www.custom-google-search.ga
Open in
urlscan Pro
2a00:1450:4001:801::2013
Malicious Activity!
Public Scan
Effective URL: https://www.custom-google-search.ga/
Submission Tags: @phishunt_io
Submission: On April 14 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1D4 on April 1st 2023. Valid for: 3 months.
This is the only time www.custom-google-search.ga was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online)Domain & IP information
ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net
custom-google-search.ga |
ASN15169 (GOOGLE, US)
www.custom-google-search.ga |
ASN15169 (GOOGLE, US)
lh3.googleusercontent.com |
ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li456-214.members.linode.com
store.i95dev.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-253-53.eu-central-1.compute.amazonaws.com
simplewebanalysis.com |
ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu
uprimp.com |
ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.127.skhosting.eu
ylx-i.advertica-cdn2.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
google.com
apis.google.com — Cisco Umbrella Rank: 121 cse.google.com — Cisco Umbrella Rank: 2759 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 437 |
351 KB |
5 |
blogger.com
www.blogger.com — Cisco Umbrella Rank: 9115 |
67 KB |
4 |
uprimp.com
uprimp.com — Cisco Umbrella Rank: 265762 |
6 KB |
3 |
advertica-cdn2.com
ylx-i.advertica-cdn2.com — Cisco Umbrella Rank: 260393 |
24 KB |
3 |
custom-google-search.ga
1 redirects
custom-google-search.ga www.custom-google-search.ga |
29 KB |
2 |
dibab.click
dibab.click — Cisco Umbrella Rank: 216276 |
26 KB |
2 |
urldelivery.com
www.urldelivery.com Failed |
2 KB |
2 |
simplewebanalysis.com
simplewebanalysis.com — Cisco Umbrella Rank: 15927 |
617 B |
2 |
wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 2645 |
31 KB |
1 |
googleapis.com
www.googleapis.com — Cisco Umbrella Rank: 23 |
117 B |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 707 |
33 KB |
1 |
bnserving.com
www.bnserving.com |
6 KB |
1 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 |
455 B |
1 |
i95dev.com
store.i95dev.com |
57 KB |
1 |
googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 57 |
5 KB |
42 | 15 |
Domain | Requested by | |
---|---|---|
5 | www.google.com |
cse.google.com
www.google.com www.custom-google-search.ga |
5 | www.blogger.com |
www.custom-google-search.ga
apis.google.com |
4 | uprimp.com |
www.custom-google-search.ga
code.jquery.com uprimp.com |
4 | apis.google.com |
www.custom-google-search.ga
apis.google.com www.blogger.com |
3 | ylx-i.advertica-cdn2.com |
uprimp.com
|
2 | dibab.click |
uprimp.com
dibab.click |
2 | www.urldelivery.com |
www.bnserving.com
|
2 | simplewebanalysis.com |
www.bnserving.com
|
2 | upload.wikimedia.org |
www.custom-google-search.ga
|
2 | cse.google.com |
www.custom-google-search.ga
www.google.com |
2 | www.custom-google-search.ga |
www.custom-google-search.ga
|
1 | www.googleapis.com |
www.custom-google-search.ga
|
1 | clients1.google.com |
www.custom-google-search.ga
|
1 | code.jquery.com |
uprimp.com
|
1 | www.bnserving.com |
www.custom-google-search.ga
|
1 | pagead2.googlesyndication.com |
www.custom-google-search.ga
|
1 | store.i95dev.com |
www.custom-google-search.ga
|
1 | lh3.googleusercontent.com |
www.custom-google-search.ga
|
1 | custom-google-search.ga | 1 redirects |
42 | 19 |
This site contains links to these domains. Also see Links.
Domain |
---|
yllix.com |
www.facebook.com |
www.youtube.com |
accounts.google.com |
cse.google.com |
www.blogger.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.custom-google-search.ga GTS CA 1D4 |
2023-04-01 - 2023-06-30 |
3 months | crt.sh |
*.blogger.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
*.apis.google.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-10-27 - 2023-11-17 |
a year | crt.sh |
*.googleusercontent.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
*.i95dev.com Go Daddy Secure Certificate Authority - G2 |
2023-01-06 - 2024-01-12 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
bnserving.com R3 |
2023-03-18 - 2023-06-16 |
3 months | crt.sh |
simplewebanalysis.com Amazon RSA 2048 M01 |
2023-03-02 - 2024-03-31 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
banners.uprimp.com R3 |
2023-04-01 - 2023-06-30 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-03-28 - 2023-06-20 |
3 months | crt.sh |
ylx-i.advertica-cdn2.com R3 |
2023-02-15 - 2023-05-16 |
3 months | crt.sh |
*.urldelivery.com R3 |
2023-03-28 - 2023-06-26 |
3 months | crt.sh |
dibab.click R3 |
2023-03-04 - 2023-06-02 |
3 months | crt.sh |
This page contains 7 frames:
Primary Page:
https://www.custom-google-search.ga/
Frame ID: 00972FFD77FBD50EA81FBCFDF1461DC6
Requests: 30 HTTP requests in this frame
Frame:
https://www.blogger.com/navbar.g?targetBlogID=8480214800349180681&blogName=Custom+Google+Search&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.custom-google-search.ga/search&blogLocale=en&v=2&homepageUrl=https://www.custom-google-search.ga/&vt=-6136241628041914450&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.I9sG9xyb3VQ.O%2Fd%3D1%2Frs%3DAHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ%2Fm%3D__features__
Frame ID: 586DEAA7BB3DDECE16631BC8E3B09A4D
Requests: 3 HTTP requests in this frame
Frame:
https://uprimp.com/banner_show.php?section=General&pub=849277&format=728x90&ga=g&slider=225beced62a757096d5bb583b9aec011
Frame ID: 34A70C07DD5CC9F3E143775CFE04CCC2
Requests: 1 HTTP requests in this frame
Frame:
https://www.urldelivery.com/watch.745408776448?key=37182f7f856edd5267b5482bf2e3fbf1&kw=%5B%22custom%22%2C%22google%22%2C%22search%22%5D&refer=https%3A%2F%2Fwww.custom-google-search.ga%2F&tz=0&dev=r&res=4.31&uuid=087b37b6-d9ba-456a-bca0-1b97c6855237%3A3%3A1
Frame ID: A72717B4D4981881FD981F386216111D
Requests: 1 HTTP requests in this frame
Frame:
https://www.urldelivery.com/watch.395698044900?key=4d549fc94bda281a31412c9ac677f326&kw=%5B%22custom%22%2C%22google%22%2C%22search%22%5D&refer=https%3A%2F%2Fwww.custom-google-search.ga%2F&tz=0&dev=r&res=4.31&uuid=087b37b6-d9ba-456a-bca0-1b97c6855237%3A3%3A1
Frame ID: D05A51A10CB691DEC4ACA3A043730B85
Requests: 1 HTTP requests in this frame
Frame:
https://uprimp.com/show.php?u70771681479472=true&ad=673873&f=728x90&a=625611&cri=0&s=ODVhYTBjMzY4ZTgwMTZlOTIwYmY3MjdiNGNiNDA1NzQ=&u=849277&si=613974592&di=43565512&ci=16&h=23c9ae0c750a0ae03e26ddfcf968fc12&cc=DE&slider=225beced62a757096d5bb583b9aec011&https=1&useAf=loaded_string_38014923fadba7771df8b0de05bdac01eaf2f_2558629_1681479472.0551_90539&ar=aHR0cHM6Ly93d3cuY3VzdG9tLWdvb2dsZS1zZWFyY2guZ2Ev
Frame ID: F23550F54632699E56586976EAA7BD72
Requests: 5 HTTP requests in this frame
Frame:
https://dibab.click/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XAdCdrikGpAkZCdZAdrrCACjrNkANANijCrCZZZCCrixCrrZCrCrGCxCZGGAridZACCrxi_48098&adApiR=loaded_string_38014923fadba7771df8b0de05bdac01eaf2f_2558629_1681479472.0551_90539&refferer=2959916012_aHR0cHM6Ly93d3cuY3VzdG9tLWdvb2dsZS1zZWFyY2guZ2Ev&width=728&height=90&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=697487571366&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Frame ID: 717D4849AAD2568C4396A6737D4347B1
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Custom Google SearchsearchsearchPage URL History Show full URLs
-
https://custom-google-search.ga/
HTTP 301
https://www.custom-google-search.ga/ Page URL
Detected technologies
Google Sign-in (Social logins) ExpandDetected patterns
- apis\.google\.com/js/platform\.js
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Google Plus (Widgets) Expand
Detected patterns
- apis\.google\.com/js/[a-z]*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Advertise Here!
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Blogger
Search URL Search Domain Scan URL
Title: Weitere Informationen
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://custom-google-search.ga/
HTTP 301
https://www.custom-google-search.ga/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
42 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.custom-google-search.ga/ Redirect Chain
|
201 KB 27 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ |
35 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
platform.js
apis.google.com/js/ |
54 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
authorization.css
www.blogger.com/dyn-css/ |
1 B 684 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cse.js
cse.google.com/ |
9 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
300px-Facebook_icon_2013.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/f/fb/Facebook_icon_2013.svg/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Ned_Tu_ge6GgJZ_lIO_5mieIEmjDpq9kfgD05wapmvzcInvT4qQMxhxq_hEazf8ZsqA=w300
lh3.googleusercontent.com/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Gmail_Icon.png
upload.wikimedia.org/wikipedia/commons/4/4e/ |
27 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
google_search.png
store.i95dev.com/media/wysiwyg/ |
57 KB 57 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookienotice.js
www.custom-google-search.ga/js/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1852870454-widgets.js
www.blogger.com/static/v1/widgets/ |
154 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/ |
180 KB 60 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ |
47 B 455 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
invoke.js
www.bnserving.com/ |
11 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
navbar.g
www.blogger.com/ Frame 586D |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
authorization.css
www.blogger.com/dyn-css/ |
1 B 43 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
platform:gapi.iframes.style.common.js
apis.google.com/js/ Frame 586D |
54 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.I9sG9xyb3VQ.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8-cMaMElt8d8ktYL2gFA9BehJHLQ/ Frame 586D |
134 KB 45 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stats
simplewebanalysis.com/ |
40 B 308 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stats
simplewebanalysis.com/ |
40 B 309 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cse_element__en.js
www.google.com/cse/static/element/b2d1a4d4a8892464/ |
309 KB 103 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default+en.css
www.google.com/cse/static/element/b2d1a4d4a8892464/ |
41 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.css
www.google.com/cse/static/style/look/v4/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slider.php
uprimp.com/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
watch.745408776448.js
www.urldelivery.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
watch.395698044900.js
www.urldelivery.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.7.2.min.js
code.jquery.com/ |
93 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
async-ads.js
cse.google.com/adsense/search/ |
140 KB 52 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear.png
www.google.com/cse/static/css/v2/ |
1018 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
branding.png
www.google.com/cse/static/images/1x/en/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generate_204
clients1.google.com/ |
0 117 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generate_204
www.googleapis.com/ |
0 117 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
banner_show.php
uprimp.com/ Frame 34A7 |
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
but_close.png
ylx-i.advertica-cdn2.com/ |
664 B 923 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
watch.745408776448
www.urldelivery.com/ Frame A727 |
115 B 849 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
watch.395698044900
www.urldelivery.com/ Frame D05A |
115 B 751 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show.php
uprimp.com/ Frame F235 |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
dibab.click/08c73116f6/82b174e040/ Frame F235 |
1 KB 902 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pub_upk7x1.png
ylx-i.advertica-cdn2.com/aff/ Frame F235 |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_n_small.png
ylx-i.advertica-cdn2.com/ Frame F235 |
2 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
uprimp.com/trk/ Frame F235 |
43 B 268 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
dibab.click/08c73116f6/82b174e040/ Frame 717D |
81 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.urldelivery.com
- URL
- https://www.urldelivery.com/watch.745408776448.js?key=37182f7f856edd5267b5482bf2e3fbf1&kw=%5B%22custom%22%2C%22google%22%2C%22search%22%5D&refer=https%3A%2F%2Fwww.custom-google-search.ga%2F&tz=0&dev=r&res=4.31&uuid=96be70a7-5bfb-47ea-bff7-98ba171cb1d6%3A1%3A1
- Domain
- www.urldelivery.com
- URL
- https://www.urldelivery.com/watch.395698044900.js?key=4d549fc94bda281a31412c9ac677f326&kw=%5B%22custom%22%2C%22google%22%2C%22search%22%5D&refer=https%3A%2F%2Fwww.custom-google-search.ga%2F&tz=0&dev=r&res=4.31&uuid=087b37b6-d9ba-456a-bca0-1b97c6855237%3A3%3A1
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online)83 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| adsbygoogle function| setAttributeOnload object| gapi object| ___jsl object| osapi object| gadgets object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow boolean| google_empty_script_included object| LieDetector object| atAsyncContainers object| __gcse number| winW object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol object| headTag object| jqTag function| jq_show string| omitformtags function| disableselect function| reEnable function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices function| _googCsa number| nextSearchboxId function| $ function| jQuery number| googleNDT_ number| googleAltLoader boolean| yxsc8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
dibab.click/08c73116f6/82b174e040 | Name: total_impressions Value: 1 |
|
simplewebanalysis.com/ | Name: uid_id2 Value: 087b37b6-d9ba-456a-bca0-1b97c6855237:3:1 |
|
.custom-google-search.ga/ | Name: 494668b4c0ef4d25bda4e75c27de2817 Value: 087b37b6-d9ba-456a-bca0-1b97c6855237%3A3%3A1 |
|
.uprimp.com/ | Name: used_ad2558629 Value: 1 |
|
.uprimp.com/ | Name: total_impressions Value: 1 |
|
.uprimp.com/ | Name: cpa_673873 Value: 728x90_613974592_5 |
|
dibab.click/ | Name: used_ad2558629 Value: 1 |
|
www.urldelivery.com/ | Name: u_pl Value: 13833043,13833022 |
10 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
apis.google.com
clients1.google.com
code.jquery.com
cse.google.com
custom-google-search.ga
dibab.click
lh3.googleusercontent.com
pagead2.googlesyndication.com
simplewebanalysis.com
store.i95dev.com
upload.wikimedia.org
uprimp.com
www.blogger.com
www.bnserving.com
www.custom-google-search.ga
www.google.com
www.googleapis.com
www.urldelivery.com
ylx-i.advertica-cdn2.com
www.urldelivery.com
185.66.200.127
185.66.200.220
185.66.201.43
192.243.59.12
192.243.59.13
2001:4de0:ac18::1:a:2b
216.239.32.21
2620:0:862:ed1a::2:b
2a00:1450:4001:801::2013
2a00:1450:4001:803::200e
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2009
50.116.10.214
52.58.253.53
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
190f26b6ca8a373b93ebb537988f426953885e75816de2ef852f03f63a71e4c0
224bb06234df291883a230938dccb15657d699a646cc98f26fa13e10f63fc540
25a179bda8fbc6370bbe8909083060f65baf14bc8aaf55c04d376328f3937936
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
37fd3601f141256ba274c063d5915626a24d906d74eaa4fbe2c1e38c601e23e7
392f1712af09c14cdc20e55fc99010bba2f3a019d8c817cfb1ebbe1eaa1b3c7b
41e5b0ab801a68f6687cbcdd5dc204483e66b99e2e398e583ef0e2e0aa79a494
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4a632984a3a1b537fe027b244c023e601095f23d6c3b5f1930acb20b773dda22
57bca4c5b764830392d8e4b6482fe19c7dddf0e8ae3627b68a22ebc398b27da3
5e799e546bb752a01a960423dded6f0f9fd94e5b65f4260f4d776863e42ed281
6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f
7007f87fa4160d7b947b6775a8f21d2ae3b10529002ecb082af52aae2a7780cc
7d4b49dc5658bd2bacb6c6d0df049a9f4ca07ffd66b03561224bd028393261a8
827a51b79d754958c72abf7b1f9cd293fa1deab16e76fd44457d04d42d589ad8
930c46c7605f05ace8b8f3bc398ff214f6216dba81ae4815c65971743abcf0ea
992826b176584df60085eba2f256765f56eab1c8e61dbaa12581829fc657c734
a20447d0980ebe4e2196225b6146121e9f29871f394ad5316e501d0733fb789f
a3a9e8652a79b51e0dd209ebd1da219ab13dc5fc8da7cafd64c0416ae81e9dbd
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
aceebc33e3c1aa5a8bb1f69c7089e820f29fe75318edf0ae56a31229c5cbd090
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5aa97bec8f27dc0247f02743acaf2f83017a7663e27375b317ab075450e35d4
bea2fa2e53c0235ca6f923a167ad52bc9981869e52d32c9bcb3a47285449462a
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
dad8f21ca7c0af80c8517b388ca04e68f80478af4125480b591c2356ba1bc1ea
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8601a761a7b7a60ae10c4df8b3f22682916dd847c9650b398e6cf8fe2e658fb
f28ce5befe08ed90a2e12b6b2a5e9fdafaa6ad173503079155260aa480c66590
f8673b2c72d7ae9a91bb149e2891c0f4ecd02e603494cd566287470f55ff3934
fb60f3e6cf0f9c0c02df93eaef8e9b8723fd32a725c99751890a30d8866145df
fbe8559ad3b4307678250a671b8c259adf8ded119c8d133d1b706f0f4879a051