urlscan.io logo urlscan.io
SecurityTrails logo

2428.luckbabyfuel.live Open in urlscan Pro
185.155.186.25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.arkwealthadvisers.co.uk/
Effective URL: https://2428.luckbabyfuel.live/pvsondvx/article2428.doc?u=rn2pd01&o=90lh731&cid=t2ukgncl22&f=1&sid=t5~4zwhsl50uxinkzakyao0bg2z&...
Submission: On November 24 via api from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 6 HTTP transactions. The main IP is 185.155.186.25, located in Switzerland and belongs to TEKNOLOGY, CH. The main domain is 2428.luckbabyfuel.live.
TLS certificate: Issued by R3 on November 24th 2023. Valid for: 3 months.
This is the only time 2428.luckbabyfuel.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 162.241.123.122 46606 (UNIFIEDLA...)
1 142.250.66.226 15169 (GOOGLE)
1 5.75.145.224 24940 (HETZNER-AS)
1 185.155.184.43 5398 (AS5398)
1 185.155.186.25 203639 (TEKNOLOGY)
6 6
1    162.241.123.122 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-123-122.unifiedlayer.com
www.arkwealthadvisers.co.uk
1    142.250.66.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f2.1e100.net
pagead2.googlesyndication.com
1    5.75.145.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.145.75.5.clients.your-server.de
telemetry.africa
1    185.155.184.43 (Switzerland)

ASN5398 (AS5398, CH)
newtopjackpot.life
1    185.155.186.25 (Switzerland)

ASN203639 (TEKNOLOGY, CH)
2428.luckbabyfuel.live
Domain Requested by
1 2428.luckbabyfuel.live newtopjackpot.life
1 newtopjackpot.life
1 telemetry.africa www.arkwealthadvisers.co.uk
1 pagead2.googlesyndication.com www.arkwealthadvisers.co.uk
1 www.arkwealthadvisers.co.uk
0 play.google.com Failed 2428.luckbabyfuel.live
6 6

This site contains no links.

Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
telemetry.africa
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
newtopjackpot.life
R3		 2023-10-11 -
2024-01-09		 3 months crt.sh
luckbabyfuel.live
R3		 2023-11-24 -
2024-02-22		 3 months crt.sh

This page contains 1 frames:

Frame: https://play.google.com/store/apps/details?id=com.tinder
Frame ID: F05C79687970BA40CBC90529FF806F5F
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.arkwealthadvisers.co.uk/ Page URL
  2. https://newtopjackpot.life/?u=rn2pd01&o=90lh731&cid=t2ukgncl22 Page URL
  3. https://2428.luckbabyfuel.live/pvsondvx/article2428.doc?u=rn2pd01&o=90lh731&cid=t2ukgncl22&f=1&sid=t5~4zwhs... Page URL

Page Statistics

6
Requests

67 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

46 kB
Transfer

52 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.arkwealthadvisers.co.uk/ Page URL
  2. https://newtopjackpot.life/?u=rn2pd01&o=90lh731&cid=t2ukgncl22 Page URL
  3. https://2428.luckbabyfuel.live/pvsondvx/article2428.doc?u=rn2pd01&o=90lh731&cid=t2ukgncl22&f=1&sid=t5~4zwhsl50uxinkzakyao0bg2z&fp=BxnHC3M63cSM5ZC00oI3ww%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://2428.luckbabyfuel.live/web/?sid=t5~4zwhsl50uxinkzakyao0bg2z HTTP 302
  • https://play.google.com/store/apps/details?id=com.tinder

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.arkwealthadvisers.co.uk/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.arkwealthadvisers.co.uk/
Protocol
HTTP/1.1
Server
162.241.123.122 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-123-122.unifiedlayer.com
Software
nginx/1.21.6 /
Resource Hash
41251e8057d20075b85a2b95394d32ac97293d5dfc8e9cbd8fbed3d542158025

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Content-Encoding
gzip
Content-Length
3877
Content-Type
text/html; charset=UTF-8
Date
Fri, 24 Nov 2023 09:28:30 GMT
Server
nginx/1.21.6
Vary
Accept-Encoding
X-Server-Cache
false
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.arkwealthadvisers.co.uk
URL: http://www.arkwealthadvisers.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://www.arkwealthadvisers.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 09:28:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52696
x-xss-protection
0
server
cafe
etag
15719073179693315564
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 24 Nov 2023 09:28:36 GMT
6tM3BSp5
telemetry.africa/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://telemetry.africa/6tM3BSp5?return=js.client&&se_referrer=&default_keyword=&landing_url=www.arkwealthadvisers.co.uk%2F&name=_pPhjWVjFGwN5CL76&host=https%3A%2F%2Ftelemetry.africa%2F6tM3BSp5
Requested by
Host: www.arkwealthadvisers.co.uk
URL: http://www.arkwealthadvisers.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.75.145.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.145.75.5.clients.your-server.de
Software
nginx /
Resource Hash
e7a2ab3f1bec17b28b093fd59ac183e9882a1b8adfde410fe1c91dd98c2d5a97

Request headers

accept-language
en-AU,en;q=0.9
Referer
http://www.arkwealthadvisers.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 24 Nov 2023 09:28:36 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
1688
Expires
Fri, 24 Nov 2023 09:28:36 GMT
/
newtopjackpot.life/ 		37 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newtopjackpot.life/?u=rn2pd01&o=90lh731&cid=t2ukgncl22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.155.184.43 , Switzerland, ASN5398 (AS5398, CH),
Reverse DNS
Software
nginx /
Resource Hash
fc37b18a9c99d5489c24bc1e72fe76960d2a5aa23f3eda97015f368245f91f89

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
38192
Content-Type
text/html
Date
Fri, 24 Nov 2023 09:28:37 GMT
Server
nginx
cache-control
private
Primary Request article2428.doc
2428.luckbabyfuel.live/pvsondvx/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2428.luckbabyfuel.live/pvsondvx/article2428.doc?u=rn2pd01&o=90lh731&cid=t2ukgncl22&f=1&sid=t5~4zwhsl50uxinkzakyao0bg2z&fp=BxnHC3M63cSM5ZC00oI3ww%3D%3D
Requested by
Host: newtopjackpot.life
URL: https://newtopjackpot.life/?u=rn2pd01&o=90lh731&cid=t2ukgncl22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Referer
https://newtopjackpot.life/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
1514
Content-Type
text/html
Date
Fri, 24 Nov 2023 09:28:39 GMT
Server
openresty
cache-control
private
details
play.google.com/store/apps/
Redirect Chain
  • https://2428.luckbabyfuel.live/web/?sid=t5~4zwhsl50uxinkzakyao0bg2z
  • https://play.google.com/store/apps/details?id=com.tinder
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
play.google.com
URL
https://play.google.com/store/apps/details?id=com.tinder

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
newtopjackpot.life/ Name: sid
Value: t5~4zwhsl50uxinkzakyao0bg2z
newtopjackpot.life/ Name: p1
Value: https://luckbabyfuel.live/pvsondvx/
newtopjackpot.life/ Name: s1
Value: xegw33tz4gn3fxx4