![](/screenshots/18bf532f-a1e8-449c-860c-a9527d37259f.png)
www.moroccanslots.com
Open in
urlscan Pro
92.222.10.214
Malicious Activity!
Public Scan
Effective URL: http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/login.php
Submission: On August 26 via manual from AU
Summary
This is the only time www.moroccanslots.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Australian Government (Government)Domain & IP information
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
secure.quantserve.com | |
pixel.quantserve.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-28.dus51.r.cloudfront.net
p.cpx.to |
ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-73.dus51.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
rules.quantcount.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-70-238.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com |
ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com |
Domain | Requested by | |
---|---|---|
10 | www.moroccanslots.com |
3 redirects
urlz.fr
www.moroccanslots.com |
8 | ads.themoneytizer.com |
ajax.cloudflare.com
ads.themoneytizer.com |
2 | pixel.quantserve.com | 1 redirects |
2 | script.4dex.io |
ads.themoneytizer.com
script.4dex.io |
2 | rules.quantcount.com | 1 redirects |
2 | www.google-analytics.com |
www.googletagmanager.com
|
2 | onetag-sys.com |
ads.themoneytizer.com
|
2 | tag.leadplace.fr |
ads.themoneytizer.com
tag.leadplace.fr |
2 | urlz.fr | 1 redirects |
1 | ajax.googleapis.com |
d2zur9cc2gf1tx.cloudfront.net
|
1 | prebid-server.rubiconproject.com |
ads.themoneytizer.com
|
1 | ib.adnxs.com |
ads.themoneytizer.com
|
1 | d2zur9cc2gf1tx.cloudfront.net |
ads.themoneytizer.com
|
1 | p.cpx.to |
ads.themoneytizer.com
|
1 | secure.quantserve.com |
ads.themoneytizer.com
|
1 | spl.zeotap.com |
ads.themoneytizer.com
|
1 | gum.criteo.com |
ads.themoneytizer.com
|
1 | ced-ns.sascdn.com | |
1 | ww1097.smartadserver.com | 1 redirects |
1 | g.themoneytizer.net |
ads.themoneytizer.com
|
1 | www.googletagmanager.com |
ajax.cloudflare.com
|
1 | ajax.cloudflare.com |
urlz.fr
|
0 | adtrack.adleadevent.com Failed |
ajax.googleapis.com
|
0 | s.cpx.to Failed |
p.cpx.to
|
0 | shb.richaudience.com Failed |
ads.themoneytizer.com
|
0 | ads.servenobid.com Failed |
ads.themoneytizer.com
|
0 | a.teads.tv Failed |
ads.themoneytizer.com
|
0 | ice.360yield.com Failed |
ads.themoneytizer.com
|
0 | bidder.criteo.com Failed |
ads.themoneytizer.com
|
0 | fastlane.rubiconproject.com Failed |
ads.themoneytizer.com
|
0 | js-sec.indexww.com Failed |
ads.themoneytizer.com
|
0 | tag.contextweb.com Failed |
ads.themoneytizer.com
|
55 | 32 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ajax.cloudflare.com DigiCert ECC Secure Server CA |
2020-08-11 - 2022-08-16 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
g.themoneytizer.net GoGetSSL RSA DV CA |
2019-10-16 - 2022-01-17 |
2 years | crt.sh |
*.themoneytizer.com Sectigo RSA Domain Validation Secure Server CA |
2019-02-15 - 2021-02-14 |
2 years | crt.sh |
*.sascdn.com DigiCert SHA2 Secure Server CA |
2019-10-17 - 2020-10-16 |
a year | crt.sh |
*.criteo.com DigiCert ECC Secure Server CA |
2020-06-22 - 2020-09-20 |
3 months | crt.sh |
*.leadplace.fr Gandi Standard SSL CA 2 |
2018-09-06 - 2020-09-12 |
2 years | crt.sh |
onetag-sys.com Let's Encrypt Authority X3 |
2020-07-02 - 2020-09-30 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-05 - 2021-08-05 |
a year | crt.sh |
*.quantserve.com DigiCert SHA2 High Assurance Server CA |
2019-10-04 - 2020-10-07 |
a year | crt.sh |
p.cpx.to Sectigo RSA Domain Validation Secure Server CA |
2020-01-27 - 2021-02-08 |
a year | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2020-05-26 - 2021-04-21 |
a year | crt.sh |
*.rubiconproject.com DigiCert SHA2 Secure Server CA |
2019-01-10 - 2021-01-14 |
2 years | crt.sh |
*.adnxs.com DigiCert ECC Secure Server CA |
2019-01-23 - 2021-03-08 |
2 years | crt.sh |
This page contains 6 frames:
Primary Page:
http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/login.php
Frame ID: 94B2FEB3E9ADD720420532B2976D0DB2
Requests: 50 HTTP requests in this frame
Frame:
http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//4e1f41e930086be2756706a10ae83bc4/login.php
Frame ID: 2320F937C28C82E15F4EFC06D0B3EFD7
Requests: 1 HTTP requests in this frame
Frame:
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1598415300484
Frame ID: 955FAFBFF0DE91485E6BA194C36ACB44
Requests: 1 HTTP requests in this frame
Frame:
https://spl.zeotap.com/?env=mWeb&uc=2&zdid=1258&eventType=map
Frame ID: 953086D9B0CB73AAE80C4942B545CC6D
Requests: 1 HTTP requests in this frame
Frame:
http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//0a76136f54ef650ee91c52d7ea7668c8/login.php
Frame ID: 6DEC1224609389136D0A1195CF7024E6
Requests: 1 HTTP requests in this frame
Frame:
http://tag.leadplace.fr/wckr.php?nogdpr&id=MTIZ
Frame ID: 269C6FF354CE90D7AD3CB97D40E9D0CE
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/18bf532f-a1e8-449c-860c-a9527d37259f.png)
Page URL History Show full URLs
-
https://urlz.fr/dGm9
HTTP 301
http://urlz.fr/dGm9 Page URL
-
http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//wp-index.php
HTTP 302
http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15... Page URL
Detected technologies
Detected patterns
- headers server /^cloudflare$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://urlz.fr/dGm9
HTTP 301
http://urlz.fr/dGm9 Page URL
-
http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//wp-index.php
HTTP 302
http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/login.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://urlz.fr/dGm9 HTTP 301
- http://urlz.fr/dGm9
- http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//wp-index.php HTTP 302
- http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//4e1f41e930086be2756706a10ae83bc4/login.php
- https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
- https://ced-ns.sascdn.com/diff/js/smart.js
- http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//wp-index.php HTTP 302
- http://www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//0a76136f54ef650ee91c52d7ea7668c8/login.php
- https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
- https://id5-sync.com/c/12/0/9/1.gif?gdpr=0&gdpr_consent= HTTP 302
- https://ib.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
- http://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js HTTP 301
- https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
- http://pixel.quantserve.com/pixel;r=771245877;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2FdGm9;fpan=1;fpa=P0-175184649-1598415300729;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;ref=;d=urlz.fr;je=0;sr=1600x1200x24;enc=n;dst=1;et=1598415300729;tzo=-120;ogl= HTTP 301
- https://pixel.quantserve.com/pixel;r=771245877;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2FdGm9;fpan=1;fpa=P0-175184649-1598415300729;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;ref=;d=urlz.fr;je=0;sr=1600x1200x24;enc=n;dst=1;et=1598415300729;tzo=-120;ogl=
55 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
dGm9
urlz.fr/ Redirect Chain
|
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.php
www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//4e1f41e930086be2756706a10ae83bc4/ Frame 2320 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
89 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
requestform.js
ads.themoneytizer.com/s/ |
65 KB 12 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gen.js
ads.themoneytizer.com/s/ |
9 KB 4 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
requestform.js
ads.themoneytizer.com/s/ |
68 KB 12 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gen.js
ads.themoneytizer.com/s/ |
9 KB 4 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
requestform.js
ads.themoneytizer.com/s/ |
68 KB 12 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gen.js
ads.themoneytizer.com/s/ |
9 KB 4 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
g.themoneytizer.net/g/ |
26 B 200 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moneybile.js
ads.themoneytizer.com/ |
38 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
getjs.static.js
tag.contextweb.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smart.js
ced-ns.sascdn.com/diff/js/ Redirect Chain
|
30 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
gum.criteo.com/ |
49 B 370 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
libJsLP.js
tag.leadplace.fr/ |
3 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
onetag-sys.com/usync/ Frame 955F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
spl.zeotap.com/ Frame 9530 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quant.js
secure.quantserve.com/ |
22 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
px.js
p.cpx.to/p/12773/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ |
25 KB 26 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
186329-261067657875242.js
js-sec.indexww.com/ht/p/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prebid.js
ads.themoneytizer.com/moneybid3_20/build/dist/ |
391 KB 125 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.php
www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//0a76136f54ef650ee91c52d7ea7668c8/ Frame 6DEC Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
bounce
ib.adnxs.com/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ Redirect Chain
|
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/2+Q/46 |
collect
www.google-analytics.com/r/ |
35 B 365 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wckr.php
tag.leadplace.fr/ Frame 269C |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
localstore.js
script.4dex.io/ |
450 B 746 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
auction
prebid-server.rubiconproject.com/openrtb2/ |
112 B 315 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fastlane.json
fastlane.rubiconproject.com/a/api/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
cdb
bidder.criteo.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
prebid
ib.adnxs.com/ut/v3/ |
19 B 705 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
hb
ice.360yield.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
bid-request
a.teads.tv/hb/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
adreq
ads.servenobid.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
prebid-request
onetag-sys.com/ |
15 B 437 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
/
shb.richaudience.com/hb/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
/
shb.richaudience.com/hb/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
/
shb.richaudience.com/hb/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
/
shb.richaudience.com/hb/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
moneybid.js
ads.themoneytizer.com/bidder1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
moneybid.js
ads.themoneytizer.com/bidder1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
moneybid.js
ads.themoneytizer.com/bidder1/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
login.php
www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/ Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fire.js
s.cpx.to/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel;r=771245877;labels=Categories.hobbiesandinterests;rf=0;a=p-6Fv0cGNfc_bw8;url=http%3A%2F%2Furlz.fr%2FdGm9;fpan=1;fpa=P0-175184649-1598415300729;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;g...
pixel.quantserve.com/ Redirect Chain
|
35 B 371 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adagio.js
script.4dex.io/ |
63 KB 19 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
notifyme.php
adtrack.adleadevent.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
image.css
www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/img/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
user.png
www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pass.png
www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
backlog.png
www.moroccanslots.com//wp-includes//pome//jcs//container//pre//app//au//5f6f93f1519ea470da72575a15eb9d6f/img/ |
102 KB 102 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- tag.contextweb.com
- URL
- https://tag.contextweb.com/getjs.static.js
- Domain
- js-sec.indexww.com
- URL
- https://js-sec.indexww.com/ht/p/186329-261067657875242.js
- Domain
- ib.adnxs.com
- URL
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
- Domain
- fastlane.rubiconproject.com
- URL
- https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1124628%3B1078226%3B1078310&size_id=15%3B2%3B2&alt_size_ids=2%2C55%2C58%2C221%3B19%2C43%2C44%2C117%3B19%2C43%2C44%2C117&p_pos=atf&gdpr=0&rp_schain=1.0,1!themoneytizer.com,15056,1,,,&rf=https%3A%2F%2Furlz.fr&kw=15056&tg_i.siteid=15056&tk_flint=pbjs_lite_v3.20.0&x_source.tid=efdbd5cd-ead9-45eb-9b56-0349e35d6412%3B5ad8c4aa-2242-453e-9dda-7af04750d973%3B76871355-9f38-4eaa-acc5-1206447d0a17&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=3&rand=0.6631091228248038
- Domain
- bidder.criteo.com
- URL
- https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.20.0&cb=66894552275
- Domain
- ice.360yield.com
- URL
- https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%22391a18ee3132d04%22%2C%22version%22%3A%227.0.0-JS-6.3.0%22%2C%22referrer%22%3A%22http%3A%2F%2Furlz.fr%2FdGm9%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22themoneytizer.com%22%2C%22sid%22%3A%2215056%22%2C%22hp%22%3A1%7D%5D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22151ea0b23780d8a%22%2C%22pid%22%3A%2222124029%22%2C%22tid%22%3A%228e8fe5d3-f5f9-4fbd-b56c-56a22a497afc%22%2C%22banner%22%3A%7B%7D%7D%2C%7B%22id%22%3A%22163ad1cfd2379bb%22%2C%22pid%22%3A%2212065816%22%2C%22tid%22%3A%22efdbd5cd-ead9-45eb-9b56-0349e35d6412%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A90%7D%2C%7B%22w%22%3A1000%2C%22h%22%3A30%7D%2C%7B%22w%22%3A990%2C%22h%22%3A90%7D%2C%7B%22w%22%3A950%2C%22h%22%3A90%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%7D%5D%7D%7D%2C%7B%22id%22%3A%2217820f034cfcd93%22%2C%22pid%22%3A%221121190%22%2C%22tid%22%3A%225ad8c4aa-2242-453e-9dda-7af04750d973%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%2C%7B%22id%22%3A%221867e7a5be726ad%22%2C%22pid%22%3A%221121191%22%2C%22tid%22%3A%2276871355-9f38-4eaa-acc5-1206447d0a17%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%7D%2C%7B%22w%22%3A320%2C%22h%22%3A100%7D%2C%7B%22w%22%3A300%2C%22h%22%3A100%7D%5D%7D%7D%5D%7D%7D
- Domain
- a.teads.tv
- URL
- https://a.teads.tv/hb/bid-request
- Domain
- ads.servenobid.com
- URL
- https://ads.servenobid.com/adreq?cb=2665
- Domain
- shb.richaudience.com
- URL
- https://shb.richaudience.com/hb/
- Domain
- shb.richaudience.com
- URL
- https://shb.richaudience.com/hb/
- Domain
- shb.richaudience.com
- URL
- https://shb.richaudience.com/hb/
- Domain
- shb.richaudience.com
- URL
- https://shb.richaudience.com/hb/
- Domain
- ads.themoneytizer.com
- URL
- https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=11&formatid=video&size=desktop&country=undefined
- Domain
- ads.themoneytizer.com
- URL
- https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=1&formatid=26322&size=desktop&country=CH
- Domain
- ads.themoneytizer.com
- URL
- https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=15056&adid=28&formatid=30012&size=desktop&country=CH
- Domain
- s.cpx.to
- URL
- https://s.cpx.to/fire.js?pid=12773&ref=&hn_ver=11&fid=4f5b2f95-8dd1-4f1f-96fb-2d3e0cfa1924
- Domain
- adtrack.adleadevent.com
- URL
- https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Australian Government (Government)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| submit object| el_down string| Name function| GFG_Fun0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.teads.tv
ads.servenobid.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.cloudflare.com
ajax.googleapis.com
bidder.criteo.com
ced-ns.sascdn.com
d2zur9cc2gf1tx.cloudfront.net
fastlane.rubiconproject.com
g.themoneytizer.net
gum.criteo.com
ib.adnxs.com
ice.360yield.com
js-sec.indexww.com
onetag-sys.com
p.cpx.to
pixel.quantserve.com
prebid-server.rubiconproject.com
rules.quantcount.com
s.cpx.to
script.4dex.io
secure.quantserve.com
shb.richaudience.com
spl.zeotap.com
tag.contextweb.com
tag.leadplace.fr
urlz.fr
ww1097.smartadserver.com
www.google-analytics.com
www.googletagmanager.com
www.moroccanslots.com
a.teads.tv
ads.servenobid.com
ads.themoneytizer.com
adtrack.adleadevent.com
bidder.criteo.com
fastlane.rubiconproject.com
ib.adnxs.com
ice.360yield.com
js-sec.indexww.com
s.cpx.to
shb.richaudience.com
tag.contextweb.com
13.226.155.28
13.226.156.73
145.239.192.166
145.239.193.145
151.139.241.23
185.33.220.240
185.86.137.32
2600:9000:2182:f400:6:44e3:f8c0:93a1
2606:4700:10::6816:1857
2606:4700:3038::681f:ab2
2606:4700::6810:a823
2606:4700:e2::ac40:8620
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:802::2008
2a00:1450:4001:802::200e
2a00:1450:4001:821::200a
2a01:4a0:1338:28::c38a:ff10
2a02:2638:1::13
3.121.70.238
51.89.9.251
92.222.10.214
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
06410fe0d6024ba0c2e0945c3ada3b0e1d3396ceadc0b413f188553fe487abde
0db100b94e87ba4d2397d0f164b596919fe53afefd0951e7198420b519476c1f
24f85d914df50a3785eaeed932eab1fd4cbec751c51376321436d853963a46dd
2ae025d04663287951fdfa802d16b9be85e33bcc8ae2a97d25ffbe500e17ae6d
2f59e0255a37e34f2e6baebdf85d3c5c8cac5e86538f96e8d8f300ddbce0caa4
4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3
51a89388e47fd3e3f32662d9b6633736a080031d12e9ad910bd3a22c7f4dc436
6fc43af08a1b5a63d3b344adf855c70aceb227d65cfcd2eb413f1f963f192913
8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce
906253670034b32ef537880c09c5b7084445b0bb5deec5790906f0dada15b8a9
a4a71f737a1c818d771021917a6f86161a9756a1528fc79a66b8efe28a3ec61f
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
bd80838c5136bf60d28581d0b436a002e8ee34d737a666fbd1d45fa7a6473cb1
c4cc933872f10b2d6f77cb739b1737d34b9c8e9045357058c86b0776e44e077f
d4e278d74dde6b19a4cd9456a323c6b2240ae9d5c1f364bb7fe5af713ac8a445
df8c0a338715a333687f5a25f14e5baedc7781aed18495b55a693734fed62e3b
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
ffe90bb8da182c32b3682ad3578def5553aa468f8a2f393cdc09435a7e6bdbb2