jadetodunk.com
Open in
urlscan Pro
168.100.9.32
Malicious Activity!
Public Scan
Submitted URL: http://velocityfilmworks.com/rd/c95304xgMel3269147vymm107pjQ1957nQju2364
Effective URL: https://jadetodunk.com/b54d3947-49eb-51b0-baae-b056cacec15b?suid=0e1179e4-75fd-4bdc-b1d9-1719c02c3e10&cdpnuid=6556034e-...
Submission: On January 13 via manual from IT — Scanned from IT
Effective URL: https://jadetodunk.com/b54d3947-49eb-51b0-baae-b056cacec15b?suid=0e1179e4-75fd-4bdc-b1d9-1719c02c3e10&cdpnuid=6556034e-...
Submission: On January 13 via manual from IT — Scanned from IT
Summary
This website contacted 4 IPs
in 4 countries
across 7 domains to perform 28 HTTP transactions.
The main IP is 168.100.9.32, located in
Amsterdam, Netherlands and
belongs to BLNWX, US.
The main domain is jadetodunk.com.
TLS certificate: Issued by R3 on December 19th 2023. Valid for: 3 months.
This is the only time jadetodunk.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on December 19th 2023. Valid for: 3 months.
This is the only time jadetodunk.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 2 | 69.163.46.15 69.163.46.15 | 26388 (FIBERFI) (FIBERFI) | |
| 1 1 | 194.145.208.238 194.145.208.238 | 200514 (KNOWNSRV) (KNOWNSRV) | |
| 1 1 | 35.241.26.240 35.241.26.240 | 15169 (GOOGLE) (GOOGLE) | |
| 1 1 | 45.61.137.100 45.61.137.100 | 399629 (BLNWX) (BLNWX) | |
| 2 | 168.100.9.32 168.100.9.32 | 399629 (BLNWX) (BLNWX) | |
| 24 | 169.150.247.38 169.150.247.38 | 60068 (CDN77 ^_^) (CDN77 ^_^) | |
| 1 | 104.20.81.5 104.20.81.5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 28 | 4 |
1
35.241.26.240
(Mountain View, United States)
ASN15169 (GOOGLE, US)
PTR: 240.26.241.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 240.26.241.35.bc.googleusercontent.com
| www.a2ccecmtrk.com |
24
169.150.247.38
(Frankfurt am Main, Germany)
ASN60068 (CDN77 ^_^, GB)
PTR: 169-150-247-38.bunnyinfra.net
ASN60068 (CDN77 ^_^, GB)
PTR: 169-150-247-38.bunnyinfra.net
| cdn069.b-cdn.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 24 |
b-cdn.net
cdn069.b-cdn.net |
3 MB |
| 2 |
jadetodunk.com
jadetodunk.com |
10 KB |
| 2 |
velocityfilmworks.com
1 redirects
velocityfilmworks.com |
587 B |
| 1 |
bill1st.com
secure3d.bill1st.com |
5 KB |
| 1 |
milkaskcan.com
1 redirects
milkaskcan.com |
621 B |
| 1 |
a2ccecmtrk.com
1 redirects
www.a2ccecmtrk.com |
526 B |
| 1 |
mindfulbecoming.com
1 redirects
www.mindfulbecoming.com |
638 B |
| 28 | 7 |
| Domain | Requested by | |
|---|---|---|
| 24 | cdn069.b-cdn.net |
jadetodunk.com
cdn069.b-cdn.net |
| 2 | jadetodunk.com |
velocityfilmworks.com
cdn069.b-cdn.net |
| 2 | velocityfilmworks.com | 1 redirects |
| 1 | secure3d.bill1st.com |
jadetodunk.com
|
| 1 | milkaskcan.com | 1 redirects |
| 1 | www.a2ccecmtrk.com | 1 redirects |
| 1 | www.mindfulbecoming.com | 1 redirects |
| 28 | 7 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| jadetodunk.com R3 |
2023-12-19 - 2024-03-18 |
3 months | crt.sh |
| *.b-cdn.net Sectigo RSA Domain Validation Secure Server CA |
2023-11-05 - 2024-11-11 |
a year | crt.sh |
| *.bill1st.com GlobalSign GCC R3 DV TLS CA 2020 |
2023-09-21 - 2024-10-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://jadetodunk.com/b54d3947-49eb-51b0-baae-b056cacec15b?suid=0e1179e4-75fd-4bdc-b1d9-1719c02c3e10&cdpnuid=6556034e-dc62-1de9-0064-a83cc886a0f3&clickid=5e6ec047b9ae4cda91ca690a676f661e&source=6119_3509
Frame ID: 419BDA0795ABEBE76ACECB8DDB60728A
Requests: 28 HTTP requests in this frame
Screenshot
Page Title
Temu - Premi del sondaggioPage URL History Show full URLs
- http://velocityfilmworks.com/rd/c95304xgMel3269147vymm107pjQ1957nQju2364 Page URL
-
http://velocityfilmworks.com/track/c95304xgMel3269147vymm107pjQ1957nQju2364
HTTP 302
https://www.mindfulbecoming.com/6N9L1SL/269FS9XW/?sub1=11&sub2=2364-95304&sub3=3269147-107-1957 HTTP 302
https://www.a2ccecmtrk.com/BWRDM4N/6RGWCQ3N/?source_id=3509&sub3=f548ad31deb14b99adf95eaa2348d363 HTTP 302
https://milkaskcan.com/48026b3d-6f56-54a5-593a-c032563300c9?cdpnuid=6556034e-dc62-1de9-0064-a83cc88... HTTP 303
https://jadetodunk.com/b54d3947-49eb-51b0-baae-b056cacec15b?suid=0e1179e4-75fd-4bdc-b1d9-1719c02c3e... Page URL
Detected technologies
animate.css (Web Frameworks) Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://velocityfilmworks.com/rd/c95304xgMel3269147vymm107pjQ1957nQju2364 Page URL
-
http://velocityfilmworks.com/track/c95304xgMel3269147vymm107pjQ1957nQju2364
HTTP 302
https://www.mindfulbecoming.com/6N9L1SL/269FS9XW/?sub1=11&sub2=2364-95304&sub3=3269147-107-1957 HTTP 302
https://www.a2ccecmtrk.com/BWRDM4N/6RGWCQ3N/?source_id=3509&sub3=f548ad31deb14b99adf95eaa2348d363 HTTP 302
https://milkaskcan.com/48026b3d-6f56-54a5-593a-c032563300c9?cdpnuid=6556034e-dc62-1de9-0064-a83cc886a0f3&clickid=5e6ec047b9ae4cda91ca690a676f661e&source=6119_3509 HTTP 303
https://jadetodunk.com/b54d3947-49eb-51b0-baae-b056cacec15b?suid=0e1179e4-75fd-4bdc-b1d9-1719c02c3e10&cdpnuid=6556034e-dc62-1de9-0064-a83cc886a0f3&clickid=5e6ec047b9ae4cda91ca690a676f661e&source=6119_3509 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
c95304xgMel3269147vymm107pjQ1957nQju2364
velocityfilmworks.com/rd/ |
243 B 360 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
b54d3947-49eb-51b0-baae-b056cacec15b
jadetodunk.com/ Redirect Chain
|
46 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
cdn069.b-cdn.net/cam/temu/css/ |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
animate.min.css
cdn069.b-cdn.net/cam/temu/css/ |
70 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
datehead_it.js
cdn069.b-cdn.net/cam/temu/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.png
cdn069.b-cdn.net/cam/temu/img/ |
25 KB 25 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
it.png
cdn069.b-cdn.net/cam/temu/img/flags/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
product.png
cdn069.b-cdn.net/cam/temu/img/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loadingRD.gif
cdn069.b-cdn.net/cam/temu/img/ |
122 KB 122 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
prize1.png
cdn069.b-cdn.net/cam/temu/img/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.jpg
cdn069.b-cdn.net/cam/temu/img/ |
40 KB 41 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
2.jpg
cdn069.b-cdn.net/cam/temu/img/ |
42 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
comm_pic_1.jpg
cdn069.b-cdn.net/cam/temu/img/ |
100 KB 101 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3.jpg
cdn069.b-cdn.net/cam/temu/img/ |
43 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
4.jpg
cdn069.b-cdn.net/cam/temu/img/ |
36 KB 36 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
comm_pic_2.jpg
cdn069.b-cdn.net/cam/temu/img/ |
68 KB 68 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5.jpg
cdn069.b-cdn.net/cam/temu/img/ |
41 KB 42 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f_guarantee.png
cdn069.b-cdn.net/cam/temu/img/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f_secure_1.png
cdn069.b-cdn.net/cam/temu/img/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo2.png
cdn069.b-cdn.net/cam/temu/img/ |
25 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
script_it.js
cdn069.b-cdn.net/cam/temu/js/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
connect_script.js
cdn069.b-cdn.net/scripts/connect_script/ |
25 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
events.js
cdn069.b-cdn.net/scripts/events_script/ |
714 B 953 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
tariff.js
cdn069.b-cdn.net/scripts/tariff_script/ |
458 B 828 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Bill1stSecure3D.js
secure3d.bill1st.com/js/v2/ |
19 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bg.png
cdn069.b-cdn.net/cam/temu/img/ |
252 KB 252 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loader.css
cdn069.b-cdn.net/assets/css/ |
830 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
open
jadetodunk.com/session/0e1179e4-75fd-4bdc-b1d9-1719c02c3e10/events/ |
52 B 564 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| datehax function| datenhax function| datenhay function| startTimer object| answers number| lastQnum function| toNext object| states object| dones object| loadImg object| loadBgCol function| drawloader number| qn number| dsq number| incq function| showPhase function| fillPlaceholders function| Secure3D3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| www.a2ccecmtrk.com/ | Name: uniqueClick_6RGWCQ3N Value: 421a9190-2a35-4d96-91c0-112d5d211fda:1705183031 |
|
| www.a2ccecmtrk.com/ | Name: transaction_id Value: 5e6ec047b9ae4cda91ca690a676f661e |
|
| secure3d.bill1st.com/ | Name: __cflb Value: 0H28v9yTPhRLd6RzmTEKcPwGpZv6ypDzQoLoyDyujzV |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn069.b-cdn.net
jadetodunk.com
milkaskcan.com
secure3d.bill1st.com
velocityfilmworks.com
www.a2ccecmtrk.com
www.mindfulbecoming.com
104.20.81.5
168.100.9.32
169.150.247.38
194.145.208.238
35.241.26.240
45.61.137.100
69.163.46.15
00282a3c3a1a87cab144d9e15b026061a6109a1f6343bc21d99b018d8e4a627a
06ef1deb5ac7f0dfa26bd10f62e566e4d6ab98e0612daa77936062c9fa191b8d
14ee91bb903be95a46d3c4023dc9a3bf1f6de7590e9a846f1647a1c142463f35
16dbd10cfbd8da8349b9a46bcf781426b0bc4d40a9b0cacfacebfc75d4374f54
2bf2e34bbb8e6e6b94e5f6f6df4d43397915f1240a7e0bf1d0e593c605f12a08
4308e22888f0019fd41957a6bc60508c701eae00bc85cb4d87eb42471d6774bd
5f35da4e7fb1655551bbd3efa33515c5f51d280d07f3807f13757040a952421b
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
625ea86dc2049e2a10146d128475c833a395ef0ccf4dbd3a9b54dc570bbc983a
6a456541117d462dba9918b2e62f72997edf894717b8e553b142d4c37967a276
6bffb943e732ebb9a9703c025001039b17d96b9395a373db901232814cbf1f64
789788242078e8474d7c4885491e481238fdd6aab7fb23418576c045f3f70436
823981f2e402963c245aa7233e20dd0b87534eabab986fedcbbeebfcde36f5b1
8fb5936738249141a93883e404b75e3a9ddcee8514b23f5a6480291e10489649
995983dd3c2cc7b46b03f2f5c8899929b3d75007b305b03eb96a865b3f69dfb3
9d3bf194eaee56f6159255c34875174fd6600ff74a7183b58d13d3d720861eba
a2f243b1d4db29e4e54b643d1450d2c36dfe3929fca736e9f01fe663fbbf21c3
a7dfd1f048d99e2acee9689e64eb8609636126d8cb595b28dce226b63c621947
afe5da794a1040d8615f4cceb983998384e4ebaa625080a2c68396569a7c85b2
bf97443d681d2bc0ca04b707d0d3d443bcf99b1bf4fc0af84ac51286d0b4e02b
c0954be6e9b06cd492d7c9f9ec0719613c019007eec889f249b5930f266f0e2b
c6c896e27ff1f1d6cb22ce652dcca916946ce9f003bcb4fe30d1265fcb531a95
ccb4cc2572eb9ba3d63fbe15c33232b26d864253fc6494e03ef42cd26ce8ecca
d2afcb8fbbecafd8e2c81783f1dca54504bb8fb038211ac2e4b8152370144a20
df25b894f7b101ce815dd4a35070ae8eea7fd405f144a072bf8ef82a634630f5
e0528008908f171d85c730f454bcbf9570d2129d195cdb908a5b5c7883025ddc
fa4ca2d6b477562a47d9a941b44c0f855453feb5bc60c29486ad01d1fe08043d