graperstep.website
Open in
urlscan Pro
2606:4700:3034::6815:4f66
Malicious Activity!
Public Scan
Effective URL: https://graperstep.website/4c73c7bd655a820b181228cb7bb9f3bc
Submission: On February 24 via api from US — Scanned from US
Summary
TLS certificate: Issued by E1 on February 9th 2024. Valid for: 3 months.
This is the only time graperstep.website was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Tracking (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 45.139.123.53 45.139.123.53 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL) | |
1 1 | 2606:4700:303... 2606:4700:3036::6815:5155 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
20 | 2606:4700:303... 2606:4700:3034::6815:4f66 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42:600... 2a04:4e42:600::649 | 54113 (FASTLY) (FASTLY) | |
5 | 2606:4700:303... 2606:4700:3031::ac43:b1e2 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2607:f8b0:400... 2607:f8b0:4006:817::2003 | 15169 (GOOGLE) (GOOGLE) | |
34 | 6 |
ASN13335 (CLOUDFLARENET, US)
trk-adulvion.com | |
event.trk-adulvion.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
graperstep.website
graperstep.website |
126 KB |
5 |
trk-adulvion.com
trk-adulvion.com — Cisco Umbrella Rank: 467550 event.trk-adulvion.com — Cisco Umbrella Rank: 503411 |
3 KB |
4 |
gstatic.com
fonts.gstatic.com Failed |
32 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 729 |
33 KB |
1 |
xelatoprime.bio
1 redirects
xelatoprime.bio |
672 B |
1 |
farmingswat.com
farmingswat.com |
425 B |
34 | 6 |
Domain | Requested by | |
---|---|---|
20 | graperstep.website |
farmingswat.com
graperstep.website |
4 | event.trk-adulvion.com |
trk-adulvion.com
|
4 | fonts.gstatic.com |
graperstep.website
|
1 | trk-adulvion.com |
graperstep.website
|
1 | code.jquery.com |
graperstep.website
|
1 | xelatoprime.bio | 1 redirects |
1 | farmingswat.com | |
34 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
graperstep.website E1 |
2024-02-09 - 2024-05-09 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
trk-adulvion.com GTS CA 1P5 |
2024-02-15 - 2024-05-15 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://graperstep.website/4c73c7bd655a820b181228cb7bb9f3bc
Frame ID: D397F3AE5A250BECF25FDF8608FEE868
Requests: 32 HTTP requests in this frame
Screenshot
Page Title
Track & TracePage URL History Show full URLs
- http://farmingswat.com/0/0/0/d54d6edfd14579f8bdf8aefcba0dfd36/12/152-4360/1775-14367-6322 Page URL
-
https://xelatoprime.bio/?s1=351765&s2=1146838534&s3=6510&s10=3970
HTTP 302
https://graperstep.website/4c73c7bd655a820b181228cb7bb9f3bc Page URL
Detected technologies
Lightbox (JavaScript Libraries) ExpandDetected patterns
- <link [^>]*href="[^"]+lightbox(?:\.min)?\.css
- lightbox(?:-plus-jquery)?.{0,32}\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://farmingswat.com/0/0/0/d54d6edfd14579f8bdf8aefcba0dfd36/12/152-4360/1775-14367-6322 Page URL
-
https://xelatoprime.bio/?s1=351765&s2=1146838534&s3=6510&s10=3970
HTTP 302
https://graperstep.website/4c73c7bd655a820b181228cb7bb9f3bc Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
1775-14367-6322
farmingswat.com/0/0/0/d54d6edfd14579f8bdf8aefcba0dfd36/12/152-4360/ |
128 B 425 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
4c73c7bd655a820b181228cb7bb9f3bc
graperstep.website/ Redirect Chain
|
68 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
graperstep.website/fim/7c295d68414ddc72249314be40944f33/ |
84 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script_c.js
graperstep.website/fim/7c295d68414ddc72249314be40944f33/ |
3 KB 989 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_002.css
graperstep.website/fim/7c295d68414ddc72249314be40944f33/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
graperstep.website/fim/7c295d68414ddc72249314be40944f33/ |
32 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
graperstep.website/fim/7c295d68414ddc72249314be40944f33/ |
635 B 612 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
msg.v3.js
graperstep.website/inc/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2e191a73e4f2b0b8bcba9ea1e377f335.svg
graperstep.website/fim/3970/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
779da5d8906e9340d0f588f06db554c1.svg
graperstep.website/fim/3970/ |
1 KB 744 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
f90c12f0814f3fa7fd5557da97f9f62b.jpg
graperstep.website/fim/3970/ |
42 KB 42 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bb63fdf4dde9c5add5bcc450a2992f48.svg
graperstep.website/fim/3970/ |
8 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
194b4813d7cad9a5173837f2ec3bb7c9.svg
graperstep.website/fim/3970/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lander.css
graperstep.website/templates/assets/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.lightbox.css
graperstep.website/templates/assets/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
email-decode.min.js
graperstep.website/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.0.min.js
code.jquery.com/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.lightbox.js
graperstep.website/templates/assets/ |
48 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
graperstep.website/templates/assets/ |
66 B 559 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
functions.js
graperstep.website/templates/assets/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v9e118mez8
trk-adulvion.com/scripts/push/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icons.svg
graperstep.website/icons/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
kcf5uOXucLcbFOydGU24WALUuEpTyoUstqEm5AMlJo4.woff
fonts.gstatic.com/s/lato/v11/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
qIIYRU-oROkIk8vfvxw6QvesZW2xOQ-xsNqO47m55DA.woff
fonts.gstatic.com/s/lato/v11/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
qdgUG4U09HnJwhYI-uK18wLUuEpTyoUstqEm5AMlJo4.woff
fonts.gstatic.com/s/lato/v11/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v9/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v9/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
4c73c7bd655a820b181228cb7bb9f3bc
graperstep.website/ |
25 B 584 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
v9e118mez8
event.trk-adulvion.com/register/event_log/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
v9e118mez8
event.trk-adulvion.com/register/event_log/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
v9e118mez8
event.trk-adulvion.com/register/event_log/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
v9e118mez8
event.trk-adulvion.com/register/event_log/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/s/lato/v11/kcf5uOXucLcbFOydGU24WALUuEpTyoUstqEm5AMlJo4.woff
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/s/lato/v11/qIIYRU-oROkIk8vfvxw6QvesZW2xOQ-xsNqO47m55DA.woff
- Domain
- fonts.gstatic.com
- URL
- http://fonts.gstatic.com/s/lato/v11/qdgUG4U09HnJwhYI-uK18wLUuEpTyoUstqEm5AMlJo4.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Tracking (Transportation)35 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| change function| pushCount object| MYCALL string| s1 string| s2 string| fp string| esource string| pshpub string| pshdomain string| pshfingerprint number| refresh_page string| popUrl string| s3 undefined| time function| popunder function| mfq_tags undefined| data undefined| email_prepop undefined| refresh function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
xelatoprime.bio/ | Name: PHPSESSID Value: 2b7d5cf24087186ca756c38ebfc0e941 |
|
graperstep.website/ | Name: PHPSESSID Value: 61813f9690734cbed8749773ada2df0f |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
event.trk-adulvion.com
farmingswat.com
fonts.gstatic.com
graperstep.website
trk-adulvion.com
xelatoprime.bio
fonts.gstatic.com
2606:4700:3031::ac43:b1e2
2606:4700:3034::6815:4f66
2606:4700:3036::6815:5155
2607:f8b0:4006:817::2003
2a04:4e42:600::649
45.139.123.53
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
0d1b28e56a3cefabfcc3ddfc06a8a79daacd036539cd9a22b6685a00921ed64b
23b333974694cd7a3512ebc085f87c3c7fd29d7f80361657036275d26d292c76
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
3263bb41c37e93568aa88421e753f4247c809c3dc7b8e21c701c966d16eee5b0
45d5a7d7097282db9ff9abbbe217a17df484907deee502aa94739dd96efee501
525a32eb38343cf4c990dcd031f74c4428fb1af85ca65e1e9c3d24c04f473dd9
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
5a8b3e007de640137c3e128a01ab99b0d8d9c172547ffad5e08d7faae0aba1f2
5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
62f7ef6281d5e0db3f14298ca3707ee3a9f61d1ee85ac5fa5dade011eafb32e9
6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65
72b5508eefd5a9c85c53de4e82c9e8821dea88160cddd36d31644506c1cbfa13
72b629cd526729bd25e6091b21e3e3ed6e16e17fb549a700f029f0c5693b0f4f
79d59a7d49f2a9995524cce0f1b1ff19b7571eba8b9b486d61ee0d78f1245099
8c17435e1a09ed89d29dab00015da616c16e39da1c5daf5f8c8026dcbcf5836a
9c7fbdbe3f7a3ddcf0ffbf80de23a19c4f24c2ac97407857897654f83d72f3ce
b41875aa6c964e770eb0047c1f976c6f944c636a46720d95c482d6c6500ca22d
b682f0ba621d4699d5d8710faf70073fd2db145bea324ea30c89395e3f752757
d25030cad5e23aa280c9a65fb19e973700ca57b5cb728d9b036d2207cb42057b
d4510bab255981b0603809be87ea6c1265506449ca79c4039b148592ae254a3b
f54b1ad0b0176eb50830de5fada679bc3f032245eff71d81506f1bd68ac49e2d
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388