cdfhf.localdats.com
Open in
urlscan Pro
178.162.199.80
Malicious Activity!
Public Scan
Effective URL: https://cdfhf.localdats.com/s/5ac3bc13e6a33?utm_source=5ac3bc13e6a33&cid=121086362
Submission: On September 26 via api from BE — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 24th 2022. Valid for: 3 months.
This is the only time cdfhf.localdats.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Porn Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 185.248.100.169 185.248.100.169 | 44812 (IPSERVER-...) (IPSERVER-RU-NET Fiord) | |
12 | 178.162.199.80 178.162.199.80 | 28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10) | |
13 | 2 |
ASN44812 (IPSERVER-RU-NET Fiord, RU)
PTR: mail.flinghookups.com
www.flinghookups.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
localdats.com
cdfhf.localdats.com |
385 KB |
1 |
flinghookups.com
www.flinghookups.com |
1 KB |
13 | 2 |
Domain | Requested by | |
---|---|---|
12 | cdfhf.localdats.com |
www.flinghookups.com
cdfhf.localdats.com |
1 | www.flinghookups.com | |
13 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
localdats.com R3 |
2022-09-24 - 2022-12-23 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://cdfhf.localdats.com/s/5ac3bc13e6a33?utm_source=5ac3bc13e6a33&cid=121086362
Frame ID: 247AD90F2E773757215A038ED1889400
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Die beliebtesten Dating-Website des MonatsPage URL History Show full URLs
- http://www.flinghookups.com/KL724eX9nCOr1uKlv9UDIVtrrIYFnjWhz-ck0tqxuo-Y6u8d-8Lu4MObgQhloDRT6J7FcWbUAhoH... Page URL
- https://cdfhf.localdats.com/s/5ac3bc13e6a33?utm_source=5ac3bc13e6a33&cid=121086362 Page URL
Detected technologies
animate.css (Web Frameworks) ExpandDetected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://www.flinghookups.com/KL724eX9nCOr1uKlv9UDIVtrrIYFnjWhz-ck0tqxuo-Y6u8d-8Lu4MObgQhloDRT6J7FcWbUAhoHUL7_8qNcbImN0d9_XUHJH8pN0P1KN_w=?BgcDf2yPBC1sQkgslwjmz1vi441jJ5vBD5h_aOOCD089AhO3h6lc2QfnAtHPYr1Og0SlxRS_rwVP1Ij3UHWxzg-iZbaY5GIQX_ebQ_Ypa7hA3pKD72gF9qWEImfomqYxfIbmQxoehzccLQVq_8wdHh7YEwNmoJCnRKFOThyo4Cvb6BQH8vVVPmR4O2bEmVxcH77NAT7enIDjgXaWRLILcPvt2QDvNWNQL8vlnQfgNiRzFn-rQuXsW1zJX9iTZkYFHP6RoBoR6ScZlPUQNdDNhTiEiEbadUoVfML6kTQrpyQ= Page URL
- https://cdfhf.localdats.com/s/5ac3bc13e6a33?utm_source=5ac3bc13e6a33&cid=121086362 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
KL724eX9nCOr1uKlv9UDIVtrrIYFnjWhz-ck0tqxuo-Y6u8d-8Lu4MObgQhloDRT6J7FcWbUAhoHUL7_8qNcbImN0d9_XUHJH8pN0P1KN_w=
www.flinghookups.com/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
5ac3bc13e6a33
cdfhf.localdats.com/s/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
animate.min.css
cdfhf.localdats.com/bundle/18/assets/css/ |
52 KB 52 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
cdfhf.localdats.com/bundle/18/assets/css/ |
14 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.2.4.min.js
cdfhf.localdats.com/bundle/18/assets/js/ |
84 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js.js
cdfhf.localdats.com/bundle/18/assets/js/ |
650 B 930 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
click.js
cdfhf.localdats.com/js/ |
5 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
no.png
cdfhf.localdats.com/bundle/18/assets/img/ |
322 B 566 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yes.png
cdfhf.localdats.com/bundle/18/assets/img/ |
594 B 838 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.jpg
cdfhf.localdats.com/bundle/18/assets/img/ |
76 KB 77 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pattern.png
cdfhf.localdats.com/bundle/18/assets/img/ |
100 B 343 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Lato-Regular.ttf
cdfhf.localdats.com/bundle/18/assets/fonts/ |
117 KB 118 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fp2.min.js
cdfhf.localdats.com/js/ |
30 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Porn Scam (Online)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery string| fpDataEncoded function| fingerprintGo function| closingConfirm function| handleError function| getParameterByName function| collectParams function| setLeadInfo function| setCF function| Fingerprint22 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.localdats.com/ | Name: SID Value: 188ba3caef6276a59f6e47f142511c2f |
|
cdfhf.localdats.com/ | Name: CF Value: RLkU1t1tTZKzLEHJ3iLx3g__ |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdfhf.localdats.com
www.flinghookups.com
178.162.199.80
185.248.100.169
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
13de289b7d770632c2b87d7019cdb10416061bcdb50f07cadcc5e4c6cdf33a36
3e80058e1e64f3e5085e47096d373ae6b74987d494aec75b3f67872706569ef4
61578380385ef83a3ad40c2a0d5d0bad8ff6713845848098e70591ab20f0ce40
623cd33a00c598dfe9d63cb47e5798ecc598684f998f5e2eaf210513dbbd330c
6596c32a5c57ad80575a1daf2b14759ca8712ca40d1a4decfc1c7dc37d8d02d6
6a81a25ca7fec3b6540c76f8da05d0be2b75103cd3d2066e70eeba35bb9315cd
6e1bf43d1d49858aacd5de53b32b551732bca4b2a46b1f808eb6d6d0f2b70c0e
7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7
855f62c34d296773b690bcd61d702db042b6085294928d1f7064c022b47d2695
86c02a3e955f61e7f214876fd1a8bbb411969a2c4dd9c7d4edd45ed82e167f66
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d