urlscan.io logo urlscan.io
SecurityTrails logo

befjajh.offerdate.link Open in urlscan Pro
176.123.10.32  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3UZiLoE
Effective URL: https://befjajh.offerdate.link/s/62cf1c2250951?track=looker3
Submission: On June 05 via manual from PL — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 15 HTTP transactions. The main IP is 176.123.10.32, located in Moldova and belongs to ALEXHOST, MD. The main domain is befjajh.offerdate.link.
TLS certificate: Issued by R3 on April 25th 2024. Valid for: 3 months.
This is the only time befjajh.offerdate.link was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Porn Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-CL...)
2 147.135.22.54 16276 (OVH)
1 88.214.27.56 209272 (AS-ALVIVA)
1 18.239.83.108 16509 (AMAZON-02)
11 176.123.10.32 200019 (ALEXHOST)
15 4
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
2    147.135.22.54 (United States)

ASN16276 (OVH, FR)
PTR: ip54.ip-147-135-22.us
controlacademic.co
1    88.214.27.56 (Germany)

ASN209272 (AS-ALVIVA, SC)
rubberingreen.com
1    18.239.83.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-108.ams58.r.cloudfront.net
openfpcdn.io
11    176.123.10.32 (Moldova)

ASN200019 (ALEXHOST, MD)
befjajh.offerdate.link
Apex Domain
Subdomains		 Transfer
11 offerdate.link
befjajh.offerdate.link
271 KB
2 controlacademic.co
controlacademic.co
4 KB
1 openfpcdn.io
openfpcdn.io — Cisco Umbrella Rank: 18725
5 KB
1 rubberingreen.com
rubberingreen.com
1 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 7017
325 B
15 5
Domain Requested by
11 befjajh.offerdate.link rubberingreen.com
befjajh.offerdate.link
2 controlacademic.co
1 openfpcdn.io rubberingreen.com
1 rubberingreen.com
1 bit.ly 1 redirects
15 5

This site contains no links.

Subject Issuer Validity Valid
controlacademic.co
RapidSSL TLS RSA CA G1		 2023-10-06 -
2024-10-05		 a year crt.sh
localhost
localhost		 2019-11-05 -
2047-03-22		 27 years crt.sh
openfpcdn.io
Amazon RSA 2048 M02		 2023-12-27 -
2025-01-25		 a year crt.sh
offerdate.link
R3		 2024-04-25 -
2024-07-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://befjajh.offerdate.link/s/62cf1c2250951?track=looker3
Frame ID: 166FB48190D138CF670BAEC166E42FBE
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Najbardziej popularny serwis randkowy w tym miesiÄ…cu

Page URL History Show full URLs

  1. https://bit.ly/3UZiLoE HTTP 301
    https://controlacademic.co/web-school/amphicarpous/buckstay_companionize.html?uydl=xa95 Page URL
  2. http://rubberingreen.com/ HTTP 307
    https://rubberingreen.com/ Page URL
  3. https://befjajh.offerdate.link/s/62cf1c2250951?track=looker3 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

93 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

281 kB
Transfer

431 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3UZiLoE HTTP 301
    https://controlacademic.co/web-school/amphicarpous/buckstay_companionize.html?uydl=xa95 Page URL
  2. http://rubberingreen.com/ HTTP 307
    https://rubberingreen.com/ Page URL
  3. https://befjajh.offerdate.link/s/62cf1c2250951?track=looker3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/3UZiLoE HTTP 301
  • https://controlacademic.co/web-school/amphicarpous/buckstay_companionize.html?uydl=xa95
Request Chain 1
  • http://rubberingreen.com/ HTTP 307
  • https://rubberingreen.com/

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
buckstay_companionize.html
controlacademic.co/web-school/amphicarpous/
Redirect Chain
  • https://bit.ly/3UZiLoE
  • https://controlacademic.co/web-school/amphicarpous/buckstay_companionize.html?uydl=xa95
97 B
488 B 		Document
General
Check archive.org
Download Go to
Full URL
https://controlacademic.co/web-school/amphicarpous/buckstay_companionize.html?uydl=xa95
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
147.135.22.54 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip54.ip-147-135-22.us
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
17e4781932fd96633bf4f9a9dbaabc2d3bc10ee97e92dc803fd1029f1593aa37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
120
Content-Type
text/html
Date
Wed, 05 Jun 2024 13:10:23 GMT
ETag
"0d04fddae7cda1:0"
Last-Modified
Fri, 22 Mar 2024 23:15:44 GMT
Server
Microsoft-IIS/8.5
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=90
content-length
174
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Wed, 05 Jun 2024 13:10:21 GMT
location
https://controlacademic.co/web-school/amphicarpous/buckstay_companionize.html?uydl=xa95
referrer-policy
unsafe-url
server
nginx
via
1.1 google
/
rubberingreen.com/
Redirect Chain
  • http://rubberingreen.com/
  • https://rubberingreen.com/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rubberingreen.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.214.27.56 , Germany, ASN209272 (AS-ALVIVA, SC),
Reverse DNS
Software
Apache/2 /
Resource Hash
009a8645427f1e1b5ada711e78da2f4d905069b7e8e913c98874cb197358c7eb

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Referer
https://controlacademic.co/web-school/amphicarpous/buckstay_companionize.html?uydl=xa95
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
719
Content-Type
text/html
Date
Wed, 05 Jun 2024 13:10:23 GMT
ETag
"6ed-6179dbbf58cc0-gzip"
Keep-Alive
timeout=2, max=100
Last-Modified
Sat, 04 May 2024 09:48:11 GMT
Server
Apache/2
Upgrade
h2,h2c
Vary
Accept-Encoding,User-Agent

Redirect headers

Location
https://rubberingreen.com/
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
controlacademic.co/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://controlacademic.co/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
147.135.22.54 , United States, ASN16276 (OVH, FR),
Reverse DNS
ip54.ip-147-135-22.us
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://controlacademic.co/web-school/amphicarpous/buckstay_companionize.html?uydl=xa95
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

X-Powered-By-Plesk
PleskWin
Strict-Transport-Security
max-age=31536000
Date
Wed, 05 Jun 2024 13:10:23 GMT
Last-Modified
Mon, 25 Jan 2016 21:02:16 GMT
Server
Microsoft-IIS/8.5
ETag
"807dc5abb357d11:0"
X-Powered-By
ASP.NET
Content-Type
image/x-icon
Accept-Ranges
bytes
Content-Length
2907
v1
openfpcdn.io/botd/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://openfpcdn.io/botd/v1
Requested by
Host: rubberingreen.com
URL: https://rubberingreen.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.83.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-108.ams58.r.cloudfront.net
Software
CloudFront /
Resource Hash
29cb26e06f2a4a877f1134a46480d9b78f8b6e0e6f9b0fe67e34307c312b5a89
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://rubberingreen.com/
Origin
https://rubberingreen.com
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 05 Jun 2024 10:49:44 GMT
via
1.1 fa63af50c0e4f34ddecf2b2d0dca224e.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P5
age
8439
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
server
CloudFront
etag
W/"5co2cnhGrt59+8B+iLKwJesMrpA"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=576409, s-maxage=10828
x-amz-cf-id
vN5IvMT2N1Kr3PY_gN0PW3ity6xQxMlXVPMH4mQCZHuRMVJ5jLYfSA==
Primary Request 62cf1c2250951
befjajh.offerdate.link/s/ 		42 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://befjajh.offerdate.link/s/62cf1c2250951?track=looker3
Requested by
Host: rubberingreen.com
URL: https://rubberingreen.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.123.10.32 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
34b321290bbef1fe3ffed164086973336e83b7b00d4453fcf54a9da0c27e4f42

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Referer
https://rubberingreen.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 05 Jun 2024 13:10:25 GMT
Expires
0
Pragma
no-cache
Server
openresty/1.19.3.1
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding
css.css
befjajh.offerdate.link/bundle/2/assets/css/ 		71 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://befjajh.offerdate.link/bundle/2/assets/css/css.css
Requested by
Host: befjajh.offerdate.link
URL: https://befjajh.offerdate.link/s/62cf1c2250951?track=looker3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.123.10.32 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
3836b0592b467da4cab99eb40b0fc44f34622144bac13a784ac88848b2890bda

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://befjajh.offerdate.link/s/62cf1c2250951?track=looker3
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 13:10:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Feb 2018 12:09:57 GMT
Server
openresty/1.19.3.1
ETag
W/"5a7d8f95-11ca8"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000, private
Connection
keep-alive
Expires
Fri, 05 Jul 2024 13:10:25 GMT
jquery-2.js
befjajh.offerdate.link/bundle/2/assets/js/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://befjajh.offerdate.link/bundle/2/assets/js/jquery-2.js
Requested by
Host: befjajh.offerdate.link
URL: https://befjajh.offerdate.link/s/62cf1c2250951?track=looker3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.123.10.32 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://befjajh.offerdate.link/s/62cf1c2250951?track=looker3
Origin
https://befjajh.offerdate.link
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 13:10:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Feb 2018 12:09:57 GMT
Server
openresty/1.19.3.1
ETag
W/"5a7d8f95-14e4a"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000, private
Connection
keep-alive
Expires
Fri, 05 Jul 2024 13:10:25 GMT
js.js
befjajh.offerdate.link/bundle/2/assets/js/ 		414 B
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://befjajh.offerdate.link/bundle/2/assets/js/js.js
Requested by
Host: befjajh.offerdate.link
URL: https://befjajh.offerdate.link/s/62cf1c2250951?track=looker3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.123.10.32 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
f92df46462c54bc2ac714a834a336ca1c8c961992495b6f641311ecb587a9a96

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://befjajh.offerdate.link/s/62cf1c2250951?track=looker3
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 13:10:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Feb 2018 12:09:57 GMT
Server
openresty/1.19.3.1
ETag
W/"5a7d8f95-19e"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000, private
Connection
keep-alive
Expires
Fri, 05 Jul 2024 13:10:25 GMT
no.png
befjajh.offerdate.link/bundle/2/assets/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://befjajh.offerdate.link/bundle/2/assets/img/no.png
Requested by
Host: befjajh.offerdate.link
URL: https://befjajh.offerdate.link/bundle/2/assets/css/css.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.123.10.32 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
fedd7527d1cceee3052bf4bb62e76d56e8200a115d8a2affae23a125578b7ad1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://befjajh.offerdate.link/bundle/2/assets/css/css.css
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 13:10:25 GMT
Last-Modified
Fri, 09 Feb 2018 12:09:57 GMT
Server
openresty/1.19.3.1
ETag
"5a7d8f95-c3e"
Content-Type
image/png
Cache-Control
max-age=2592000, private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3134
Expires
Fri, 05 Jul 2024 13:10:25 GMT
yes.png
befjajh.offerdate.link/bundle/2/assets/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://befjajh.offerdate.link/bundle/2/assets/img/yes.png
Requested by
Host: befjajh.offerdate.link
URL: https://befjajh.offerdate.link/bundle/2/assets/css/css.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.123.10.32 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
6bfdecff876226c1e233f71e7b0b1a6e0eb238281a52156c39f051691dd88a43

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://befjajh.offerdate.link/bundle/2/assets/css/css.css
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 13:10:25 GMT
Last-Modified
Fri, 09 Feb 2018 12:09:57 GMT
Server
openresty/1.19.3.1
ETag
"5a7d8f95-d98"
Content-Type
image/png
Cache-Control
max-age=2592000, private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3480
Expires
Fri, 05 Jul 2024 13:10:25 GMT
1.jpg
befjajh.offerdate.link/bundle/2/assets/img/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://befjajh.offerdate.link/bundle/2/assets/img/1.jpg
Requested by
Host: befjajh.offerdate.link
URL: https://befjajh.offerdate.link/bundle/2/assets/css/css.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.123.10.32 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
15d4127cd56e1b50b5d57340161ff54d22713da009df6904925833779ab125d0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://befjajh.offerdate.link/bundle/2/assets/css/css.css
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 13:10:25 GMT
Last-Modified
Fri, 09 Feb 2018 12:09:57 GMT
Server
openresty/1.19.3.1
ETag
"5a7d8f95-16197"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
90519
Expires
Fri, 05 Jul 2024 13:10:25 GMT
pattern.png
befjajh.offerdate.link/bundle/2/assets/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://befjajh.offerdate.link/bundle/2/assets/img/pattern.png
Requested by
Host: befjajh.offerdate.link
URL: https://befjajh.offerdate.link/bundle/2/assets/css/css.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.123.10.32 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
5cbc28ef1cf07ab8956014b581aa2b96baac861237975813702e63c886b0c004

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://befjajh.offerdate.link/bundle/2/assets/css/css.css
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 13:10:25 GMT
Last-Modified
Fri, 09 Feb 2018 12:09:57 GMT
Server
openresty/1.19.3.1
ETag
"5a7d8f95-af1"
Content-Type
image/png
Cache-Control
max-age=2592000, private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2801
Expires
Fri, 05 Jul 2024 13:10:25 GMT
Lato-Regular.ttf
befjajh.offerdate.link/bundle/2/assets/css/fonts/ 		117 KB
118 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://befjajh.offerdate.link/bundle/2/assets/css/fonts/Lato-Regular.ttf
Requested by
Host: befjajh.offerdate.link
URL: https://befjajh.offerdate.link/bundle/2/assets/css/css.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.123.10.32 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://befjajh.offerdate.link/bundle/2/assets/css/css.css
Origin
https://befjajh.offerdate.link
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 13:10:25 GMT
Last-Modified
Fri, 09 Feb 2018 12:09:57 GMT
Server
openresty/1.19.3.1
ETag
"5a7d8f95-1d584"
Content-Type
application/octet-stream
Cache-Control
max-age=2592000, private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
120196
Expires
Fri, 05 Jul 2024 13:10:25 GMT
track.php
befjajh.offerdate.link/ 		0
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://befjajh.offerdate.link/track.php
Requested by
Host: befjajh.offerdate.link
URL: https://befjajh.offerdate.link/bundle/2/assets/js/jquery-2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.123.10.32 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://befjajh.offerdate.link/s/62cf1c2250951?track=looker3
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 05 Jun 2024 13:10:26 GMT
Content-Encoding
gzip
Server
openresty/1.19.3.1
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/html; charset=UTF-8
favicon.ico
befjajh.offerdate.link/ 		0
116 B 		Other
General
Check archive.org
Download Go to
Full URL
https://befjajh.offerdate.link/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.123.10.32 , Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
Software
openresty/1.19.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://befjajh.offerdate.link/s/62cf1c2250951?track=looker3
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Date
Wed, 05 Jun 2024 13:10:26 GMT
Server
openresty/1.19.3.1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Porn Scam (Online)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| cf boolean| exitPopunder string| fpDataEncoded function| sendTrack function| Fingerprint2 function| fingerprintGo function| collectTrackParams function| closingConfirm function| handleError function| getParameterByName function| collectParams function| checkRequired function| setLeadInfo function| setCF

3 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: o55dal-e9f52da4c8bedbef02-008
.offerdate.link/ Name: s
Value: DKOUO4EvMf20tkCOn7CBFrZbb%2F7D9NmLebNtV5quboLYmLXnH1j5WIc9x%2F%2FHyTFsNeF3RqRu8VBY2T%2FxUjuBgSB%2B3vmRPqNb%2BRxQ5mRnYX8%2FVRfLT5qBq14plrYqUREpK86AosMk25IzpuCg9E5XW4TWMu6wxqpQ%2F8Ca77DRWpuT3cnN%2BJBb3aNDiA7O3rK5CARpu60ccg916dkzi8fAY%2B4S7Kd9i1rk%2B1OXHf6ucT47aGjGJ8XXIRC3qR1Qkv2VT%2FeZSH4AT1B0Hgm%2FYelNf%2BL%2F%2FM%2BZdaVTKNAgMVs0nk3rmkGu1m0Fkc998hVf17mqvUJ2IgDaS9PloBGmhV5KkDAx8b564jyg6rb68lF8S7lvpLhEhO9SZWtF8rRQkNWR4H0%2FZCAafPwUcTnTFAgKCTMGbNQA4OaIP8Kl8OO3zo7pnDCtZY%2BNvDxLxLvoKA%2FpYPlsxrupk0Hjm2hY%2F5bvYs7lCn0T%2BcmdHiPv4oXHV4aRXXjR0TX6EIEqhYEJ2NoilyDjsvrI4jvCl4AiFjsMG%2FXVQXCyoP9tajgaREDbW51uTtirKFoQ6gjPNGTg5WKm5h80dsMDgj92B9Q9zfRAiWBCHekrBlbM4CTu85Y0PUiyi3hFu7tUTdEkk63mpZem%2FpvDGh5kpEEWnIKD2WXVpa2q3Dhy2vccALxANOz%2BMKsbl7N5L83VsTNd2ljRyvZNLRzy%2BBpxQ4YTPDCWPM1li%2Fbl4Ffbz%2BavjQp%2BluxXTNszTOXTS313wnGUfYC%2Fk2%2Bvx1nAOgpH9jqm1sx0zKmJjtYaHECzayZr8TQntBpQH%2F36vyUG5VeWvaLlIH6EjR2SO3iKj9fPXhzIGTMLMW1tVrkIrLJ6IEECFeD89QjKgmP%2BFUaej6RqoNS8VFDENxBX0TSFXT3XvTGBjmd%2BaRF%2F09nslvxy9J9PFBs99Q0BujpcbK9hbrl%2Bt6wBZf1Ciimo7u6LvKistH3A9HqJbqAZHA54TcJ6EmYeJCQMN1Ee8sKtmWa0GPlsXqzfbxTbZ2H0j5EVi6pRj4ZwimdB55X8%2FuZVaipz5Num3m%2B9shu1Uz2Ps0iGspuyymnjy7UairNopSGHSD%2BvTh4ofqF5Fx9kI%2FBrzaZSGbcRPaONroyiFIPupyx2MQ%2Bg%2BCN%2BwDslPMIrscJEyCIrfFhcrKzo7RQDywnj842pwYw1eOOtev2kFI2K0xXkxy5E9dFnpb3tM45qJYDyDUOO2%2B6O6UHM0zxDaww%2BsE5peg3%2BEPlFuQRWeKcVTv%2Bo%2FnHc19Q4CCZpMMDlvabUhlYFtMg%2B4xTVIN4CKp1%2FJ6Uw9kT3sv%2F6xZQb71sR4CpHDhBL7KF54jWUKuCy5asCTxM93sKREXUSiMTk9kt2R4lyos3EQ2phDqeji1QfPkr6PkLI%2Fyu5m5dipcGGgKeeeq7TD9fggVVSsQmE6uUg7kWAn9ruZaKBXWTUksGevTPa8mf1iFfE%2Fdg9mqIxwI1o0R6M17%2BzTp8Xk3c4Ip0%2BHxWXrj2ltUTaYmSqhERHbjvgKH%2FV%2BMnXU3DYeEwyczRoiz2PW4FM0DSGyp%2FP7zbH1S7Fv8maOkC4kvwEyjnHjtDSMXkv759EGFWWSLvDxdz%2BU1W%2BKucTkD%2FHyNvIsVvEAq%2FQ9Frl0gODhGxH2aPYYWTkDpowuuyIOh%2BB7hWVt2IIsGqnsvU4zrcSbZpcGuF5Duh1vRa0pGDx3mty5N%2FUABnXqg6lx2iQDIo6BTcPj%2FYvAOgQP3efgk3Sx3iuja8oKUaXpTko2KFWizEMOeYWQF4024Hn777wLhj6EUd51JvO9AgvFnkZH39%2FEVR3eTIul4rDALbrDdl3woog3XBVlthzHyp8aAKaO7N9uCBkCly2euoZAI%2FkBoXELNqJ
befjajh.offerdate.link/ Name: CF
Value: WLmzDA7oFZMDBW+T6USBJw__

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000