urlscan.io logo urlscan.io
SecurityTrails logo

cbjbdhb.offrsmatcher.com Open in urlscan Pro
5.104.107.248  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://zzp58.nakula.fun/a/RkxQRGZyelVleG1XNThPNEFiTm52NS83cHBpWlNrSEltWnB0OXV1SGorQlFoZ3pudXkvcU5aUkgyb05WRng0Wko1Ukk0Rm...
Effective URL: https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=JELOOL&track=JELOOL&subsource=SkVMT09MLERFLDIxNy4xMTQuMjE1LjEzMixXRUIsVFJBRkVF
Submission Tags: falconsandbox
Submission: On November 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 5.104.107.248, located in Düsseldorf, Germany and belongs to MYLOC-AS WIIT AG, DE. The main domain is cbjbdhb.offrsmatcher.com.
TLS certificate: Issued by R10 on November 6th 2024. Valid for: 3 months.
This is the only time cbjbdhb.offrsmatcher.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Porn Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 4 68.66.226.114 55293 (A2HOSTING)
5 5.104.107.248 24961 (MYLOC-AS ...)
1 2a04:4e42::649 54113 (FASTLY)
10 4
Apex Domain
Subdomains		 Transfer
5 offrsmatcher.com
cbjbdhb.offrsmatcher.com
111 KB
4 onlyloverslive.buzz
haileyjamie.onlyloverslive.buzz
4 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
30 KB
1 nakula.fun
zzp58.nakula.fun
1 KB
10 4
Domain Requested by
5 cbjbdhb.offrsmatcher.com haileyjamie.onlyloverslive.buzz
cbjbdhb.offrsmatcher.com
4 haileyjamie.onlyloverslive.buzz 1 redirects zzp58.nakula.fun
haileyjamie.onlyloverslive.buzz
1 code.jquery.com cbjbdhb.offrsmatcher.com
1 zzp58.nakula.fun
10 4

This site contains no links.

Subject Issuer Validity Valid
nakula.fun
WE1		 2024-10-14 -
2025-01-12		 3 months crt.sh
*.onlyloverslive.buzz
R10		 2024-08-23 -
2024-11-21		 3 months crt.sh
offrsmatcher.com
R10		 2024-11-06 -
2025-02-04		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=JELOOL&track=JELOOL&subsource=SkVMT09MLERFLDIxNy4xMTQuMjE1LjEzMixXRUIsVFJBRkVF
Frame ID: 229E15641D33A434603FFC7D08B4C8F9
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Die beliebtesten Dating-Website des Monats

Page URL History Show full URLs

  1. https://zzp58.nakula.fun/a/RkxQRGZyelVleG1XNThPNEFiTm52NS83cHBpWlNrSEltWnB0OXV1SGorQlFoZ3pudXkvcU5aUk... Page URL
  2. http://haileyjamie.onlyloverslive.buzz/Z1RvRTksSkVMT09MLDE3MzE3MDgzMzEsaHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tL2ludGVy... HTTP 307
    https://haileyjamie.onlyloverslive.buzz/Z1RvRTksSkVMT09MLDE3MzE3MDgzMzEsaHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tL2ludGVy... Page URL
  3. https://haileyjamie.onlyloverslive.buzz/_meetups/?click_id=JELOOL&country_code=DE&user_agent=WEB&ip_address=217.114.... HTTP 302
    https://haileyjamie.onlyloverslive.buzz/_meetups/l.php?click_id=JELOOL&country_code=DE&user_agent=WEB&ip_address=217... Page URL
  4. https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=JELOOL&track=JELOOL&subsource=SkVMT09MLERFLDIxNy4xMTQuM... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

70 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

145 kB
Transfer

230 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://zzp58.nakula.fun/a/RkxQRGZyelVleG1XNThPNEFiTm52NS83cHBpWlNrSEltWnB0OXV1SGorQlFoZ3pudXkvcU5aUkgyb05WRng0Wko1Ukk0RmZlRmpmR0JYZ2lJR1poZHRlMGkySm9QUVBrcWJTTFQ1NkF3Y0xSbXFVcHZJYW9kMTFZS1lNVUhEVlBpUDNncjBhbjlZMktnSnNpT05wQVE2dDUwSjU2cUh6am1FaHRyVjZKdGJTbVgxTnNlemYxWjd4UUFLNFpINFNhL1N3cEExaFUzaXB0dXlRb09NWVNEOStiNWZ6cEl3UTJqYkhHeEhTN0NlNGJ4V0RjcjBsV0kybVdjcHd6cXI0NjR3SnpMOW1NL1FOQWFJcFFNSU5aWHRQUktReTVqZGdOVWtkbkJXMkpqMHJzWDI5M0JPZzhEL1JTL0dwTUpMcklJOG1rR2Q5dmZCaUs4ZEtaMTVHTHk5REYzakZBTkhIcTU4NVRUNG12bzNNR0xlTUVHeURwNlZ4eTZ0WWpYR2JqZE5pMnBXV1R3U2t6cDhlL214TUIrYk9qWC9MS3o5YWRmYTFTYkMzdThlekVrNTY0VDMzdCtpWVdIckpBMldJRklPeVZsbUZydis0YzlOVHA2cnIxWk51U3Z2MERFVW5Lbk1Da0R3NkppbWM9 Page URL
  2. http://haileyjamie.onlyloverslive.buzz/Z1RvRTksSkVMT09MLDE3MzE3MDgzMzEsaHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tL2ludGVybmF0aW9uYWwsVFJBRkVFLEhpISBJJ206IEtlbHNlYSAtIE9uIGxpdmUgc2hvd3MhLA HTTP 307
    https://haileyjamie.onlyloverslive.buzz/Z1RvRTksSkVMT09MLDE3MzE3MDgzMzEsaHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tL2ludGVybmF0aW9uYWwsVFJBRkVFLEhpISBJJ206IEtlbHNlYSAtIE9uIGxpdmUgc2hvd3MhLA Page URL
  3. https://haileyjamie.onlyloverslive.buzz/_meetups/?click_id=JELOOL&country_code=DE&user_agent=WEB&ip_address=217.114.215.132&user_lp=TRAFEE HTTP 302
    https://haileyjamie.onlyloverslive.buzz/_meetups/l.php?click_id=JELOOL&country_code=DE&user_agent=WEB&ip_address=217.114.215.132&user_lp=TRAFEE Page URL
  4. https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=JELOOL&track=JELOOL&subsource=SkVMT09MLERFLDIxNy4xMTQuMjE1LjEzMixXRUIsVFJBRkVF Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://haileyjamie.onlyloverslive.buzz/Z1RvRTksSkVMT09MLDE3MzE3MDgzMzEsaHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tL2ludGVybmF0aW9uYWwsVFJBRkVFLEhpISBJJ206IEtlbHNlYSAtIE9uIGxpdmUgc2hvd3MhLA HTTP 307
  • https://haileyjamie.onlyloverslive.buzz/Z1RvRTksSkVMT09MLDE3MzE3MDgzMzEsaHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tL2ludGVybmF0aW9uYWwsVFJBRkVFLEhpISBJJ206IEtlbHNlYSAtIE9uIGxpdmUgc2hvd3MhLA
Request Chain 3
  • https://haileyjamie.onlyloverslive.buzz/_meetups/?click_id=JELOOL&country_code=DE&user_agent=WEB&ip_address=217.114.215.132&user_lp=TRAFEE HTTP 302
  • https://haileyjamie.onlyloverslive.buzz/_meetups/l.php?click_id=JELOOL&country_code=DE&user_agent=WEB&ip_address=217.114.215.132&user_lp=TRAFEE

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
RkxQRGZyelVleG1XNThPNEFiTm52NS83cHBpWlNrSEltWnB0OXV1SGorQlFoZ3pudXkvcU5aUkgyb05WRng0Wko1Ukk0RmZlRmpmR0JYZ2lJR1poZHRlMGkySm9QUVBrcWJTTFQ1NkF3Y0xSbXFVcHZJYW9kMTFZS1lNVUhEVlBpUDNncjBhbjlZMktnSnNpT05wQ...
zzp58.nakula.fun/a/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zzp58.nakula.fun/a/RkxQRGZyelVleG1XNThPNEFiTm52NS83cHBpWlNrSEltWnB0OXV1SGorQlFoZ3pudXkvcU5aUkgyb05WRng0Wko1Ukk0RmZlRmpmR0JYZ2lJR1poZHRlMGkySm9QUVBrcWJTTFQ1NkF3Y0xSbXFVcHZJYW9kMTFZS1lNVUhEVlBpUDNncjBhbjlZMktnSnNpT05wQVE2dDUwSjU2cUh6am1FaHRyVjZKdGJTbVgxTnNlemYxWjd4UUFLNFpINFNhL1N3cEExaFUzaXB0dXlRb09NWVNEOStiNWZ6cEl3UTJqYkhHeEhTN0NlNGJ4V0RjcjBsV0kybVdjcHd6cXI0NjR3SnpMOW1NL1FOQWFJcFFNSU5aWHRQUktReTVqZGdOVWtkbkJXMkpqMHJzWDI5M0JPZzhEL1JTL0dwTUpMcklJOG1rR2Q5dmZCaUs4ZEtaMTVHTHk5REYzakZBTkhIcTU4NVRUNG12bzNNR0xlTUVHeURwNlZ4eTZ0WWpYR2JqZE5pMnBXV1R3U2t6cDhlL214TUIrYk9qWC9MS3o5YWRmYTFTYkMzdThlekVrNTY0VDMzdCtpWVdIckpBMldJRklPeVZsbUZydis0YzlOVHA2cnIxWk51U3Z2MERFVW5Lbk1Da0R3NkppbWM9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d8dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e673fc48e445d57-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Fri, 22 Nov 2024 07:36:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xDyt5%2BEhl7vJXADuQHWok%2FhPbdr0CWXdg21%2ByXm1fEvca%2F%2Be69Trih5jiBArQavDEnbpmjc6YC4I8tZVfb3q4RTwKpNQ4oFrXEP%2FYx%2FaFkeqvzrzP%2Foav5pV10jl0i4trv1ieON%2FEXpfe7sHOLRE"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=20384&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3909&recv_bytes=2829&delivery_rate=194294&cwnd=253&unsent_bytes=0&cid=a55eb5ee10a4479f&ts=130&x=0"
vary
Accept-Encoding
x-powered-by
PHP/8.0.30
x-turbo-charged-by
LiteSpeed
Z1RvRTksSkVMT09MLDE3MzE3MDgzMzEsaHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tL2ludGVybmF0aW9uYWwsVFJBRkVFLEhpISBJJ206IEtlbHNlYSAtIE9uIGxpdmUgc2hvd3MhLA
haileyjamie.onlyloverslive.buzz/
Redirect Chain
  • http://haileyjamie.onlyloverslive.buzz/Z1RvRTksSkVMT09MLDE3MzE3MDgzMzEsaHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tL2ludGVybmF0aW9uYWwsVFJBRkVFLEhpISBJJ206IEtlbHNlYSAtIE9uIGxpdmUgc2hvd3MhLA
  • https://haileyjamie.onlyloverslive.buzz/Z1RvRTksSkVMT09MLDE3MzE3MDgzMzEsaHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tL2ludGVybmF0aW9uYWwsVFJBRkVFLEhpISBJJ206IEtlbHNlYSAtIE9uIGxpdmUgc2hvd3MhLA
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://haileyjamie.onlyloverslive.buzz/Z1RvRTksSkVMT09MLDE3MzE3MDgzMzEsaHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tL2ludGVybmF0aW9uYWwsVFJBRkVFLEhpISBJJ206IEtlbHNlYSAtIE9uIGxpdmUgc2hvd3MhLA
Requested by
Host: zzp58.nakula.fun
URL: https://zzp58.nakula.fun/a/RkxQRGZyelVleG1XNThPNEFiTm52NS83cHBpWlNrSEltWnB0OXV1SGorQlFoZ3pudXkvcU5aUkgyb05WRng0Wko1Ukk0RmZlRmpmR0JYZ2lJR1poZHRlMGkySm9QUVBrcWJTTFQ1NkF3Y0xSbXFVcHZJYW9kMTFZS1lNVUhEVlBpUDNncjBhbjlZMktnSnNpT05wQVE2dDUwSjU2cUh6am1FaHRyVjZKdGJTbVgxTnNlemYxWjd4UUFLNFpINFNhL1N3cEExaFUzaXB0dXlRb09NWVNEOStiNWZ6cEl3UTJqYkhHeEhTN0NlNGJ4V0RjcjBsV0kybVdjcHd6cXI0NjR3SnpMOW1NL1FOQWFJcFFNSU5aWHRQUktReTVqZGdOVWtkbkJXMkpqMHJzWDI5M0JPZzhEL1JTL0dwTUpMcklJOG1rR2Q5dmZCaUs4ZEtaMTVHTHk5REYzakZBTkhIcTU4NVRUNG12bzNNR0xlTUVHeURwNlZ4eTZ0WWpYR2JqZE5pMnBXV1R3U2t6cDhlL214TUIrYk9qWC9MS3o5YWRmYTFTYkMzdThlekVrNTY0VDMzdCtpWVdIckpBMldJRklPeVZsbUZydis0YzlOVHA2cnIxWk51U3Z2MERFVW5Lbk1Da0R3NkppbWM9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.66.226.114 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ss99.a2hosting.com
Software
Apache / PHP/7.4.33
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://zzp58.nakula.fun/a/RkxQRGZyelVleG1XNThPNEFiTm52NS83cHBpWlNrSEltWnB0OXV1SGorQlFoZ3pudXkvcU5aUkgyb05WRng0Wko1Ukk0RmZlRmpmR0JYZ2lJR1poZHRlMGkySm9QUVBrcWJTTFQ1NkF3Y0xSbXFVcHZJYW9kMTFZS1lNVUhEVlBpUDNncjBhbjlZMktnSnNpT05wQVE2dDUwSjU2cUh6am1FaHRyVjZKdGJTbVgxTnNlemYxWjd4UUFLNFpINFNhL1N3cEExaFUzaXB0dXlRb09NWVNEOStiNWZ6cEl3UTJqYkhHeEhTN0NlNGJ4V0RjcjBsV0kybVdjcHd6cXI0NjR3SnpMOW1NL1FOQWFJcFFNSU5aWHRQUktReTVqZGdOVWtkbkJXMkpqMHJzWDI5M0JPZzhEL1JTL0dwTUpMcklJOG1rR2Q5dmZCaUs4ZEtaMTVHTHk5REYzakZBTkhIcTU4NVRUNG12bzNNR0xlTUVHeURwNlZ4eTZ0WWpYR2JqZE5pMnBXV1R3U2t6cDhlL214TUIrYk9qWC9MS3o5YWRmYTFTYkMzdThlekVrNTY0VDMzdCtpWVdIckpBMldJRklPeVZsbUZydis0YzlOVHA2cnIxWk51U3Z2MERFVW5Lbk1Da0R3NkppbWM9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
717
Content-Type
text/html; charset=UTF-8
Date
Fri, 22 Nov 2024 07:36:33 GMT
Keep-Alive
timeout=3, max=500
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/7.4.33

Redirect headers

Location
https://haileyjamie.onlyloverslive.buzz/Z1RvRTksSkVMT09MLDE3MzE3MDgzMzEsaHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tL2ludGVybmF0aW9uYWwsVFJBRkVFLEhpISBJJ206IEtlbHNlYSAtIE9uIGxpdmUgc2hvd3MhLA
Non-Authoritative-Reason
HttpsUpgrades
1000w
haileyjamie.onlyloverslive.buzz/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haileyjamie.onlyloverslive.buzz/1000w
Requested by
Host: haileyjamie.onlyloverslive.buzz
URL: https://haileyjamie.onlyloverslive.buzz/Z1RvRTksSkVMT09MLDE3MzE3MDgzMzEsaHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tL2ludGVybmF0aW9uYWwsVFJBRkVFLEhpISBJJ206IEtlbHNlYSAtIE9uIGxpdmUgc2hvd3MhLA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.66.226.114 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ss99.a2hosting.com
Software
Apache / PHP/7.4.33
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://haileyjamie.onlyloverslive.buzz/Z1RvRTksSkVMT09MLDE3MzE3MDgzMzEsaHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tL2ludGVybmF0aW9uYWwsVFJBRkVFLEhpISBJJ206IEtlbHNlYSAtIE9uIGxpdmUgc2hvd3MhLA

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding
Cache-Control
no-cache
Content-Encoding
gzip
Pragma
no-cache
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Content-Length
677
Keep-Alive
timeout=3, max=499
Date
Fri, 22 Nov 2024 07:36:34 GMT
Content-Type
text/html; charset=UTF-8
X-Powered-By
PHP/7.4.33
Server
Apache
X-Frame-Options
SAMEORIGIN
l.php
haileyjamie.onlyloverslive.buzz/_meetups/
Redirect Chain
  • https://haileyjamie.onlyloverslive.buzz/_meetups/?click_id=JELOOL&country_code=DE&user_agent=WEB&ip_address=217.114.215.132&user_lp=TRAFEE
  • https://haileyjamie.onlyloverslive.buzz/_meetups/l.php?click_id=JELOOL&country_code=DE&user_agent=WEB&ip_address=217.114.215.132&user_lp=TRAFEE
769 B
845 B 		Document
General
Check archive.org
Download Go to
Full URL
https://haileyjamie.onlyloverslive.buzz/_meetups/l.php?click_id=JELOOL&country_code=DE&user_agent=WEB&ip_address=217.114.215.132&user_lp=TRAFEE
Requested by
Host: haileyjamie.onlyloverslive.buzz
URL: https://haileyjamie.onlyloverslive.buzz/Z1RvRTksSkVMT09MLDE3MzE3MDgzMzEsaHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tL2ludGVybmF0aW9uYWwsVFJBRkVFLEhpISBJJ206IEtlbHNlYSAtIE9uIGxpdmUgc2hvd3MhLA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
68.66.226.114 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
az1-ss99.a2hosting.com
Software
Apache / PHP/7.4.33
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://haileyjamie.onlyloverslive.buzz/Z1RvRTksSkVMT09MLDE3MzE3MDgzMzEsaHR0cHM6Ly93d3cudGhlZ3VhcmRpYW4uY29tL2ludGVybmF0aW9uYWwsVFJBRkVFLEhpISBJJ206IEtlbHNlYSAtIE9uIGxpdmUgc2hvd3MhLA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
414
Content-Type
text/html; charset=UTF-8
Date
Fri, 22 Nov 2024 07:36:34 GMT
Keep-Alive
timeout=3, max=497
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/7.4.33

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Fri, 22 Nov 2024 07:36:34 GMT
Keep-Alive
timeout=3, max=498
Location
/_meetups/l.php?click_id=JELOOL&country_code=DE&user_agent=WEB&ip_address=217.114.215.132&user_lp=TRAFEE
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
PHP/7.4.33
Primary Request 002d12a170722
cbjbdhb.offrsmatcher.com/s/ 		43 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=JELOOL&track=JELOOL&subsource=SkVMT09MLERFLDIxNy4xMTQuMjE1LjEzMixXRUIsVFJBRkVF
Requested by
Host: haileyjamie.onlyloverslive.buzz
URL: https://haileyjamie.onlyloverslive.buzz/_meetups/l.php?click_id=JELOOL&country_code=DE&user_agent=WEB&ip_address=217.114.215.132&user_lp=TRAFEE
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
srv11409.dus4.dedicated.server-hosting.expert
Software
openresty /
Resource Hash
ebe1627dd3e57a5f7b657df833431a811f09bed26f3b92dce1197cb827b5be94

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
must-revalidate, no-cache, no-store, private
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 22 Nov 2024 07:36:35 GMT
Server
openresty
Transfer-Encoding
chunked
Vary
Accept-Encoding
expires
-1
pragma
no-cache
style.css
cbjbdhb.offrsmatcher.com/bundle/373/assets/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cbjbdhb.offrsmatcher.com/bundle/373/assets/css/style.css
Requested by
Host: cbjbdhb.offrsmatcher.com
URL: https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=JELOOL&track=JELOOL&subsource=SkVMT09MLERFLDIxNy4xMTQuMjE1LjEzMixXRUIsVFJBRkVF
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
srv11409.dus4.dedicated.server-hosting.expert
Software
openresty /
Resource Hash
564be9acf9a12554f06ec1c07117f284232284923d5def54f1688559ef28818d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=JELOOL&track=JELOOL&subsource=SkVMT09MLERFLDIxNy4xMTQuMjE1LjEzMixXRUIsVFJBRkVF

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=2592000, private
Content-Encoding
gzip
ETag
W/"5fb812b1-1e16"
Connection
keep-alive
Expires
Sun, 22 Dec 2024 07:36:35 GMT
Date
Fri, 22 Nov 2024 07:36:35 GMT
Last-Modified
Fri, 20 Nov 2020 19:02:09 GMT
Content-Type
text/css
Vary
Accept-Encoding
Server
openresty
jquery-3.2.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: cbjbdhb.offrsmatcher.com
URL: https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=JELOOL&track=JELOOL&subsource=SkVMT09MLERFLDIxNy4xMTQuMjE1LjEzMixXRUIsVFJBRkVF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://cbjbdhb.offrsmatcher.com
Referer
https://cbjbdhb.offrsmatcher.com/

Response headers

content-encoding
gzip
etag
W/"28feccc0-15283"
age
851562
x-cache
HIT, HIT
date
Fri, 22 Nov 2024 07:36:35 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
18, 63984
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21971-LGA, cache-fra-etou8220067-FRA
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1732260995.192532,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
30125
server
nginx
functions.js
cbjbdhb.offrsmatcher.com/bundle/373/assets/js/ 		1 KB
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cbjbdhb.offrsmatcher.com/bundle/373/assets/js/functions.js
Requested by
Host: cbjbdhb.offrsmatcher.com
URL: https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=JELOOL&track=JELOOL&subsource=SkVMT09MLERFLDIxNy4xMTQuMjE1LjEzMixXRUIsVFJBRkVF
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
srv11409.dus4.dedicated.server-hosting.expert
Software
openresty /
Resource Hash
48e7fce4de999dc2a1a99ec249b03011fe571e6f4d5383f8a447337b8a64d982

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=JELOOL&track=JELOOL&subsource=SkVMT09MLERFLDIxNy4xMTQuMjE1LjEzMixXRUIsVFJBRkVF

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=2592000, private
Content-Encoding
gzip
ETag
W/"5fb812b1-50e"
Connection
keep-alive
Expires
Sun, 22 Dec 2024 07:36:35 GMT
Date
Fri, 22 Nov 2024 07:36:35 GMT
Last-Modified
Fri, 20 Nov 2020 19:02:09 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Server
openresty
1.jpg
cbjbdhb.offrsmatcher.com/bundle/373/assets/img/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbjbdhb.offrsmatcher.com/bundle/373/assets/img/1.jpg
Requested by
Host: cbjbdhb.offrsmatcher.com
URL: https://cbjbdhb.offrsmatcher.com/bundle/373/assets/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
srv11409.dus4.dedicated.server-hosting.expert
Software
openresty /
Resource Hash
a4b00bc34b3e6fb222d380c95a9ed2fd409720e31977a92046deeb44780acbee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cbjbdhb.offrsmatcher.com/bundle/373/assets/css/style.css

Response headers

Cache-Control
max-age=2592000, private
ETag
"5fb812b1-15214"
Connection
keep-alive
Expires
Sun, 22 Dec 2024 07:36:35 GMT
Content-Length
86548
Date
Fri, 22 Nov 2024 07:36:35 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 20 Nov 2020 19:02:09 GMT
Server
openresty
favicon.png
cbjbdhb.offrsmatcher.com/bundle/373/assets/img/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cbjbdhb.offrsmatcher.com/bundle/373/assets/img/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE),
Reverse DNS
srv11409.dus4.dedicated.server-hosting.expert
Software
openresty /
Resource Hash
295edf085e27ef23a0e5286026e35841f6c1900abadee9910a4e9d74290fb2e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://cbjbdhb.offrsmatcher.com/s/002d12a170722?sub1=JELOOL&track=JELOOL&subsource=SkVMT09MLERFLDIxNy4xMTQuMjE1LjEzMixXRUIsVFJBRkVF

Response headers

Cache-Control
max-age=2592000, private
ETag
"5fb812b1-fe2"
Connection
keep-alive
Expires
Sun, 22 Dec 2024 07:36:35 GMT
Content-Length
4066
Date
Fri, 22 Nov 2024 07:36:35 GMT
Content-Type
image/png
Last-Modified
Fri, 20 Nov 2020 19:02:09 GMT
Server
openresty

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Porn Scam (Online)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| sendTrack function| Fingerprint2 function| fingerprintGo function| collectTrackParams function| closingConfirm function| handleError function| getParameterByName function| collectParams function| checkRequired function| setLeadInfo function| setCF

1 Cookies

Domain/Path Name / Value
.offrsmatcher.com/ Name: s
Value: ZYvpGRxPYyiUHnncA6g8mDea8Kb3UbuMOXdqCiqTzEr4KTK60W2%2B%2BhNPrgKncH7FsSFPLfgq4mExIRa1%2BJPURSB%2BLvaXHuNb%2BRe47yAzDY23W7uozsjvjxk%2Fbfh1UuAVO4PvCHh9Na5lFZc8scvcL5f%2BdellI3CdsZmEJrBl77bzsiS5BRf5lFm6S9uo4jTnjZITw82VBnZ5F0EhPHk2PRaskXqrGNI%2FpsKGTawNEhNsvv2e1dpDMhw5POGVLN%2F%2Flhmf5xOsqE8W0HZWC1iFi5Tw91R%2FiKQqKFcmWWtYLRuSLK0gqO1b7F4SXMcyJ5K8MvrKBKRJnhzQ8kdKo1bXmsujECDSVHKyp9Ko%2FlWmE067TRIGe0j2ndz1EuGJmdtYVG95gHPlWAQV%2Ba8q3CRL%2FBXJE1ydL9MbFYIXN0risXlfAYtJJyILDCDyAlffWAbW%2FkNk%2FBkmZdwCh0dB8wkNYrZPMldyO3PkleLJ8nc46R0nzNzRgNimvqyxqI7AgI33V2ptamCm5oJ3RlPrGtQzADZv2e0DI6Da7zjmz%2FemFAVLDYTadzd8xEpDDJO%2BXuIYNNqknHe6KKxsEu49HWi9Kl5zIjIelkpwQfgydMi1l5eurqD0wq0NJGVBBWwBdjDDgZN4IMvLG%2BxISt4Wb3lo%2FmgGVHHW4nbAeFXllVBx8esvlnNlSp%2BJDotZgQxS1MOOiRSeu6ZlrHKiqxdCLlP1YebC6NPp7VlVoAV7yKe4qPn959%2FHA4SBnA4CEDp6GlydahNkcAdErkM5xsFFLJoaVFNYbix5M2kSSzC7sIL19CMYsYgW5Mk6PZ%2BQo3VFFZ9nYg7LUP3aPvJVTFVVipT2ghyfLpGTdo4kr3KF3tjCP%2BQDu6hRgKJwoQh4xWb7nfJxxxQ%2Fka8Ajpg08R%2B8HNaUZP4HEMUK7%2BsLvA5E8xDIBOjGTMdjTXUDvdxoAhwYJ3ODWGdQp6mTdH8%2BFEinNN5t1eGScy71m0n7Wkj82%2BIDxDI%2FUiewl9ben%2FIjq37RmLiKGom504xyQajj5SISa52sTBksPdkdNQjDHyU83rZ1jyLibAshVKgs%2BUwlStKbx7LlkEScoxIUNJO%2FL3LiD9fVDy1niSKvUoZ91C0a4W4ld2JOunzYa2R4wOQ1z21YHeyUOVm7unw4A2tsLUTvlPIl4mu%2BVaZ54FVdQxZZquSTqd5wO7fZua%2Fa%2BIpqJluWAyrjvUfKPNpRkh2Atk%2BRgMNin1NeTxDmsK9cBlwM%2FfXQqATUJk2Lkmktx1ULii3HPzlb83%2BN4QoRY4%2BPv0AMJ8pFyHN2KsPCBHsiTjcZUklHrfoHFkgS7SUHGpu%2FvCz2ZuVbK8eE6rBEtrhtAwMxEohUAVU9XINOzA4qIXJavZIhEvs4fOsKHuy%2Bfd7KBoDvcX2zfflpfCxQ9cUuKlUjqInYpSvzMFBkx4fzG1C8ct6uERK%2FaldxYMHa8bfg80Roz05UeVFPBtl0GOrmAbdy%2FK%2BCoHuNwyhaWxezNSHWe0o%2FjMLrpfu1dHXK%2BWGcc67F6dyOAYGMDlcFA9KS9QaGnKkJBisCU7d4v0UEdxYrtDlU0MmuK42FoqXWQVNCwH%2B1V2QuAmNB6W4fIHugzXxfhdOrDc3nWs4%2BLD8CBJp48ixbqgJ6NBusBp%2BmP5ebY7kDquAbPtozru03UWhmj1c5605TYSPXl6nkJZE7G6SeRvnqMcPrRlUV6D4hxpr107GFEV332mnGYnAnPwJZrh3JDAKTdy4C5Jlv91mpAZdtYMskXfgc%2Fp2%2BwJjjCyh0vWSDYxyjCINtu2Z%2BqI0X01vZPUtpRxcAw5RHM%2FnRKRz%2FmpipSRf0yYHleMUo1Tr2CEC8Gd9hRKf6TxNhkmcCFg%2F3z4iVR2oD5nueM0MsZTKQtPGtiixbcS0j30qfmRO8XIPEm94A%2BqTXT6hkRYIcsWzmGe8oJR%2FUaaaobSg3wgZnceA%2Bc5kdqv8zj8zX3qrk3JWBDwFCUQVZjYgPC8d%2FYMsXCt1qGbo%3D