cdfhf.localdats.com
Open in
urlscan Pro
178.162.199.80
Malicious Activity!
Public Scan
Effective URL: https://cdfhf.localdats.com/s/5ac3bc13e6a33?utm_source=5ac3bc13e6a33&cid=134223542
Submission: On April 08 via api from BE — Scanned from PL
Summary
TLS certificate: Issued by R3 on March 23rd 2023. Valid for: 3 months.
This is the only time cdfhf.localdats.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Porn Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 80.211.254.25 80.211.254.25 | 205727 (ARUBA) (ARUBA) | |
12 | 178.162.199.80 178.162.199.80 | 28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10) | |
13 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
localdats.com
cdfhf.localdats.com |
414 KB |
1 |
bnbdating.com
www.bnbdating.com |
1 KB |
13 | 2 |
Domain | Requested by | |
---|---|---|
12 | cdfhf.localdats.com |
www.bnbdating.com
cdfhf.localdats.com |
1 | www.bnbdating.com | |
13 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
localdats.com R3 |
2023-03-23 - 2023-06-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://cdfhf.localdats.com/s/5ac3bc13e6a33?utm_source=5ac3bc13e6a33&cid=134223542
Frame ID: 63B80E0A2D91783F6A8945E6358C8D00
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Najbardziej popularny serwis randkowy w tym miesiÄ…cuPage URL History Show full URLs
- http://www.bnbdating.com/sJ2II_5kkwOmPniPL1pdd14iMo672_kel4oiTpmmryw4tjvO8xxMqFlhJbEeDU4R9MW8nVTEHouT... Page URL
- https://cdfhf.localdats.com/s/5ac3bc13e6a33?utm_source=5ac3bc13e6a33&cid=134223542 Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://www.bnbdating.com/sJ2II_5kkwOmPniPL1pdd14iMo672_kel4oiTpmmryw4tjvO8xxMqFlhJbEeDU4R9MW8nVTEHouT2gDJUe38vZB3i9z_JlGQrW6_GuMi67U=?aquhTq2zdUJAv3mVXPSSrBsZhdk_lD3-augTIE3Gu3OEq8RtPkBNhp6AXxVsAEFoln9h9q64wQMtePQ1PLezqvu3y3pM2v-YRIcYPGBBiwWfdJju0qvlF9mCg-0J-UO-2PxdG0NyZvp6I9G2kleKJ6WYU37FMlUxHsZNzYVAg6Fpj96uHfWTVLwq_tDer7_KTs8GiirL_anvWy9-YCrnDznM-YNU2vPde6UGeSrt-SsrmmK4-WernUVUU4JVVerjFweYbWBlZj7i5-MviUDTsbUlxkwsGf8h0w_2Q2ZKgUk= Page URL
- https://cdfhf.localdats.com/s/5ac3bc13e6a33?utm_source=5ac3bc13e6a33&cid=134223542 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
sJ2II_5kkwOmPniPL1pdd14iMo672_kel4oiTpmmryw4tjvO8xxMqFlhJbEeDU4R9MW8nVTEHouT2gDJUe38vZB3i9z_JlGQrW6_GuMi67U=
www.bnbdating.com/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
5ac3bc13e6a33
cdfhf.localdats.com/s/ |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.css
cdfhf.localdats.com/bundle/2/assets/css/ |
71 KB 71 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.js
cdfhf.localdats.com/bundle/2/assets/js/ |
84 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js.js
cdfhf.localdats.com/bundle/2/assets/js/ |
414 B 694 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
click.js
cdfhf.localdats.com/js/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
no.png
cdfhf.localdats.com/bundle/2/assets/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yes.png
cdfhf.localdats.com/bundle/2/assets/img/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.jpg
cdfhf.localdats.com/bundle/2/assets/img/ |
88 KB 89 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pattern.png
cdfhf.localdats.com/bundle/2/assets/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Lato-Regular.ttf
cdfhf.localdats.com/bundle/2/assets/css/fonts/ |
117 KB 118 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fp2.min.js
cdfhf.localdats.com/js/ |
30 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
track.php
cdfhf.localdats.com/ |
0 254 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Porn Scam (Online)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery function| fingerprintGo function| sendTrack function| collectTrackParams function| closingConfirm function| handleError function| getParameterByName function| collectParams function| checkRequired function| setLeadInfo function| setCF function| Fingerprint22 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.localdats.com/ | Name: s Value: 5ku%2B6KSvyTucNfhrBuzm7dNz7sbwZEVetVHGYpFH55MIX5oNblcnonkYc1lBbKRtmBfj5w%2BvpWrKfirkOnPW5SB%2BNvkBH6NV%2BTdQXgLPrayjPOWZcPcUMoxs1XqoEM4eZYjrfsE4gOBvh3XeLMYWb4sBuMKOi%2FqSKfXD3%2FVayJl237MDhUapJF%2FhrI8H3d2HDthPKvr61e2sVjt1NgINWvQrzypWRdTXrDVhci5MOqyLN4F6ATLtrZeHIkoumZDlI75ra%2F9ICxKpbYJTWX1WuqmaUFKW4Ic6n9qGfun5CpBjQc5CmRhISZMuzaPwrFcoaZkNQpDJWehWFStoUVHdr%2BsEOzAVyUsaEZHJVhGDoGCSnwPtEuXL9yvSXP8OtroPUDSFOGEToZoN9ozEEKcLxNTrSqVe64ef%2Ff3Mw7gSgPEvt4Uj7tb3rUt%2FVInS0mdYwStcN5O4jS4EoF7oxslL9fWz953l7GrN%2B1uwZeQBBEV3pjKn%2FUqv7eCF%2Fpffnn9VGaN9G5XYHYWCoxRZBxAgBB5ouQGOscMovcCmCbHfsqqteM%2BVG%2B3w8loR%2BsLi%2Bkx9i3xzwjixbHDLrZTelRCQ9K6hmU%2F5wlbD9eQqn%2BlEi15zFMElXfl291oO%2FJvPKVm2tQclveEE5aTk%2BiYG4kjy0OQGFIub5cpFAnCAMPr87Zy%2BrbD8HxpFc8G%2FyirTAVOFEd9ryhVHR4R4h2DzSwoJp44w68bPbuL0p%2F8IuXQOjbTV9KwirhXHrxv7pSrDtfMBQT2Sq8g%2BQsu8FNHB%2BocMGDArC6ne9h8DkBynh0a%2B53QjMSEFFlX0i%2FpuAvuqpmaCT2Kj7pAuUnXh5wHAsiUYAU8XsXmZxp%2F7SM8A1ZieH1%2B38cTl7rj%2BNNrfpighXEqqTR1vdfv9mrc%2F9LioWQFh%2FF4MKSgU8YtEq3s0ttcIkkG1l4WB6%2FiH6njnKSZ%2Br3iabZyPoER07iaIhIG7xE8C4FzVMEUPUgryK%2FLFNr4MoPL4YMLlc0Qt8uiK1jbNEe6ZCvZz1oLoqfR7JDu%2FwdM4iWxvFbdBTtgyELflI5oRfe5ctg1CGg1eqkoQ6P1YyCsBEHgKOZvPeK2PwczsRzmm7ykFYT2ZgQcWNTHKlN8olAvjKOQjK8xcDG91bvNW4bw4x4WHNiY7U72oRXIn4KvmwdVqlgpbkXbQ4yFfguruAxVta0l105l7kv1RiWi5p0Ixw74s65WZ%2F3%2BCX6snF5aCaNp7LNBAzdhSwp2BMoFliYoX4mltCYV2ME6cadcS76Vv4Ts1PnSicQqqs3SoR1gv2QYSpkFrryA%2FiryhfoZmUBWnk4xj0yhfU59CVwJ9MB8j5fDGDgY%2F285riPIFhBepOcYfSrxhXUJYTKmbM%2Bu%2FxCd3vPatWxAvSsSchdQmlxgyFZmbvDDZolgR7WV49POQwv99WxSVNtZTOJ8z9uLGf9%2F5KuNq0qg2WlITFG7kQDdWCuFfTa2yFLHCCaZ4tmZV6ioCz7ks4RN91tyx5pwr%2B9%2Bx3K9wvGqy6i6%2BnaAUTxrBb%2BDHzQp3Z4aVgNdaa7PiHDmLjxfXOJRlV68PpYoRg7sT6MuCaMHzY1ljQ0m8tD6QHNySyldzHf2iaz7crErND4UiZ14ZGjIoigHC6rI9zdPMkcpokDIG9B5k2WAgDf%2FaCW7IbK8ltGs27ua6cZd%2BLSHvI2rBvMGCKoxVzmw8Vw%3D%3D |
|
cdfhf.localdats.com/ | Name: CF Value: oKS/orNiG1LEWv7DOWEgTA__ |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdfhf.localdats.com
www.bnbdating.com
178.162.199.80
80.211.254.25
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
15d4127cd56e1b50b5d57340161ff54d22713da009df6904925833779ab125d0
18505ac7b697920c4bf75c30355001f1c3947d739fc45ba8774de9a793da4d8b
3836b0592b467da4cab99eb40b0fc44f34622144bac13a784ac88848b2890bda
5cbc28ef1cf07ab8956014b581aa2b96baac861237975813702e63c886b0c004
6bfdecff876226c1e233f71e7b0b1a6e0eb238281a52156c39f051691dd88a43
6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e
7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7
d1128e0f906f0c31210f13ecfda48e6e4fcc849c22ee53f6a83888b718959615
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f92df46462c54bc2ac714a834a336ca1c8c961992495b6f641311ecb587a9a96
fedd7527d1cceee3052bf4bb62e76d56e8200a115d8a2affae23a125578b7ad1