shoppingbuddy.xyz
Open in
urlscan Pro
104.18.63.139
Public Scan
Effective URL: https://shoppingbuddy.xyz/l/2175?x=13120044&s=zzz_de_3481975_237511&q=&t=download
Submission: On November 28 via api from BR
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 9th 2020. Valid for: a year.
This is the only time shoppingbuddy.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 3 | 2606:4700:303... 2606:4700:3036::681f:4cb4 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:3b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 2 | 88.212.201.198 88.212.201.198 | 39134 (UNITEDNET) (UNITEDNET) | |
1 | 188.72.236.136 188.72.236.136 | 35415 (WEBZILLA) (WEBZILLA) | |
1 1 | 139.45.195.142 139.45.195.142 | 9002 (RETN-AS) (RETN-AS) | |
1 1 | 104.27.169.75 104.27.169.75 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 104.18.63.139 104.18.63.139 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:809::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a04:4e42:3::621 2a04:4e42:3::621 | 54113 (FASTLY) (FASTLY) | |
2 | 2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
3 | 2a00:1450:400... 2a00:1450:4001:819::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
18 | 10 |
ASN35415 (WEBZILLA, NL)
PTR: 1f2-12-d2456-136.webazilla.com
xsoftwarexexpertx.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
shoppingbuddy.xyz
shoppingbuddy.xyz |
90 KB |
3 |
gstatic.com
fonts.gstatic.com |
40 KB |
3 |
contcorvevondati.tk
1 redirects
contcorvevondati.tk |
5 KB |
2 |
facebook.com
www.facebook.com |
403 B |
2 |
facebook.net
connect.facebook.net |
92 KB |
2 |
yadro.ru
1 redirects
counter.yadro.ru |
1 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net |
17 KB |
1 |
googleapis.com
fonts.googleapis.com |
741 B |
1 |
track-click.tk
1 redirects
ext.track-click.tk |
651 B |
1 |
beonixom.com
1 redirects
beonixom.com |
1 KB |
1 |
xsoftwarexexpertx.com
xsoftwarexexpertx.com |
6 KB |
1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com |
23 KB |
18 | 12 |
Domain | Requested by | |
---|---|---|
4 | shoppingbuddy.xyz |
xsoftwarexexpertx.com
shoppingbuddy.xyz |
3 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | contcorvevondati.tk |
1 redirects
contcorvevondati.tk
|
2 | www.facebook.com |
shoppingbuddy.xyz
|
2 | connect.facebook.net |
shoppingbuddy.xyz
connect.facebook.net |
2 | counter.yadro.ru |
1 redirects
contcorvevondati.tk
|
1 | cdn.jsdelivr.net |
shoppingbuddy.xyz
|
1 | fonts.googleapis.com |
shoppingbuddy.xyz
|
1 | ext.track-click.tk | 1 redirects |
1 | beonixom.com | 1 redirects |
1 | xsoftwarexexpertx.com |
contcorvevondati.tk
|
1 | stackpath.bootstrapcdn.com |
contcorvevondati.tk
|
18 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-16 - 2021-08-16 |
a year | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-09-22 - 2021-10-12 |
a year | crt.sh |
counter.yadro.ru Let's Encrypt Authority X3 |
2020-10-29 - 2021-01-27 |
3 months | crt.sh |
xsoftwarexexpertx.com Let's Encrypt Authority X3 |
2020-09-09 - 2020-12-08 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-10-26 - 2021-04-17 |
6 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-11-02 - 2021-01-30 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-11-03 - 2021-01-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://shoppingbuddy.xyz/l/2175?x=13120044&s=zzz_de_3481975_237511&q=&t=download
Frame ID: C850A69D844A0DF2C1FF40A10761D35E
Requests: 18 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://contcorvevondati.tk/?id=1597566122 Page URL
-
https://contcorvevondati.tk/?id=1597566122
HTTP 302
https://xsoftwarexexpertx.com/s6r7De6ee7856b59c8f2f4f8219d7701668ddabe66dc5 Page URL
-
https://beonixom.com/link?z=3481975&ymid=AHWqwV_HnwMAeToCAERFNAASAPc3Vo4A&var=237511
HTTP 302
https://ext.track-click.tk/track?s=zzz_de_3481975_237511&cid=356364928912724397&t=download HTTP 302
https://shoppingbuddy.xyz/l/2175?x=13120044&s=zzz_de_3481975_237511&q=&t=download Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://contcorvevondati.tk/?id=1597566122 Page URL
-
https://contcorvevondati.tk/?id=1597566122
HTTP 302
https://xsoftwarexexpertx.com/s6r7De6ee7856b59c8f2f4f8219d7701668ddabe66dc5 Page URL
-
https://beonixom.com/link?z=3481975&ymid=AHWqwV_HnwMAeToCAERFNAASAPc3Vo4A&var=237511
HTTP 302
https://ext.track-click.tk/track?s=zzz_de_3481975_237511&cid=356364928912724397&t=download HTTP 302
https://shoppingbuddy.xyz/l/2175?x=13120044&s=zzz_de_3481975_237511&q=&t=download Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://counter.yadro.ru/hit;money?r;s1600*1200*24;uhttps%3A//contcorvevondati.tk/%3Fid%3D1597566122;hJust%20a%20moment...;0.5846825286808106 HTTP 302
- https://counter.yadro.ru/hit;money?q;r;s1600*1200*24;uhttps%3A//contcorvevondati.tk/%3Fid%3D1597566122;hJust%20a%20moment...;0.5846825286808106
- https://contcorvevondati.tk/?id=1597566122 HTTP 302
- https://xsoftwarexexpertx.com/s6r7De6ee7856b59c8f2f4f8219d7701668ddabe66dc5
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
contcorvevondati.tk/ |
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ |
156 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hit;money
counter.yadro.ru/ Redirect Chain
|
43 B 496 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
ab.php
contcorvevondati.tk/antibot/ |
71 B 558 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s6r7De6ee7856b59c8f2f4f8219d7701668ddabe66dc5
xsoftwarexexpertx.com/ Redirect Chain
|
5 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
2175
shoppingbuddy.xyz/l/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
css2
fonts.googleapis.com/ |
7 KB 741 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d98ed3f6208fa73a905da502cf061288.css
shoppingbuddy.xyz/minify/ |
181 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chromestore.png
shoppingbuddy.xyz/img/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sweetalert2@9
cdn.jsdelivr.net/npm/ |
65 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f02e27cc07092004f6e06c0fd0ef1457.js
shoppingbuddy.xyz/minify/ |
200 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
89 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
643564442956474
connect.facebook.net/signals/config/ |
239 KB 69 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 257 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 146 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
35 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| EXTENSION_ID string| EXTENSION_CHROME_URL string| INSTALLED_URL string| WARNING_MESSAGE_TITLE string| WARNING_MESSAGE_TEXT string| WARNING_BUTTON_CONFIRM function| fbq function| _fbq function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| setCookie function| getCookie undefined| popup undefined| check function| gtag function| openExtension function| checkWindow function| hideOverlay function| $ function| jQuery object| dataLayer object| yii number| ext6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.shoppingbuddy.xyz/ | Name: _fbp Value: fb.1.1606527607670.269354551 |
|
shoppingbuddy.xyz/ | Name: conv_id Value: 13120044 |
|
shoppingbuddy.xyz/ | Name: PHPSESSID Value: 6amogmmeau2ml5qv77u9d793b6 |
|
shoppingbuddy.xyz/ | Name: conv_check Value: 13120044,5886ff8 |
|
shoppingbuddy.xyz/ | Name: _csrf Value: c3bc74b04672a36a6bef02007f12d81ee1da341f8649c449bd89230e611cd6ada%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22a0NaYrF0tss2wvJ_8KEg1bOf7vmBkCJx%22%3B%7D |
|
.shoppingbuddy.xyz/ | Name: __cfduid Value: da90fefcf5177c9c91023102e359767541606527607 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
beonixom.com
cdn.jsdelivr.net
connect.facebook.net
contcorvevondati.tk
counter.yadro.ru
ext.track-click.tk
fonts.googleapis.com
fonts.gstatic.com
shoppingbuddy.xyz
stackpath.bootstrapcdn.com
www.facebook.com
xsoftwarexexpertx.com
104.18.63.139
104.27.169.75
139.45.195.142
188.72.236.136
2001:4de0:ac19::1:b:3b
2606:4700:3036::681f:4cb4
2a00:1450:4001:809::200a
2a00:1450:4001:819::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::621
88.212.201.198
09b3ba1cee7fb0360666aa7cf3faf4921cbaa1f86b38424da82fc591a835cf59
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11f295ea172c0d082f067e6d9a8b8f32fb97732e8a7ea319dc9aac24b8db1073
16c5caddfe4a97be23e1bfb971a221a2b2f1ecb5ad4136a64da5aadec8137116
2950bc3fd628cb8a8c6b1367f664e31353a6ff9edd99c3f2831ce548610a05b0
2b74fcd6c38eb603d9c86cd1c8cb97ba423d200d7e3e555cbc5a704ac456e00f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
36278e015fc32c289ef2827173335711082ed43f84dcea107b08c7c637fc3e2a
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
5161f16ec0fb75a8d7643ee88af612c04bacba5ac3bd85b9110e7556ef56cafe
93fca7bc2e65875b5b3f796638e54ad3e8c908b97557521ccdcd535d6c47d1c6
bcb38347e62bc1c2999454eaeef13c987dfd7477ddbcf4576634b53d899205d4
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0