inquiescor.net
Open in
urlscan Pro
162.241.226.31
Malicious Activity!
Public Scan
Submitted URL: https://buybr.com.br/ado/as7/miracule.php
Effective URL: https://inquiescor.net/ads/adsgoogle/19574/
Submission: On September 12 via manual from FR — Scanned from FR
Effective URL: https://inquiescor.net/ads/adsgoogle/19574/
Submission: On September 12 via manual from FR — Scanned from FR
Summary
This website contacted 7 IPs
in 3 countries
across 7 domains to perform 18 HTTP transactions.
The main IP is 162.241.226.31, located in
United States and
belongs to UNIFIEDLAYER-AS-1, US.
The main domain is inquiescor.net.
TLS certificate: Issued by R3 on August 30th 2023. Valid for: 3 months.
This is the only time inquiescor.net was scanned on urlscan.io!
TLS certificate: Issued by R3 on August 30th 2023. Valid for: 3 months.
This is the only time inquiescor.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Google (Online)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 162.215.129.174 162.215.129.174 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
| 2 13 | 162.241.226.31 162.241.226.31 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:806::200a | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:2b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2606:4700::68... 2606:4700::6810:5814 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:813::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 18 | 7 |
1
162.215.129.174
(United States)
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: servidor.veritati.com.br
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: servidor.veritati.com.br
| buybr.com.br |
13
162.241.226.31
(United States)
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5312.bluehost.com
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5312.bluehost.com
| inquiescor.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 13 |
inquiescor.net
2 redirects
inquiescor.net |
332 KB |
| 3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 58 ajax.googleapis.com — Cisco Umbrella Rank: 406 |
32 KB |
| 1 |
gstatic.com
fonts.gstatic.com |
15 KB |
| 1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 249 |
11 KB |
| 1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 351 |
16 KB |
| 1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 820 |
30 KB |
| 1 |
buybr.com.br
1 redirects
buybr.com.br |
218 B |
| 18 | 7 |
| Domain | Requested by | |
|---|---|---|
| 13 | inquiescor.net |
2 redirects
inquiescor.net
|
| 2 | fonts.googleapis.com |
inquiescor.net
|
| 1 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | cdnjs.cloudflare.com |
inquiescor.net
|
| 1 | cdn.jsdelivr.net |
inquiescor.net
|
| 1 | ajax.googleapis.com |
inquiescor.net
|
| 1 | code.jquery.com |
inquiescor.net
|
| 1 | buybr.com.br | 1 redirects |
| 18 | 8 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.inquiescor.net R3 |
2023-08-30 - 2023-11-28 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
| *.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://inquiescor.net/ads/adsgoogle/19574/
Frame ID: C71804DD46C8B0A9BBA7CD0B168129F5
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
Gmail Login AdsPage URL History Show full URLs
-
https://buybr.com.br/ado/as7/miracule.php
HTTP 302
https://inquiescor.net/ads/adsgoogle/ HTTP 302
https://inquiescor.net/ads/adsgoogle/19574 HTTP 301
https://inquiescor.net/ads/adsgoogle/19574/ Page URL
Detected technologies
Materialize CSS
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href="[^"]*materialize(?:\.min)?\.css
- materialize(?:\.min)?\.js
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
SweetAlert
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- sweet(?:-)?alert(?:\.min)?\.js
SweetAlert2
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- sweetalert2(?:\.all)?(?:\.min)?\.js
- /npm/sweetalert2@([\d.]+)
- sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://buybr.com.br/ado/as7/miracule.php
HTTP 302
https://inquiescor.net/ads/adsgoogle/ HTTP 302
https://inquiescor.net/ads/adsgoogle/19574 HTTP 301
https://inquiescor.net/ads/adsgoogle/19574/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
inquiescor.net/ads/adsgoogle/19574/ Redirect Chain
|
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon
fonts.googleapis.com/ |
569 B 775 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
2 KB 670 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
normalize.css
inquiescor.net/ads/adsgoogle/19574/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
materialize.min.css
inquiescor.net/ads/adsgoogle/19574/css/ |
139 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loginStyle.css
inquiescor.net/ads/adsgoogle/19574/css/ |
3 KB 1005 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
spinner.css
inquiescor.net/ads/adsgoogle/19574/asset/css/ |
791 B 409 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Googlelogo.png
inquiescor.net/ads/adsgoogle/19574/images/ |
232 KB 232 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
materialize.min.js
inquiescor.net/ads/adsgoogle/19574/js/ |
177 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.3.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
routie.min.js
inquiescor.net/ads/adsgoogle/19574/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loginScript.js
inquiescor.net/ads/adsgoogle/19574/js/ |
2 KB 739 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.js
inquiescor.net/ads/adsgoogle/19574/js/ |
2 KB 552 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sweetalert2.all.min.js
cdn.jsdelivr.net/npm/sweetalert2@7.26.11/dist/ |
60 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sweetalert.min.js
cdnjs.cloudflare.com/ajax/libs/sweetalert/2.1.2/ |
40 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
log.js
inquiescor.net/ads/adsgoogle/19574/common/ |
805 B 515 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Google (Online)37 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture function| _get function| _createClass function| _possibleConstructorReturn function| _inherits function| _classCallCheck function| Component function| docHandleKeydown function| docHandleKeyup function| docHandleFocus function| docHandleBlur function| getTime object| $jscomp object| $jscomp$this function| cash object| M object| Waves function| $ function| jQuery function| Routie function| routie object| allPasswordInp function| showProgress function| showPassword boolean| isShift string| seperator string| dash function| cc_date function| date_of_birth function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| setImmediate function| clearImmediate function| login0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
buybr.com.br
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
inquiescor.net
162.215.129.174
162.241.226.31
2001:4de0:ac18::1:a:2b
2606:4700::6810:5814
2606:4700::6811:190e
2a00:1450:4001:806::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:813::2003
018409a5d34adbc92e547130fd89b7cb81db893cac58efb489c726eab0bd6c02
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1c3221aa20e00d6c9348d8264fe4d76b0efd4f0aa287d9e5090f06bafb124438
1d6e9ebb8cc5de69d5c3fa1fae2230bd27c5918e143abe73137eb1fb5f6b8873
286c4568ecdf212d55abfaa1824b68aa5b07531728b3122ba77ed7b2820631ee
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
6965c967fe2474e34f024a08618c84e9f995c3482a3c46e793b9eca4b00d82e2
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
84a4223fb812ebe297c5debca080277467ef5530f1f18a69c89343412576683a
8befed91bbc0193755340d4c5de7be4112860b69d673023c84df46e69e12a512
8eb0ee259863bc0abfb4ebf2d5138c3931fdd2dc3e4a920ee139064df8632c06
a8ceaf504c789da0c9eb8581bad09f4f1a552aa69c3515be36a1ed60ee4af11d
a8e1d658a276a4706ed13d04de6e9bf673e872dffdff4e30ad0ffdb69e12621b
bdef5e202f08e9600759e7beb09a62dc46dff9647c7d0d4241203b09af152c9c
f5a59995b708bcd4a76f805669462514d1b294d7935942ffc9f7d6ff70db93fa
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d