367c86b5df81
b15128035c73bcd34065b6b33859afc4efa56d1f20a26d53ba35864d5ddf20cb
b33c18ea3ddef5fa307d4636846e5b6551018c2509631f0f577a6120f4c212a3
b4abfe9ee3e27921a0b0b9de32a670fdea36d0440bd8dc8138a0f976061958f9
c03761294e0f7a56a0d7adb724ec55510e9e69a883ed12d2f0c4dc8fb59e38ca
d02cdb09e17f51061f971594cf330f59b7a4413f101d0018a265d20f644cd568
d7438c98e3fb75ef9aa2ffd34025894379c418a0e6315818cacb6a53f07e8627
eb58f76272c2ba3ddd8179890e5f44f04a6be9601905ded49d5ef2cf3e014892
f031699e851e3f8fad78ec2aa53ecaa916d0191df5d29096e020ef9dda5c8b9c