bartender.ga
Open in
urlscan Pro
2a02:4780:dead:c70f::1
Malicious Activity!
Public Scan
Summary
This is the only time bartender.ga was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
31 | 2a02:4780:dea... 2a02:4780:dead:c70f::1 | 204915 (AWEX) (AWEX) | |
1 | 2606:4700:10:... 2606:4700:10::6814:432e | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 38.107.161.101 38.107.161.101 | 33313 (WILCON) (WILCON - Wilcon) | |
5 | 198.27.102.144 198.27.102.144 | 16276 (OVH) (OVH) | |
42 | 5 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.000webhost.com |
ASN16276 (OVH, FR)
PTR: haproxy2.ca.servers.visadd.com
a.visadd.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
31 |
bartender.ga
bartender.ga |
999 KB |
5 |
visadd.com
a.visadd.com |
115 KB |
1 |
nav-links.com
intext.nav-links.com |
19 B |
1 |
000webhost.com
cdn.000webhost.com |
2 KB |
0 |
bycontext.com
Failed
offers.bycontext.com Failed |
|
0 |
ad-score.com
Failed
cdn.ad-score.com Failed |
|
0 |
crbfjs.info
Failed
i.crbfjs.info Failed |
|
42 | 7 |
Domain | Requested by | |
---|---|---|
31 | bartender.ga |
bartender.ga
|
5 | a.visadd.com |
bartender.ga
a.visadd.com |
1 | intext.nav-links.com |
bartender.ga
|
1 | cdn.000webhost.com |
bartender.ga
|
0 | offers.bycontext.com Failed |
bartender.ga
|
0 | cdn.ad-score.com Failed |
bartender.ga
|
0 | i.crbfjs.info Failed |
bartender.ga
|
42 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
m.facebook.com |
lm.facebook.com |
www.000webhost.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.000webhost.com COMODO RSA Domain Validation Secure Server CA |
2018-10-19 - 2020-12-17 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://bartender.ga/login.html
Frame ID: 4CB4683CFD1109B9568957DF8AA9D1B7
Requests: 42 HTTP requests in this frame
11 Outgoing links
These are links going to different origins than the main page.
Title: facebook
Search URL Search Domain Scan URL
Title: Create New Account
Search URL Search Domain Scan URL
Title: Forgotten Password?
Search URL Search Domain Scan URL
Title: Help Centre
Search URL Search Domain Scan URL
Title: English (US)
Search URL Search Domain Scan URL
Title: தமிழ்
Search URL Search Domain Scan URL
Title: తెలుగు
Search URL Search Domain Scan URL
Title: ಕನ್ನಡ
Search URL Search Domain Scan URL
Title: More…
Search URL Search Domain Scan URL
Title: Back to Vodafone live!
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
42 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.html
bartender.ga/ |
28 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CNHc4v_CLCN.css
bartender.ga/login_files/ |
130 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5ElI6hQe13h.js
bartender.ga/login_files/ |
15 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sf_main.jsp
bartender.ga/login_files/ |
14 KB 14 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
javascript.js
bartender.ga/login_files/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
client
bartender.ga/login_files/ |
37 KB 37 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
intext.js
bartender.ga/login_files/ |
177 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1037.js
bartender.ga/login_files/ |
666 B 1001 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a.php
bartender.ga/login_files/ |
514 KB 82 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
preload.js
bartender.ga/login_files/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
inj_sprk_starter.js
bartender.ga/login_files/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
l.js
bartender.ga/login_files/ |
557 B 892 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
l(1).js
bartender.ga/login_files/ |
557 B 892 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ctxjs.js
bartender.ga/login_files/ |
48 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a.js
bartender.ga/login_files/ |
370 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a(1).js
bartender.ga/login_files/ |
120 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sf_main(1).jsp
bartender.ga/login_files/ |
14 KB 14 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
javascript(1).js
bartender.ga/login_files/ |
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a(2).php
bartender.ga/login_files/ |
515 KB 82 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1008.js
bartender.ga/login_files/ |
617 B 952 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
500150410323000000
bartender.ga/login_files/ |
358 KB 358 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
preload(1).js
bartender.ga/login_files/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
inj_sprk_starter(1).js
bartender.ga/login_files/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
l(2).js
bartender.ga/login_files/ |
556 B 891 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a(3).js
bartender.ga/login_files/ |
120 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0HT6snIymXH.js
bartender.ga/login_files/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
affs
bartender.ga/login_files/ |
4 KB 5 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4taU6VbxtGw.js
bartender.ga/login_files/ |
253 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vEucQRuEb0K.js
bartender.ga/login_files/ |
850 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
affs(1)
bartender.ga/login_files/ |
7 KB 7 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer-powered-by-000webhost-white2.png
cdn.000webhost.com/000webhost/logo/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
opt_content.js
i.crbfjs.info/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
intexteval.pl
intext.nav-links.com/util/ |
0 19 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
layer
a.visadd.com/script/ |
400 KB 107 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
adscore.js
cdn.ad-score.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
obcountry.php
offers.bycontext.com/scjs/ctxjs/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
opt_content.js
i.crbfjs.info/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6nr0WdeTbDw.png
bartender.ga/rsrc.php/v2/yG/r/ |
3 KB 3 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serve
a.visadd.com/script/layer/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reporter
a.visadd.com/internal/ |
43 B 463 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
reporter
a.visadd.com/internal/ |
43 B 391 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serve
a.visadd.com/internal/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- i.crbfjs.info
- URL
- http://i.crbfjs.info/opt_content.js?v=opt_1419351787852&partner=crbf&channel=crbfcrdr_200229910323000000&sset=2&appTitle=CinemaP-1.3c&sset=2&ip=1.39.62.87
- Domain
- cdn.ad-score.com
- URL
- http://cdn.ad-score.com/adscore.js
- Domain
- offers.bycontext.com
- URL
- http://offers.bycontext.com/scjs/ctxjs/obcountry.php
- Domain
- i.crbfjs.info
- URL
- http://i.crbfjs.info/opt_content.js?v=opt_1419351787852&partner=crbf&channel=crbfcrdr_200229910323000000&sset=2&appTitle=CinemaP-1.3c&sset=2&ip=1.39.62.87
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)96 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| __BUFFER__ number| __DEV__ function| __m function| __t function| __w function| define function| require function| requireDynamic function| requireLazy function| __d object| ErrorUtils object| JX string| JavaScriptJsTagUrl string| JavaScriptJsTags function| DealPlyStandaloneOptCls object| DealPlyStandaloneOpt function| dealplyHexToString string| itype string| firstTime undefined| nocValue undefined| firstTimeParam object| DealPlyDomParams function| DealPlyConfigOptCls object| DealPlyConfigOpt object| $adtext undefined| rnum undefined| prot undefined| img object| _rvz object| _rvz1700x1037 object| visadd string| protocol object| curr_host_split object| _gaq object| inj_sprk_ns object| f_art_obj string| AdScoreObject function| adScore boolean| simp1yC0t3xgs string| domain object| channelBlacklist boolean| controlNwb boolean| newtab string| uCountry object| _0x7e93 object| __blackListUrls__ function| __checkIfUrlIsValid__ boolean| __validDomain__ function| __myWindow__ function| __onlyMe__ object| _0x1406 function| SwfStore string| url object| _rvz1700x1008 function| __updateOrientation function| MRequest function| getCookie object| notification object| hostingerLogo undefined| mainContent object| newList undefined| googleFont undefined| css undefined| style undefined| sheet undefined| button undefined| link undefined| h1Tag undefined| paragraph undefined| list undefined| listElements undefined| org_html undefined| new_html undefined| saleImage function| getZIndex function| getElementPosition function| getComputedStylePropertyValue object| brand_name_for_internal object| shopping_words object| g_metadata number| wordscount object| match_dict string| unit_code_url string| not_first object| obj_style boolean| use_foce_image number| curtop number| cur_width string| imageTitle object| visadd_image_0 string| frame_id object| data_obj function| inj_sprk_callback0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.visadd.com
bartender.ga
cdn.000webhost.com
cdn.ad-score.com
i.crbfjs.info
intext.nav-links.com
offers.bycontext.com
cdn.ad-score.com
i.crbfjs.info
offers.bycontext.com
198.27.102.144
2606:4700:10::6814:432e
2a02:4780:dead:c70f::1
38.107.161.101
024b6bc3344e040a25cf0a13640fdecb345f69883accb3dd9277a4e7fe503c5d
034845a9028e8b58e98d970405b0587ac5b1e41bf82efa3805d5890c7f654522
09171fd7f274e7f16adf99b79b8795ba1a11d3804dbdc42306b12b2e0ce6e0d1
0e442a66790557428c2634bc38486d07c2796138be54763c18f52eb124661e07
135d1ac9a12e66e48add329541b01a46badfb6ae5e1fd94b542e77a8c706ca46
15156aa0134c7bd4456d259b724b8e96f526b9849b3991bdac9745c33ae5ed16
19f7a36a363425150cebcf7ee35c9ecd1681b85dfb356b0381a2625d5eab514e
2c0ea90798c8a19ec14f2b93e7d9e891c667d6fc6734f14b470aa947f9f5e13f
376180082b6f33c81a4d0d773a512239c7962d1f09e24acec4aa6871049f214b
40d796301276b004ad08671b26b684e860b5c8801641540d0e34e6e37dcfd8e6
5147ffc8ece62b56ddccbc2805f1182046bc81361c728aabe0811600af0177b0
66b68871a83dc5050cb8df17855b076315ee0356e832bf2729279e16b08744c2
7502ff68d2ad3b470f86171b7f544eaefe8fd3c141779fcd0eb8b4f47921d6ca
7862da6943987df987216f4bbd61ebbe323581974221ce420be46f47bc7d113b
811b62cdd2a419b734f26767d1ff04bdc256d524b378cbfd9c2edf4e88e24346
81c04592775e54fb8ab491ac7f1db4eebc2a07176132085a6d3115d9681adb78
8523b51e440bae28c5b1fca5df69135ff7c7e0b961b83d287d83f3f5671d9338
866aac2b05d0790dd6b5aa788ecec7573eb051b2f9cbca7a114342266953e7d3
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
9327663db171e3c01e351f3f5562ee5ed8f3d6bde6a7da57d966997f1a4b7a57
94d05717788fdabe57c2cb18fa79de6559d0098e36a9bc49c72a4069eace2ab9
a2b346e4b063672693c81474d0c8c8daed911edfee584e642feaadb89dba76ab
a2de728a7f45e29a6d5e83ffb0426049f48404af8d8527c500e9f9d3ff1c59c1
ad9a629a580a69ef4ebff83f3a947babd9c09eca24f30020e30015ce51327fd0
b0b5d6baa83cb9d3fa609bc2eb3384fdbc2794e6e563628060ff4d03952876e5
b51cf255eff70234d85d8c9def5e6fe7c23fe28b2907adac91d482dc37156305
bcaaf8aabe17002924fe9ea9c023caabea2e65d9542bdc2bfeb56cfb0d1090a9
c4f30028fb47d5457bff84aac77b8675a643b2b6686fad65637c5b554d615b38
c51d47c848f0b5d22739014565bba199641228918148e645565bcc0d74c18e71
dc8aa1c273f919c6b08c5a1adc2c95401ed280baf4e4ab75586211b11c780979
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e435cc26e8214205982eebbdc5c3e38c25b64da0f9908e215d1aba608f2ceba7
f2d6f42522f261dddb964d504dee329658a9194feaec8bae3eb1fc91e091a442