dfgggsdgsa.webcindario.com
Open in
urlscan Pro
5.57.226.202
Malicious Activity!
Public Scan
Effective URL: https://dfgggsdgsa.webcindario.com/app/facebook.com/?lang=en&key=7RLT2pWLl03RDn7N0Q7rZbLGTu4lNEiveuLVdJPsH5NidYSBbmM3NnvncCXannnptH...
Submission: On July 21 via automatic, source phishtank
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on June 25th 2019. Valid for: 3 months.
This is the only time dfgggsdgsa.webcindario.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 4 | 5.57.226.202 5.57.226.202 | 29119 (SERVIHOST...) (SERVIHOSTING-AS AireNetworks - StackScale) | |
7 | 2a00:1450:400... 2a00:1450:4001:81c::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 209.197.3.15 209.197.3.15 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
3 | 151.101.112.193 151.101.112.193 | 54113 (FASTLY) (FASTLY - Fastly) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2606:4700:20:... 2606:4700:20::6819:cf08 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2a00:1450:400... 2a00:1450:4001:824::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:1450:400... 2a00:1450:4001:824::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 3 | 2a00:1450:400... 2a00:1450:4001:81d::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 2 | 2a00:1450:400... 2a00:1450:400c:c09::9d | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 2 | 2a00:1450:400... 2a00:1450:4001:824::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:1450:400... 2a00:1450:4001:825::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 52.51.12.97 52.51.12.97 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
29 | 13 |
ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES)
dfgggsdgsa.webcindario.com |
ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com | |
googleads.g.doubleclick.net | |
www.googletagservices.com |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net
netdna.bootstrapcdn.com |
ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
hosting.miarroba.info |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com |
ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de | |
adservice.google.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google.de |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net | |
staticxx.facebook.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-51-12-97.eu-west-1.compute.amazonaws.com
des.smartclip.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
doubleclick.net
2 redirects
stats.g.doubleclick.net googleads.g.doubleclick.net |
317 B |
4 |
googlesyndication.com
pagead2.googlesyndication.com |
191 KB |
4 |
webcindario.com
1 redirects
dfgggsdgsa.webcindario.com |
23 KB |
3 |
google-analytics.com
2 redirects
www.google-analytics.com |
18 KB |
3 |
google.com
2 redirects
adservice.google.com www.google.com |
550 B |
3 |
google.de
adservice.google.de www.google.de |
389 B |
3 |
imgur.com
i.imgur.com |
58 KB |
2 |
facebook.net
connect.facebook.net |
62 KB |
2 |
miarroba.info
hosting.miarroba.info |
779 B |
1 |
facebook.com
staticxx.facebook.com |
|
1 |
smartclip.net
des.smartclip.net |
503 B |
1 |
googletagservices.com
www.googletagservices.com |
28 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
19 KB |
1 |
googleapis.com
ajax.googleapis.com fonts.googleapis.com Failed |
33 KB |
1 |
bootstrapcdn.com
netdna.bootstrapcdn.com |
5 KB |
0 |
histats.com
Failed
s10.histats.com Failed |
|
29 | 16 |
Domain | Requested by | |
---|---|---|
4 | pagead2.googlesyndication.com |
dfgggsdgsa.webcindario.com
pagead2.googlesyndication.com |
4 | dfgggsdgsa.webcindario.com |
1 redirects
dfgggsdgsa.webcindario.com
|
3 | www.google-analytics.com |
2 redirects
www.googletagmanager.com
|
3 | i.imgur.com |
dfgggsdgsa.webcindario.com
|
2 | connect.facebook.net |
dfgggsdgsa.webcindario.com
connect.facebook.net |
2 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
2 | www.google.de |
dfgggsdgsa.webcindario.com
|
2 | www.google.com | 2 redirects |
2 | stats.g.doubleclick.net | 2 redirects |
2 | hosting.miarroba.info |
dfgggsdgsa.webcindario.com
|
1 | staticxx.facebook.com |
connect.facebook.net
|
1 | des.smartclip.net |
dfgggsdgsa.webcindario.com
|
1 | www.googletagservices.com |
pagead2.googlesyndication.com
|
1 | adservice.google.com |
pagead2.googlesyndication.com
|
1 | adservice.google.de |
pagead2.googlesyndication.com
|
1 | www.googletagmanager.com |
dfgggsdgsa.webcindario.com
|
1 | ajax.googleapis.com |
dfgggsdgsa.webcindario.com
|
1 | netdna.bootstrapcdn.com |
dfgggsdgsa.webcindario.com
|
0 | s10.histats.com Failed |
dfgggsdgsa.webcindario.com
|
0 | fonts.googleapis.com Failed |
dfgggsdgsa.webcindario.com
|
29 | 20 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.histats.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
webcindario.com Let's Encrypt Authority X3 |
2019-06-25 - 2019-09-23 |
3 months | crt.sh |
*.g.doubleclick.net Google Internet Authority G3 |
2019-06-18 - 2019-09-10 |
3 months | crt.sh |
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA |
2018-10-03 - 2019-10-12 |
a year | crt.sh |
1970-01-01 - 1970-01-01 |
a few seconds | crt.sh | |
*.googleapis.com Google Internet Authority G3 |
2019-06-18 - 2019-09-10 |
3 months | crt.sh |
ssl391079.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-07-02 - 2020-01-08 |
6 months | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2019-06-18 - 2019-09-10 |
3 months | crt.sh |
*.google.com Google Internet Authority G3 |
2019-06-18 - 2019-09-10 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-06-06 - 2019-09-04 |
3 months | crt.sh |
*.smartclip.net Amazon |
2019-03-28 - 2020-04-28 |
a year | crt.sh |
This page contains 6 frames:
Primary Page:
https://dfgggsdgsa.webcindario.com/app/facebook.com/?lang=en&key=7RLT2pWLl03RDn7N0Q7rZbLGTu4lNEiveuLVdJPsH5NidYSBbmM3NnvncCXannnptHGxNN6tEzdbATXCv0TrpyEv6kHC8YzvgtwAHMzbFn4QdsUEFV6mt3LtTuAFL4dAuj4MFtbuyHVdjGDXM2zyJad52EFFRSi79Tg5qdiK0DRDl04H9bdaXd11zVyk34T1V169E8zw
Frame ID: D86CF2C932F7ECE04E0883E9A7893FDF
Requests: 24 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/pagead/js/r20190715/r20190131/show_ads_impl.js
Frame ID: D3B325A998BFECC91B8D5DB28F0B04B2
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20190715/r20190131/zrt_lookup.html
Frame ID: EDA62E17D6EE678DFF9419266F715F07
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3025194257&lmt=1563684385&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fdfgggsdgsa.webcindario.com%2Fapp%2Ffacebook.com%2F%3Flang%3Den%26key%3D7RLT2pWLl03RDn7N0Q7rZbLGTu4lNEiveuLVdJPsH5NidYSBbmM3NnvncCXannnptHGxNN6tEzdbATXCv0TrpyEv6kHC8YzvgtwAHMzbFn4QdsUEFV6mt3LtTuAFL4dAuj4MFtbuyHVdjGDXM2zyJad52EFFRSi79Tg5qdiK0DRDl04H9bdaXd11zVyk34T1V169E8zw&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1563684369975&bpp=15365&bdt=54&fdt=15366&idt=15367&shv=r20190715&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=1476411611933&frm=20&pv=2&ga_vid=149867541.1563684385&ga_sid=1563684385&ga_hid=559896167&ga_fc=0&iag=0&icsg=2090&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=4143149035&ifi=0&uci=0.d6c9658cko46&fsb=1&dtd=15388
Frame ID: 27868D298DD57B933BE3AEBE27D591DA
Requests: 1 HTTP requests in this frame
Frame:
https://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Frame ID: 10AD4D1E323ED6672F4DAC527A1E88BA
Requests: 1 HTTP requests in this frame
Frame:
https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 08774EEA7AE0737421A9312CCD2D5438
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://dfgggsdgsa.webcindario.com/app/facebook.com/?key=7RLT2pWLl03RDn7N0Q7rZbLGTu4lNEiveuLVdJPsH5NidYSBbmM3Nn...
HTTP 302
https://dfgggsdgsa.webcindario.com/app/facebook.com/?lang=en&key=7RLT2pWLl03RDn7N0Q7rZbLGTu4lNEiveuLVdJPsH5NidY... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google AdSense (Advertising Networks) Expand
Detected patterns
- script /googlesyndication\.com\//i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: try {Histats.start(1,3205176,4,0,0,0,""); Histats.track_hits();} catch(err){};
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://dfgggsdgsa.webcindario.com/app/facebook.com/?key=7RLT2pWLl03RDn7N0Q7rZbLGTu4lNEiveuLVdJPsH5NidYSBbmM3NnvncCXannnptHGxNN6tEzdbATXCv0TrpyEv6kHC8YzvgtwAHMzbFn4QdsUEFV6mt3LtTuAFL4dAuj4MFtbuyHVdjGDXM2zyJad52EFFRSi79Tg5qdiK0DRDl04H9bdaXd11zVyk34T1V169E8zw
HTTP 302
https://dfgggsdgsa.webcindario.com/app/facebook.com/?lang=en&key=7RLT2pWLl03RDn7N0Q7rZbLGTu4lNEiveuLVdJPsH5NidYSBbmM3NnvncCXannnptHGxNN6tEzdbATXCv0TrpyEv6kHC8YzvgtwAHMzbFn4QdsUEFV6mt3LtTuAFL4dAuj4MFtbuyHVdjGDXM2zyJad52EFFRSi79Tg5qdiK0DRDl04H9bdaXd11zVyk34T1V169E8zw Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 16- https://www.google-analytics.com/r/collect?v=1&_v=j77&a=559896167&t=pageview&_s=1&dl=https%3A%2F%2Fdfgggsdgsa.webcindario.com%2Fapp%2Ffacebook.com%2F%3Flang%3Den%26key%3D7RLT2pWLl03RDn7N0Q7rZbLGTu4lNEiveuLVdJPsH5NidYSBbmM3NnvncCXannnptHGxNN6tEzdbATXCv0TrpyEv6kHC8YzvgtwAHMzbFn4QdsUEFV6mt3LtTuAFL4dAuj4MFtbuyHVdjGDXM2zyJad52EFFRSi79Tg5qdiK0DRDl04H9bdaXd11zVyk34T1V169E8zw&ul=en-us&de=ISO-8859-15&dt=Facebook%20application&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABC~&jid=779195680&gjid=1262520200&cid=59446476.1563684373&tid=UA-597118-7&_gid=285717909.1563684373&_r=1>m=2wg7f1T2VG59&z=1019404202 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-597118-7&cid=59446476.1563684373&jid=779195680&_gid=285717909.1563684373&gjid=1262520200&_v=j77&z=1019404202 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=59446476.1563684373&jid=779195680&_v=j77&z=1019404202 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=59446476.1563684373&jid=779195680&_v=j77&z=1019404202&slf_rd=1&random=3477513921
- https://www.google-analytics.com/r/collect?v=1&_v=j77&a=559896167&t=pageview&_s=1&dl=https%3A%2F%2Fdfgggsdgsa.webcindario.com%2Fapp%2Ffacebook.com%2F%3Flang%3Den%26key%3D7RLT2pWLl03RDn7N0Q7rZbLGTu4lNEiveuLVdJPsH5NidYSBbmM3NnvncCXannnptHGxNN6tEzdbATXCv0TrpyEv6kHC8YzvgtwAHMzbFn4QdsUEFV6mt3LtTuAFL4dAuj4MFtbuyHVdjGDXM2zyJad52EFFRSi79Tg5qdiK0DRDl04H9bdaXd11zVyk34T1V169E8zw&ul=en-us&de=ISO-8859-15&dt=Facebook%20application&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABC~&jid=1499333240&gjid=1738536938&cid=59446476.1563684373&tid=UA-597118-1&_gid=285717909.1563684373&_r=1>m=2wg7f1T2VG59&z=1855511809 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-597118-1&cid=59446476.1563684373&jid=1499333240&_gid=285717909.1563684373&gjid=1738536938&_v=j77&z=1855511809 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-1&cid=59446476.1563684373&jid=1499333240&_v=j77&z=1855511809 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-1&cid=59446476.1563684373&jid=1499333240&_v=j77&z=1855511809&slf_rd=1&random=1366907319
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
dfgggsdgsa.webcindario.com/app/facebook.com/ Redirect Chain
|
8 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
91 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
dfgggsdgsa.webcindario.com/app/facebook.com/css/ |
107 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/3.2.1/css/ |
22 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
dfgggsdgsa.webcindario.com/app/facebook.com/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
QV10nTE.png
i.imgur.com/ |
40 KB 41 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PcLUK1G.png
i.imgur.com/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ |
93 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LE87vI1.png
i.imgur.com/ |
282 B 801 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
hosting.miarroba.info/ |
1 KB 779 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
51 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ |
109 B 171 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 171 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190715/r20190131/ |
212 KB 79 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190715/r20190131/ Frame D3B3 |
212 KB 79 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css
fonts.googleapis.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ca-pub-7294310421616689.js
pagead2.googlesyndication.com/pub-config/r20160913/ |
108 B 206 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190715/r20190131/ Frame EDA6 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 2786 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
75 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
js15.js
s10.histats.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ads
des.smartclip.net/ |
20 B 503 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
607f6b0b381bbc1f64fa027d62891072_cookie.php
hosting.miarroba.info/ Frame 10AD |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdk.js
connect.facebook.net/en_US/ |
199 KB 59 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 0877 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- fonts.googleapis.com
- URL
- http://fonts.googleapis.com/css?family=Open+Sans:200,300,400,600
- Domain
- s10.histats.com
- URL
- http://s10.histats.com/js15.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)47 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| dataLayer object| adsbygoogle object| google_js_reporting_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots function| google_sa_impl object| google_tag_manager string| GoogleAnalyticsObject function| mia_ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| nobackbutton function| google_spfd object| google_sv_map object| google_t12n_vars object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| $ function| jQuery object| s string| t object| FB function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.hosting.miarroba.info/ | Name: __weslvu Value: 1563684370 |
|
.miarroba.info/ | Name: __cfduid Value: de979945362008ec42d3f4b282fd1f6911563684385 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
ajax.googleapis.com
connect.facebook.net
des.smartclip.net
dfgggsdgsa.webcindario.com
fonts.googleapis.com
googleads.g.doubleclick.net
hosting.miarroba.info
i.imgur.com
netdna.bootstrapcdn.com
pagead2.googlesyndication.com
s10.histats.com
staticxx.facebook.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
fonts.googleapis.com
s10.histats.com
151.101.112.193
209.197.3.15
2606:4700:20::6819:cf08
2a00:1450:4001:806::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::200e
2a00:1450:4001:824::2002
2a00:1450:4001:824::2004
2a00:1450:4001:824::2008
2a00:1450:4001:825::2003
2a00:1450:400c:c09::9d
2a03:2880:f02d:12:face:b00c:0:3
5.57.226.202
52.51.12.97
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
1c71555b1b59595174a231145a289e4a6ae66e51e20bd448bf0423efee3e58c8
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
419e667e0398756591d43988f5cc6726f61d39c4e51743d5ea8e9b91e61ce9f3
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
5213a0845be35b9b013864b15a56d63eecbe12ae216045f9528cc200b86526ff
53313e8ce4c9cb0b59ece70ca57a5a2b52ffe70f0154cb5a6d0f2b8f77341a7b
546abf0b415c76a9a8205fa3a879d7bc1d694ebaf7c3582cf459af13219079d3
58b54f4198467c953a6465c2955d3a6f3a6eb7f9f6263009906e2869e1171af0
617229202229089622770a111fef4f514877475b89056525185a70e0cbc5bc95
7285303c6f1bd19a091fb8046d1c43704c3f846461b957fe4198c3e051fce7eb
8e727a76b17bb2af0f5067238ae6f5cf8fda74e89edbceb303574a350b85f468
980741c8bd5872986546e8257bc5c91a4b95b79dd2ae550f5517589d1e9bf347
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
ab5348c9a46966e9f3ad463f7cf7eb265958b664dee473da5389b0b2377da843
abbbc4fc38f375fe0534cf1211c0beb051cce01a628a52ffaac96f9f8f7d1c00
b2a9c99239fa0a487f1dc690afab1585a4ea7e79751e60d59d709f496ead4fc5
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14cc540a528a0fdae077b124b63f73dcd72c7f1c47bc64c31a10f9e4972f440