blackwaterforllows.ga
Open in
urlscan Pro
157.245.79.75
Public Scan
Effective URL: https://blackwaterforllows.ga/?p=mm4wmnbuge5gi3bpgiydkma&sub1=cireolass&sub2=dir.buy.local
Submission Tags: @phishunt_io
Submission: On August 29 via api from ES
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on August 10th 2020. Valid for: 3 months.
This is the only time blackwaterforllows.ga was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 192.185.62.7 192.185.62.7 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
1 3 | 45.9.148.126 45.9.148.126 | 49447 (NICEIT) (NICEIT) | |
1 | 2a00:1450:400... 2a00:1450:4001:820::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:817::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 157.245.79.75 157.245.79.75 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
19 | 6 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: thepurebeautyco.ae
ask-apple.com |
ASN49447 (NICEIT, NL)
js.donatelloflowfirstly.ga | |
detect.donatelloflowfirstly.ga |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
donatelloflowfirstly.ga
1 redirects
js.donatelloflowfirstly.ga detect.donatelloflowfirstly.ga Failed |
2 KB |
1 |
blackwaterforllows.ga
blackwaterforllows.ga |
46 KB |
1 |
googleapis.com
fonts.googleapis.com |
880 B |
1 |
googlesyndication.com
pagead2.googlesyndication.com |
44 KB |
1 |
ask-apple.com
ask-apple.com |
|
19 | 5 |
Domain | Requested by | |
---|---|---|
2 | detect.donatelloflowfirstly.ga |
js.donatelloflowfirstly.ga
|
1 | blackwaterforllows.ga | |
1 | fonts.googleapis.com |
ask-apple.com
|
1 | pagead2.googlesyndication.com |
ask-apple.com
|
1 | js.donatelloflowfirstly.ga |
ask-apple.com
|
1 | ask-apple.com |
ask-apple.com
|
19 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.ask-apple.com Let's Encrypt Authority X3 |
2020-08-26 - 2020-11-24 |
3 months | crt.sh |
js.donatelloflowfirstly.ga Let's Encrypt Authority X3 |
2020-08-11 - 2020-11-09 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
detect.donatelloflowfirstly.ga Let's Encrypt Authority X3 |
2020-08-12 - 2020-11-10 |
3 months | crt.sh |
blackwaterforllows.ga Let's Encrypt Authority X3 |
2020-08-10 - 2020-11-08 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://blackwaterforllows.ga/?p=mm4wmnbuge5gi3bpgiydkma&sub1=cireolass&sub2=dir.buy.local
Frame ID: 1C5FDE7C95AB5A86399C4E1F8E8CB529
Requests: 21 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://ask-apple.com/ Page URL
- https://detect.donatelloflowfirstly.ga/d.html?follow=3&re=1&id=9 Page URL
-
https://detect.donatelloflowfirstly.ga/d.php?id=64363234-1234-wdfxdg-2366
HTTP 302
https://blackwaterforllows.ga/?p=mm4wmnbuge5gi3bpgiydkma&sub1=cireolass&sub2=dir.buy.local Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://ask-apple.com/ Page URL
- https://detect.donatelloflowfirstly.ga/d.html?follow=3&re=1&id=9 Page URL
-
https://detect.donatelloflowfirstly.ga/d.php?id=64363234-1234-wdfxdg-2366
HTTP 302
https://blackwaterforllows.ga/?p=mm4wmnbuge5gi3bpgiydkma&sub1=cireolass&sub2=dir.buy.local Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
ask-apple.com/ |
33 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
stat.js
js.donatelloflowfirstly.ga/ |
447 B 789 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
126 KB 44 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
style.min.css
ask-apple.com/wp-includes/css/dist/block-library/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
style.css
ask-apple.com/wp-content/themes/king/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
custom-styles.css
ask-apple.com/wp-content/themes/king/layouts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
9 KB 880 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
all.min.css
ask-apple.com/wp-content/themes/king/layouts/font-awesome/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery.js
ask-apple.com/wp-includes/js/jquery/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery-migrate.min.js
ask-apple.com/wp-includes/js/jquery/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
bootstrap.min.js
ask-apple.com/wp-content/themes/king/layouts/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
owl.carousel.min.js
ask-apple.com/wp-content/themes/king/layouts/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
live-search.js
ask-apple.com/wp-content/themes/king/layouts/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ask-apple-logo.png
ask-apple.com/wp-content/uploads/2020/06/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
d.html
detect.donatelloflowfirstly.ga/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
d.html
detect.donatelloflowfirstly.ga/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
d.html
detect.donatelloflowfirstly.ga/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d.html
detect.donatelloflowfirstly.ga/ |
184 B 512 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
blackwaterforllows.ga/ Redirect Chain
|
46 KB 46 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
19 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ask-apple.com
- URL
- https://ask-apple.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2
- Domain
- ask-apple.com
- URL
- https://ask-apple.com/wp-content/themes/king/style.css?ver=5.4.2
- Domain
- ask-apple.com
- URL
- https://ask-apple.com/wp-content/themes/king/layouts/custom-styles.css?ver=5.4.2
- Domain
- ask-apple.com
- URL
- https://ask-apple.com/wp-content/themes/king/layouts/font-awesome/css/all.min.css?ver=5.4.2
- Domain
- ask-apple.com
- URL
- https://ask-apple.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
- Domain
- ask-apple.com
- URL
- https://ask-apple.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
- Domain
- ask-apple.com
- URL
- https://ask-apple.com/wp-content/themes/king/layouts/js/bootstrap.min.js
- Domain
- ask-apple.com
- URL
- https://ask-apple.com/wp-content/themes/king/layouts/js/owl.carousel.min.js?ver=1.0
- Domain
- ask-apple.com
- URL
- https://ask-apple.com/wp-content/themes/king/layouts/js/live-search.js?ver=1
- Domain
- ask-apple.com
- URL
- https://ask-apple.com/wp-content/uploads/2020/06/ask-apple-logo.png
- Domain
- detect.donatelloflowfirstly.ga
- URL
- https://detect.donatelloflowfirstly.ga/d.html?follow=3&re=1&id=9
- Domain
- detect.donatelloflowfirstly.ga
- URL
- https://detect.donatelloflowfirstly.ga/d.html?follow=3&re=1&id=9
- Domain
- detect.donatelloflowfirstly.ga
- URL
- https://detect.donatelloflowfirstly.ga/d.html?follow=3&re=1&id=9
Verdicts & Comments Add Verdict or Comment
16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes boolean| guardEnabled boolean| isChrome function| compareVersion function| getLanguage object| rootElement boolean| canStart function| text function| textr function| urlB64ToUint8Array function| disableHistory function| disableIncognito function| denied function| getWorkerRegistration function| SubS function| CheckS1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.blackwaterforllows.ga/ | Name: uuid Value: d5e75a42-271a-433d-b1e2-189c21829e9b |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ask-apple.com
blackwaterforllows.ga
detect.donatelloflowfirstly.ga
fonts.googleapis.com
js.donatelloflowfirstly.ga
pagead2.googlesyndication.com
ask-apple.com
detect.donatelloflowfirstly.ga
157.245.79.75
192.185.62.7
2a00:1450:4001:817::200a
2a00:1450:4001:820::2002
45.9.148.126
1612a47c522e849117cd218868604190c57be802737ee3cad28fb2069a636a51
1b1101e188541273bb7b2b5fbe480427662c21e4981994ea20d89a18faad1cdb
2cb17fbadc557564198499f31927eae3c14beb19d4fb5bcf407f767dbc6bd312
44088b86a3a263b4565ad217e0464af6f93e9e21fb2dff876aaa5c1e7e3143e3
7498afacbfa5b1edd0abad8c7611b2ed3931e96ab33c6aec8ec3eb06d707d50c
d3cc3d4e9d09e8b001ee014c36ce948a2646d407e8ecf49b07a315060769134a
d635099db30146530e57b87ce391441cb5708c9ff72801adbaeed6131a92b8ad