urlscan.io logo urlscan.io
SecurityTrails logo

allsimfreemb.wapkiz.com Open in urlscan Pro
51.91.178.106  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://allsimfreemb.wapkiz.com/index.html
Submission: On July 03 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 9 domains to perform 10 HTTP transactions. The main IP is 51.91.178.106, located in Netherlands and belongs to OVH, FR. The main domain is allsimfreemb.wapkiz.com.
This is the only time allsimfreemb.wapkiz.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

1    51.91.178.106 (Netherlands)

ASN16276 (OVH, FR)
PTR: ip106.ip-51-91-178.eu
allsimfreemb.wapkiz.com
1    2606:4700:3037::6812:3d51 (United States)

ASN13335 (CLOUDFLARENET, US)
fast.kizcdn.info
1    2a03:2880:f11c:8184:face:b00c:0:14c9 (Ireland)

ASN32934 (FACEBOOK, US)
z-m-static.xx.fbcdn.net
1    2606:4700:3031::681f:500d (United States)

ASN13335 (CLOUDFLARENET, US)
fhits.xyz
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:3035::681f:510d (United States)

ASN13335 (CLOUDFLARENET, US)
www.fhits.xyz
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2606:4700:3035::ac43:dc80 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn1.fhits.xyz
Domain Requested by
3 www.google-analytics.com 2 redirects fhits.xyz
2 www.google.de allsimfreemb.wapkiz.com
2 www.google.com 2 redirects
2 stats.g.doubleclick.net 2 redirects
1 cdn1.fhits.xyz allsimfreemb.wapkiz.com
1 www.fhits.xyz fhits.xyz
1 www.googletagmanager.com allsimfreemb.wapkiz.com
1 fhits.xyz allsimfreemb.wapkiz.com
1 z-m-static.xx.fbcdn.net allsimfreemb.wapkiz.com
1 fast.kizcdn.info allsimfreemb.wapkiz.com
1 allsimfreemb.wapkiz.com
10 11

This site contains links to these domains. Also see Links.

Domain
m.facebook.com
ad.jetx.info
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-11-24 -
2020-10-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-05-14 -
2020-08-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-06-17 -
2020-09-09		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-06-17 -
2020-09-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://allsimfreemb.wapkiz.com/index.html
Frame ID: 907B1D9245BAF8AD6D780A8ABEC84C95
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

10
Requests

60 %
HTTPS

91 %
IPv6

9
Domains

11
Subdomains

9
IPs

5
Countries

61 kB
Transfer

143 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1050074232&t=pageview&_s=1&dl=http%3A%2F%2Fallsimfreemb.wapkiz.com%2Findex.html&ul=en-us&de=UTF-8&dt=Facebook%20%E2%80%93%20log%20in%20or%20sign%20up&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=188311410&gjid=860926478&cid=182560505.1593787681&tid=UA-46789381-10&_gid=141503287.1593787681&_r=1&z=1704220586 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46789381-10&cid=182560505.1593787681&jid=188311410&_gid=141503287.1593787681&gjid=860926478&_v=j83&z=1704220586 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46789381-10&cid=182560505.1593787681&jid=188311410&_v=j83&z=1704220586 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46789381-10&cid=182560505.1593787681&jid=188311410&_v=j83&z=1704220586&slf_rd=1&random=408378315
Request Chain 7
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1050074232&t=pageview&_s=1&dl=http%3A%2F%2Fallsimfreemb.wapkiz.com%2Findex.html&ul=en-us&de=UTF-8&dt=Facebook%20%E2%80%93%20log%20in%20or%20sign%20up&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUAB~&jid=713540902&gjid=1353821842&cid=182560505.1593787681&tid=UA-46789381-15&_gid=141503287.1593787681&_r=1&gtm=2ou6o0&z=2032840102 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46789381-15&cid=182560505.1593787681&jid=713540902&_gid=141503287.1593787681&gjid=1353821842&_v=j83&z=2032840102 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46789381-15&cid=182560505.1593787681&jid=713540902&_v=j83&z=2032840102 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46789381-15&cid=182560505.1593787681&jid=713540902&_v=j83&z=2032840102&slf_rd=1&random=346024786

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set index.html
allsimfreemb.wapkiz.com/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://allsimfreemb.wapkiz.com/index.html
Protocol
HTTP/1.1
Server
51.91.178.106 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
ip106.ip-51-91-178.eu
Software
nginx /
Resource Hash
4e4907ee619847d0312872d594de0e265602af8d0485938be2e0611421aa73f0
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Host
allsimfreemb.wapkiz.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Fri, 03 Jul 2020 14:48:00 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
Vary
Accept-Encoding
Set-Cookie
PHPSESSID=pclk0ai1dj8i32le8mm5ejk772; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
style.css
fast.kizcdn.info/css/allsimfreemb.wapkiz.com/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fast.kizcdn.info/css/allsimfreemb.wapkiz.com/style.css
Requested by
Host: allsimfreemb.wapkiz.com
URL: http://allsimfreemb.wapkiz.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3d51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.0RC6
Resource Hash

Request headers

Referer
http://allsimfreemb.wapkiz.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jul 2020 14:48:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.4.0RC6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; charset=UTF-8
status
404
cache-control
no-cache
cf-ray
5ad167aebf151f4d-FRA
cf-request-id
03b6bf213300001f4d8fa72200000001
expires
-1
k97pj8-or6s.png
z-m-static.xx.fbcdn.net/rsrc.php/v2/y8/r/ 		809 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z-m-static.xx.fbcdn.net/rsrc.php/v2/y8/r/k97pj8-or6s.png
Requested by
Host: allsimfreemb.wapkiz.com
URL: http://allsimfreemb.wapkiz.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8184:face:b00c:0:14c9 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e0ff2e0f45b6ac64540fe750795196238188e4e3a5ae9138318dd555b23a2eae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://allsimfreemb.wapkiz.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug
q0SHxNT0m34X/+bo7bWyj//Od2qn3u1noOtVVnfF5pNN0u1+zdiHhb9kK1lOKXsH8djpPZgfb3t5ChuToMDy2Q==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
ZfLx61eYtTxQTtjePZDJWA==
date
Fri, 03 Jul 2020 14:48:00 GMT, Fri, 03 Jul 2020 14:48:00 GMT
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
809
expires
Sat, 03 Jul 2021 12:28:47 GMT
online.js
fhits.xyz/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://fhits.xyz/online.js
Requested by
Host: allsimfreemb.wapkiz.com
URL: http://allsimfreemb.wapkiz.com/index.html
Protocol
HTTP/1.1
Server
2606:4700:3031::681f:500d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2faf9df37125cefaa6f970a76a5279d96bdc30c0bdceacb9296a2c3dd0aeec8e

Request headers

Referer
http://allsimfreemb.wapkiz.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 03 Jul 2020 14:48:00 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
8392446
Cf-Polished
origSize=4445
Transfer-Encoding
chunked
Connection
keep-alive
cf-request-id
03b6bf20b600001e476c344200000001
Last-Modified
Tue, 01 Oct 2019 04:00:26 GMT
Server
cloudflare
ETag
W/"5d92cf5a-115d"
Vary
Accept-Encoding
Content-Type
application/javascript
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
CF-RAY
5ad167adff101e47-FRA
Cf-Bgj
minify
js
www.googletagmanager.com/gtag/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-46789381-15
Requested by
Host: allsimfreemb.wapkiz.com
URL: http://allsimfreemb.wapkiz.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a4f61701c8b6cd680628f031550f94a6d082133038c9a34b9454b60a77e704da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://allsimfreemb.wapkiz.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 03 Jul 2020 14:48:00 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33699
x-xss-protection
0
last-modified
Fri, 03 Jul 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 03 Jul 2020 14:48:00 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: fhits.xyz
URL: http://fhits.xyz/online.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://allsimfreemb.wapkiz.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
1943
date
Fri, 03 Jul 2020 14:15:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Fri, 03 Jul 2020 16:15:38 GMT
fc.php
www.fhits.xyz/ 		49 B
590 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.fhits.xyz/fc.php?id=dc2bef6ffc927bceebab941e41e85e0e&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&ref=&pn=http%3A%2F%2Fallsimfreemb.wapkiz.com%2Findex.html&wh=1600x1200&rand=36
Requested by
Host: fhits.xyz
URL: http://fhits.xyz/online.js
Protocol
HTTP/1.1
Server
2606:4700:3035::681f:510d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.0.33
Resource Hash
8f8e1486711a737c996aa9ccc388bdde0125fd85960307f747da0a151d66b015
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://allsimfreemb.wapkiz.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 03 Jul 2020 14:48:10 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
X-Powered-By
PHP/7.0.33
Transfer-Encoding
chunked
Content-Type
application/x-javascript
cf-request-id
03b6bf223000009760f0982200000001
Connection
keep-alive
CF-RAY
5ad167b04e8b9760-FRA
X-XSS-Protection
1; mode=block
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1050074232&t=pageview&_s=1&dl=http%3A%2F%2Fallsimfreemb.wapkiz.com%2Findex.html&ul=en-us&de=UTF-8&dt=Facebook%20%E2%80%93%20log%20in%20or%20s...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46789381-10&cid=182560505.1593787681&jid=188311410&_gid=141503287.1593787681&gjid=860926478&_v=j83&z=1704220586
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46789381-10&cid=182560505.1593787681&jid=188311410&_v=j83&z=1704220586
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46789381-10&cid=182560505.1593787681&jid=188311410&_v=j83&z=1704220586&slf_rd=1&random=408378315
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46789381-10&cid=182560505.1593787681&jid=188311410&_v=j83&z=1704220586&slf_rd=1&random=408378315
Requested by
Host: allsimfreemb.wapkiz.com
URL: http://allsimfreemb.wapkiz.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://allsimfreemb.wapkiz.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jul 2020 14:48:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Jul 2020 14:48:01 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46789381-10&cid=182560505.1593787681&jid=188311410&_v=j83&z=1704220586&slf_rd=1&random=408378315
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1050074232&t=pageview&_s=1&dl=http%3A%2F%2Fallsimfreemb.wapkiz.com%2Findex.html&ul=en-us&de=UTF-8&dt=Facebook%20%E2%80%93%20log%20in%20or%20s...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-46789381-15&cid=182560505.1593787681&jid=713540902&_gid=141503287.1593787681&gjid=1353821842&_v=j83&z=2032840102
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46789381-15&cid=182560505.1593787681&jid=713540902&_v=j83&z=2032840102
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46789381-15&cid=182560505.1593787681&jid=713540902&_v=j83&z=2032840102&slf_rd=1&random=346024786
42 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46789381-15&cid=182560505.1593787681&jid=713540902&_v=j83&z=2032840102&slf_rd=1&random=346024786
Requested by
Host: allsimfreemb.wapkiz.com
URL: http://allsimfreemb.wapkiz.com/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://allsimfreemb.wapkiz.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Jul 2020 14:48:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Jul 2020 14:48:01 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46789381-15&cid=182560505.1593787681&jid=713540902&_v=j83&z=2032840102&slf_rd=1&random=346024786
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
FF0000.png
cdn1.fhits.xyz/img/ 		128 B
687 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn1.fhits.xyz/img/FF0000.png
Requested by
Host: allsimfreemb.wapkiz.com
URL: http://allsimfreemb.wapkiz.com/index.html
Protocol
HTTP/1.1
Server
2606:4700:3035::ac43:dc80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
f55305c1eb95d27c0b58235590a184a11b5093f7481b48862645b2dc45d458cf

Request headers

Referer
http://allsimfreemb.wapkiz.com/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 03 Jul 2020 14:48:10 GMT
CF-Cache-Status
HIT
Server
cloudflare
Age
6083505
X-Powered-By
PHP/5.6.40
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
5ad167e7198fd6c5-FRA
Content-Length
128
cf-request-id
03b6bf446a0000d6c580ace200000001
Expires
Sat, 24 Apr 2021 04:56:25 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| sc_olimg_var object| pn string| w_h function| online function| sc_onlineimagei function| ct_inserti function| drawText_onlinei function| errorMsgi string| title string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| gaplugins object| gaGlobal object| gaData

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 1; mode=block