efade.bustyaffar.com Open in urlscan Pro
178.162.199.80 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gardanos.ru/1101L15978759-01015311-101013-1001H.html
Effective URL:
https://efade.bustyaffar.com/s/63bf007e02311
Submission: On September 04 via manual (September 4th 2023, 12:02:22 pm UTC) from HU — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 178.162.199.80, located in Berlin, Germany and belongs to LEASEWEB-DE-FRA-10, DE. The main domain is efade.bustyaffar.com.
TLS certificate: Issued by R3 on August 15th 2023. Valid for: 3 months.

This is the only time efade.bustyaffar.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Porn Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	45.89.65.106 45.89.65.106	205090 (FIRST-SER...) (FIRST-SERVER-EUROPE)
1 1	185.195.26.119 185.195.26.119	204997 (FIRSTBYTE-AS) (FIRSTBYTE-AS)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	178.162.199.80 178.162.199.80	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
10	1

1 45.89.65.106 (Moscow Oblast, Russian Federation) 1 redirects

ASN205090 (FIRST-SERVER-EUROPE, GB)
PTR: gardanos.ru

gardanos.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.195.26.119 (Moscow Oblast, Russian Federation) 1 redirects

ASN204997 (FIRSTBYTE-AS, GB)
PTR: rukodelie-zarabotok.ru

rukodelie-zarabotok.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

shawield.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 178.162.199.80 (Berlin, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)

efade.bustyaffar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	bustyaffar.com efade.bustyaffar.com	283 KB
1	shawield.ru 1 redirects shawield.ru	542 B
1	rukodelie-zarabotok.ru 1 redirects rukodelie-zarabotok.ru	258 B
1	gardanos.ru 1 redirects gardanos.ru	317 B
10	4

	Domain	Requested by
10	efade.bustyaffar.com	efade.bustyaffar.com
1	shawield.ru	1 redirects
1	rukodelie-zarabotok.ru	1 redirects
1	gardanos.ru	1 redirects
10	4

This site contains no links.

Subject Issuer	Validity	Valid
bustyaffar.com R3	`2023-08-15` - `2023-11-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://efade.bustyaffar.com/s/63bf007e02311
Frame ID: 942C95CEA6A3450148415B39CD97AA92
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Die beliebtesten Dating-Website des Monats

Page URL History Show full URLs

http://gardanos.ru/1101L15978759-01015311-101013-1001H.html HTTP 301
http://rukodelie-zarabotok.ru/1101L15978759-01015311-101013-1001H.html HTTP 302
https://shawield.ru/interspire HTTP 302
https://efade.bustyaffar.com/s/63bf007e02311 Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

1
IPs

3
Countries

283 kB
Transfer

579 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gardanos.ru/1101L15978759-01015311-101013-1001H.html HTTP 301
http://rukodelie-zarabotok.ru/1101L15978759-01015311-101013-1001H.html HTTP 302
https://shawield.ru/interspire HTTP 302
https://efade.bustyaffar.com/s/63bf007e02311 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request 63bf007e02311 Show response efade.bustyaffar.com/s/ Redirect Chain http://gardanos.ru/1101L15978759-01015311-101013-1001H.html http://rukodelie-zarabotok.ru/1101L15978759-01015311-101013-1001H.html https://shawield.ru/interspire https://efade.bustyaffar.com/s/63bf007e02311	43 KB 16 KB	840ms 559ms	Document text/html	178.162.199.80 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://efade.bustyaffar.com/s/63bf007e02311 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.199.80 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS Software openresty/1.19.3.1 / Resource Hash `56c7e40e0940d231265667d311cf3a64d70c5cf02c25fb50f8391e216e2621ad` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Mon, 04 Sep 2023 12:02:16 GMT Server openresty/1.19.3.1 Transfer-Encoding chunked Vary Accept-Encoding Redirect headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8016151a6d08997a-FRA content-type text/html; charset=UTF-8 date Mon, 04 Sep 2023 12:02:15 GMT location https://efade.bustyaffar.com/s/63bf007e02311 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1EsPfOFUpTE0uU%2FVH1cC6tHmlxgGjs0ZX3TBBwxYn3LHzrVgtmlVIAXYnR%2F0Vs3wwlbYt8B6%2F05SOsykXjJK%2FZA%2BTXgCjh7OAgSBCyTyCTC5OpKsp2DkiFbRKOjEcZvBFPDwm29ocfU1Q%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33
GET H/1.1	200 OK	style.css efade.bustyaffar.com/bundle/301/assets/css/	52 KB 13 KB	39ms 39ms	Stylesheet text/css	178.162.199.80 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://efade.bustyaffar.com/bundle/301/assets/css/style.css Requested by Host: efade.bustyaffar.com URL: https://efade.bustyaffar.com/s/63bf007e02311 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.199.80 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS Software openresty/1.19.3.1 / Resource Hash `765d8f4c22b5d9aea2d849d06bf9cbb47a40d1af57e8080bf9873f17cb8651f9` Request headers accept-language de-DE,de;q=0.9 Referer https://efade.bustyaffar.com/s/63bf007e02311 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Mon, 04 Sep 2023 12:02:16 GMT Content-Encoding gzip Last-Modified Wed, 25 Mar 2020 11:57:15 GMT Server openresty/1.19.3.1 ETag W/"5e7b471b-cec2" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Connection keep-alive
GET H/1.1	200 OK	logo.png efade.bustyaffar.com/bundle/301/assets/img/	1 KB 1 KB	119ms 39ms	Image image/png	178.162.199.80 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Show image Full URL https://efade.bustyaffar.com/bundle/301/assets/img/logo.png Requested by Host: efade.bustyaffar.com URL: https://efade.bustyaffar.com/s/63bf007e02311 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.199.80 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS Software openresty/1.19.3.1 / Resource Hash `3f68f0782d363750744f67d981d9c32c6244e71e23293ec8d17bdcb0b36945c2` Request headers accept-language de-DE,de;q=0.9 Referer https://efade.bustyaffar.com/s/63bf007e02311 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Mon, 04 Sep 2023 12:02:16 GMT Last-Modified Wed, 25 Mar 2020 11:57:15 GMT Server openresty/1.19.3.1 ETag "5e7b471b-4ea" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1258
GET H/1.1	200 OK	jquery.js Show response efade.bustyaffar.com/bundle/301/assets/js/	84 KB 29 KB	83ms 43ms	Script application/javascript	178.162.199.80 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://efade.bustyaffar.com/bundle/301/assets/js/jquery.js Requested by Host: efade.bustyaffar.com URL: https://efade.bustyaffar.com/s/63bf007e02311 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.199.80 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS Software openresty/1.19.3.1 / Resource Hash `05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e` Request headers accept-language de-DE,de;q=0.9 Referer https://efade.bustyaffar.com/s/63bf007e02311 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Mon, 04 Sep 2023 12:02:16 GMT Content-Encoding gzip Last-Modified Wed, 25 Mar 2020 11:57:15 GMT Server openresty/1.19.3.1 ETag W/"5e7b471b-14e4a" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	functions.js Show response efade.bustyaffar.com/bundle/301/assets/js/	254 KB 76 KB	164ms 87ms	Script application/javascript	178.162.199.80 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://efade.bustyaffar.com/bundle/301/assets/js/functions.js Requested by Host: efade.bustyaffar.com URL: https://efade.bustyaffar.com/s/63bf007e02311 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.199.80 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS Software openresty/1.19.3.1 / Resource Hash `49341eafd7cb8b62ead1ecd2e2ca916c6c55c449ceb45c2c3ca423be00d971b8` Request headers accept-language de-DE,de;q=0.9 Referer https://efade.bustyaffar.com/s/63bf007e02311 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Mon, 04 Sep 2023 12:02:16 GMT Content-Encoding gzip Last-Modified Wed, 25 Mar 2020 11:57:15 GMT Server openresty/1.19.3.1 ETag W/"5e7b471b-3f619" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	bg.jpg efade.bustyaffar.com/bundle/301/assets/img/	101 KB 101 KB	133ms 67ms	Image image/jpeg	178.162.199.80 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Show image Full URL https://efade.bustyaffar.com/bundle/301/assets/img/bg.jpg Requested by Host: efade.bustyaffar.com URL: https://efade.bustyaffar.com/bundle/301/assets/css/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.199.80 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS Software openresty/1.19.3.1 / Resource Hash `408b7f5fdce3b7f93fdba3bcb4e47f6e64e70a15c02d38879b6297e9d7cb9e45` Request headers accept-language de-DE,de;q=0.9 Referer https://efade.bustyaffar.com/bundle/301/assets/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Mon, 04 Sep 2023 12:02:16 GMT Last-Modified Wed, 25 Mar 2020 11:57:15 GMT Server openresty/1.19.3.1 ETag "5e7b471b-19375" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 103285
GET H/1.1	200 OK	1.jpg efade.bustyaffar.com/bundle/301/assets/img/	17 KB 17 KB	154ms 78ms	Image image/jpeg	178.162.199.80 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Show image Full URL https://efade.bustyaffar.com/bundle/301/assets/img/1.jpg Requested by Host: efade.bustyaffar.com URL: https://efade.bustyaffar.com/bundle/301/assets/css/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.199.80 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS Software openresty/1.19.3.1 / Resource Hash `d23157cff1e15192fb85ef456dad32c54b0e34d85235822005207517facbda38` Request headers accept-language de-DE,de;q=0.9 Referer https://efade.bustyaffar.com/bundle/301/assets/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Mon, 04 Sep 2023 12:02:16 GMT Last-Modified Wed, 25 Mar 2020 11:57:15 GMT Server openresty/1.19.3.1 ETag "5e7b471b-4227" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 16935
GET H/1.1	200 OK	2.jpg efade.bustyaffar.com/bundle/301/assets/img/	12 KB 13 KB	114ms 37ms	Image image/jpeg	178.162.199.80 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Show image Full URL https://efade.bustyaffar.com/bundle/301/assets/img/2.jpg Requested by Host: efade.bustyaffar.com URL: https://efade.bustyaffar.com/bundle/301/assets/css/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.199.80 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS Software openresty/1.19.3.1 / Resource Hash `df33173c7d5d08e9ce01490ffcea6df05910654dad4b04443eb0a6276dce3092` Request headers accept-language de-DE,de;q=0.9 Referer https://efade.bustyaffar.com/bundle/301/assets/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Mon, 04 Sep 2023 12:02:16 GMT Last-Modified Wed, 25 Mar 2020 11:57:15 GMT Server openresty/1.19.3.1 ETag "5e7b471b-31c2" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 12738
GET H/1.1	200 OK	3.jpg efade.bustyaffar.com/bundle/301/assets/img/	16 KB 17 KB	80ms 64ms	Image image/jpeg	178.162.199.80 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Show image Full URL https://efade.bustyaffar.com/bundle/301/assets/img/3.jpg Requested by Host: efade.bustyaffar.com URL: https://efade.bustyaffar.com/bundle/301/assets/css/style.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.199.80 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS Software openresty/1.19.3.1 / Resource Hash `91bc529d2329ad04e61d303f0408524469340da5f78216f57075c3b20950e47f` Request headers accept-language de-DE,de;q=0.9 Referer https://efade.bustyaffar.com/bundle/301/assets/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Response headers Date Mon, 04 Sep 2023 12:02:16 GMT Last-Modified Wed, 25 Mar 2020 11:57:15 GMT Server openresty/1.19.3.1 ETag "5e7b471b-41e9" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 16873
POST H/1.1	200 OK	track.php Show response efade.bustyaffar.com/	0 254 B	88ms 88ms	XHR text/html	178.162.199.80 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://efade.bustyaffar.com/track.php Requested by Host: efade.bustyaffar.com URL: https://efade.bustyaffar.com/bundle/301/assets/js/functions.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 178.162.199.80 Berlin, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS Software openresty/1.19.3.1 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept / Referer https://efade.bustyaffar.com/s/63bf007e02311 X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers Date Mon, 04 Sep 2023 12:02:16 GMT Content-Encoding gzip Server openresty/1.19.3.1 Connection keep-alive Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Porn Scam (Online)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
shawield.ru/	1970-01-20 14:31:55	Name: qwerty_interspire Value: 0
.bustyaffar.com/	1970-01-20 14:31:55	Name: s Value: sBwYEOoprRNe42jVT0YWmvHnPBJOS0te6k0%2FR1nj61MEOTiEWxU1kylxiHCbcoM9FaZ9Gf0HGtMrIHuB%2Bj8%2BRSB%2BNvmBHqNV%2FTS4TyxzYdGlCiTgYNuIcK2CkB9UrfoJrSLw2NNAXgMZ4xB%2F60rEAlsnZ0gnAQ4m%2BegdxVGivHnigU9Rip0w8ZMiw%2FQa6nXOMkSANBO6V8cN%2BdFY8azplU7cQkmyEn%2B814TDuo7cjxSV0T1Qg9ozUuIAjGLwFW%2F9cc%2B6Fl5KUz8r4qZSdH8%2B9%2BOOkvCCeBiQYlcJujsiZ2jw8%2FcCp7l%2BjUMYT7%2BzIwekUoW6Iy5douxUkqaPrQAjwt8jQIZPeD1CSUhnIiyPp98H8ldQshMYSlEZzIZfUWVyJUJ%2BtbOLuWyJJF3tZJFTXQooGtePtQ2nAc5iII0QqXBYDsc9NAom39QAMu0IhVKCo%2BTGKhz%2F866cvWYh90Cpo261VQZqGjVV%2F%2Fluqgvzt%2BVo8TsEJ0sMKwDBfvtxUa35pQgIG8OvhxREH7kXBfMouBSfDFOssNEuiUdPs%2BKcrnUTIIqG%2BXAeffoB%2FK3%2BJr31tY2vpntdNQ0eqBjDRp0d7oT1ZHUKIOMexs%2FZudsaKoXdurgFPXwaG3pXTg9pINfkvVBAYYt1yb%2FNi%2Fq%2BMs1bQ0qiD71ssggQy0dosYCPrh8gEj4DGN%2BSHAwaGm%2Bi8tz8BUMZTn0otNdGyfLPrqM%2B3AjarsK4DGgNrZHeqRBoUJNNw%2Fh8sY6lp9JCa24euUvGQf3tnUBHZU7gK0YbX4zmBfNuO92Dlnwl3Cqjie0UROxiCdA44G0uVNo%2F1L%2FJSZbaFflo103Yq4Ae96A1eSjjHg5awY61DDFXbGk4Bglb4ZRjpeURgq1x60OfC%2Br%2BCBVsfYTPxJPqOczLUa0cpjWr2DwYq1ujEQIHA6Af16Sm4KbrVuga8Xp2LUS%2BCU%2F04mVtgEyA%2BKC3CZeY1%2BDngHIlSfvxQeENlUFwRNm3twyWd5gwH%2F9uJwv5N0I6xArnM81c3mcfXuPMU%2BnNx6tLY%2B24bBCHH5%2FQEF8sxBprsCiY7rmyNQBhHWOgd7YqNm0K9LG2%2BKMeg0Dd4rvdu6%2Fj1IPhwu9tcnEF7evavJ%2FjSXiXBoUyJJNb8easIljOeTxTJaYBES2BD2NcmdlRqQ7WStmEoCwmJi7ulldRjfU3Nz6khZhEMTfn4jpIimMHHQTRBjBNlcl9ZpUH51dST%2BcVPQ7kbydQX3QrIThAK8uGGqpd7tro2sai27we5UeuQmxHFd6J5pJiXQaiQexBb7bbrWEjnMcqBcRN2ukCeoJ9TRUUWXdI0%2BCfynQQ3ImQlDQHPSc1sisExjO%2F3QocWwvo8pmC%2FsnrSu6Odt3bMbUzAuoMWWHmkEZuX8GKZ0%2F24r%2BdG819i0Ly2CwaHoCYTeX3LVZdpcKEnWcR%2BDLTutMHEsumeTZlKgW34%2FUj%2F3gbGW%2B6tRkB3badOjHrrd6aZgfOhS9eef5f%2FIt8Gh32EqlrfRfIjjsY%2F%2FYbmsA%2FsrJYzhwrVqqVKlAIrXD3L%2BaLFAsFKWHxXSG9yYWHY9Oi9ZzedzyllG43LUDZUY9MxmbflhHCyH4xXDE9v5bFULrmBiOgT62BI231mtH7xmmsQpCT6CQ6%2BtizCSV%2FE%2BH8C4MNZzC06tNWWCHpL75UVSjKFdYn7iSalAutJ3H2anTGuoEmKz69Zi7yCVVWePpadO4%3D
efade.bustyaffar.com/	1969-12-31 23:59:59	Name: CF Value: BFjUGBtzHcK6OQrxA5/8vA__

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

efade.bustyaffar.com
gardanos.ru
rukodelie-zarabotok.ru
shawield.ru
178.162.199.80
185.195.26.119
2a06:98c1:3120::3
45.89.65.106
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
3f68f0782d363750744f67d981d9c32c6244e71e23293ec8d17bdcb0b36945c2
408b7f5fdce3b7f93fdba3bcb4e47f6e64e70a15c02d38879b6297e9d7cb9e45
49341eafd7cb8b62ead1ecd2e2ca916c6c55c449ceb45c2c3ca423be00d971b8
56c7e40e0940d231265667d311cf3a64d70c5cf02c25fb50f8391e216e2621ad
765d8f4c22b5d9aea2d849d06bf9cbb47a40d1af57e8080bf9873f17cb8651f9
91bc529d2329ad04e61d303f0408524469340da5f78216f57075c3b20950e47f
d23157cff1e15192fb85ef456dad32c54b0e34d85235822005207517facbda38
df33173c7d5d08e9ce01490ffcea6df05910654dad4b04443eb0a6276dce3092
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

efade.bustyaffar.com Open in urlscan Pro 178.162.199.80 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

1 IPs

3 Countries

283 kBTransfer

579 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

3 Cookies

Indicators

efade.bustyaffar.com Open in urlscan Pro
178.162.199.80 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

1
IPs

3
Countries

283 kB
Transfer

579 kB
Size

3
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!