prettygifti.com
Open in
urlscan Pro
2606:4700:3032::681b:a72b
Malicious Activity!
Public Scan
Effective URL: https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_...
Submission: On January 28 via manual from IN
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 23rd 2019. Valid for: 10 months.
This is the only time prettygifti.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 194.146.57.150 194.146.57.150 | 35779 (MCLOUD-AS) (MCLOUD-AS) | |
20 | 2606:4700:303... 2606:4700:3032::681b:a72b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 80.241.213.38 80.241.213.38 | 51167 (CONTABO) (CONTABO) | |
1 | 2a00:1450:400... 2a00:1450:4001:81d::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 34.206.112.42 34.206.112.42 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:818::200a | 15169 (GOOGLE) (GOOGLE) | |
28 | 5 |
ASN51167 (CONTABO, DE)
PTR: m1938.contaboserver.net
smoothylink.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-112-42.compute-1.amazonaws.com
pushpal.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
prettygifti.com
prettygifti.com |
373 KB |
5 |
smoothylink.com
smoothylink.com |
183 KB |
1 |
googleapis.com
fonts.googleapis.com |
612 B |
1 |
pushpal.net
pushpal.net |
2 KB |
1 |
gstatic.com
www.gstatic.com |
219 KB |
1 |
salenita.es
1 redirects
salenita.es |
379 B |
28 | 6 |
Domain | Requested by | |
---|---|---|
20 | prettygifti.com |
prettygifti.com
|
5 | smoothylink.com |
prettygifti.com
|
1 | fonts.googleapis.com |
prettygifti.com
|
1 | pushpal.net |
prettygifti.com
|
1 | www.gstatic.com |
prettygifti.com
|
1 | salenita.es | 1 redirects |
28 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-12-23 - 2020-10-09 |
10 months | crt.sh |
smoothylink.com Sectigo RSA Domain Validation Secure Server CA |
2019-12-16 - 2020-12-15 |
a year | crt.sh |
*.google.com GTS CA 1O1 |
2020-01-14 - 2020-04-07 |
3 months | crt.sh |
pushpal.net Amazon |
2019-10-08 - 2020-11-08 |
a year | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-01-07 - 2020-03-31 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274
Frame ID: DE0551B3E1B8B5848BB7F53D33766B52
Requests: 28 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://salenita.es/?MTU0MDE0MTU4PTI5MDk1JjI1NTQ4NjI9MzgxJjE9Y2xpY2smMW51Ymw5PTgmbGlkPTMzMjc0
HTTP 302
https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&cl... Page URL
Detected technologies
Firebase (Databases) ExpandDetected patterns
- script /\/(?:([\d.]+)\/)?firebase(?:\.min)?\.js/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Moment.js (JavaScript Libraries) Expand
Detected patterns
- script /moment(?:\.min)?\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://salenita.es/?MTU0MDE0MTU4PTI5MDk1JjI1NTQ4NjI9MzgxJjE9Y2xpY2smMW51Ymw5PTgmbGlkPTMzMjc0
HTTP 302
https://prettygifti.com/?s1=Zz04JnQ9SVQmdGlkPTImdG1wPTEyMA==&trk=381_5.253.177.45_1_82.102.19.134&clk=154014158_2554862_33274 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
prettygifti.com/ Redirect Chain
|
30 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common_14_d.css
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ |
21 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ |
118 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
push.js.t%C3%A9l%C3%A9charg%C3%A9
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ |
908 B 373 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase.js.t%C3%A9l%C3%A9charg%C3%A9
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ |
837 KB 207 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moment.js
prettygifti.com/2/ |
147 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
christmas.css
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ |
1 KB 407 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amz.css
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pushpal.js.t%C3%A9l%C3%A9charg%C3%A9
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
prettygifti.com/2/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gift_title_amz.png
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Flag_of_Italy.png
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ |
28 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nX8KhvMmVxCt7y5domlotpXyU7XdczE2hZRkAdXQ.jpeg
smoothylink.com/storage/images/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sCTPTZeB2erkHtjv7oKfaJaqOChxpKBrdkjWuLC7.jpeg
smoothylink.com/storage/images/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tZ0JwOxEmJW2I4CwAS7A906oJRRg5DfJDhUhbXiX.jpeg
smoothylink.com/storage/images/ |
36 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
O3DNTgTJAFY3mFZ3ZYgl67W7MFqoZyceMiUPlQjJ.jpeg
smoothylink.com/storage/images/ |
20 KB 20 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ThJgZJOsyvmF47osUjjokwKfC4nBpGaj1n2kGDdt.jpeg
smoothylink.com/storage/images/ |
114 KB 114 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user.jpg
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
watch_img2.jpg
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ssl_img_new.png
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
block_logo.png
prettygifti.com/2/Reward%20Survey%20-%20We%20Want%20Your%20Opinion!_files/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
prettygifti.com/2/ |
865 B 453 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase.js
www.gstatic.com/firebasejs/5.5.1/ |
837 KB 219 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pushpal.js
pushpal.net/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 612 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light_christmas.png
prettygifti.com/2/ |
219 B 219 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer_chr_2.png
prettygifti.com/2/ |
216 B 216 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
snow_popup.png
prettygifti.com/2/ |
214 B 214 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)47 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery function| loadScript object| core object| __core-js_shared__ object| firebase object| config undefined| token_iid undefined| gender undefined| age undefined| messaging undefined| API_URL undefined| user_id undefined| urlParams undefined| refer_url undefined| country undefined| language undefined| device undefined| interest undefined| source undefined| source2 undefined| browserversion undefined| city undefined| region undefined| brand undefined| model undefined| isp undefined| os undefined| osversion undefined| browser undefined| carrier undefined| hostname undefined| _id undefined| suvey_gender_age_drip_able function| ppGetGender function| ppGetAge function| interactAPI function| saveToken function| moment function| toOffer object| ids function| hideAll function| showDiv function| move function| end1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.prettygifti.com/ | Name: __cfduid Value: d0f26faa65fa29a03abb8ceb0e7af81a71580198955 |
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
prettygifti.com
pushpal.net
salenita.es
smoothylink.com
www.gstatic.com
194.146.57.150
2606:4700:3032::681b:a72b
2a00:1450:4001:818::200a
2a00:1450:4001:81d::2003
34.206.112.42
80.241.213.38
01c4f7e698d8fde6ca2de97a39d051a7196a175984a31bbfda2a106939c6077d
17dd03ab9e625d08ff6965671233ab8fa3fdc2392f29890a2b68f8b8b212cae9
1fd8c0cfffd02e40cecbf9f313d1b86988a342d90bb7d16f1a67544f0064ea0b
20cc93842909e4cc6682334f63d14389ec092a247987f76bf3bd6007c358ce78
2c141dfbbfeeb933eff0a904fe930a4a226b219d80825a31a6a5bd47bb32d9a2
2d07dc950069456f7216f32a6f5d5d299948b021d64035edca161089bf8edc1d
2de4364f02301feaeeeb822db034afd3079b7fd71f6eb03e07f31bff055d76c2
324bd86341fcf12eecbb00ac9c09eba6c8b8d21ad4f2a87b5b0e41e479355609
33ff4b6d1c8fd0a10c0f734a9df644ab4f664e8a31d1288bfa5ceed15791d86a
3976a08224d37ae5b8f76295f91191232596b2feced93dabb8f80275313f2386
554ac9818d3fbfa67d17df900a6a3dce558a56f91eba85ba44a6fab64947accc
6412961618ca0cff5c1ec20c03e2a29a0ab33e9632b53563914a726ee6f1932c
699b484c6187f3b2ab0d3f84ea5b1a5f92ec276a4e14d4bd757a01a7c7586deb
7332901e7fcfe023c5486ebb67ba9d298d1e10e264520825c32ca7e863229868
8211af3816cb883136c6894edbbdeb000596dc9b5e16a835bbaf88df34b20400
8abc7f86359a205f29a3f58438ba9bd95908c87251d30be160a6277340a12023
a1e86679b65dc143394d201d05e2caf87077a72229c2e3fa0c3d9741a23bd289
b0f15649b2e9d79915b15eb84a00e9023c32e8a1795347ecf3701737fc5ab12d
b6c9c2dda65e7d40f66814a3d3cda429811eb9426f50d376ea0707b2eab6dc3e
b822b3c2ea17bdfbccc4dd6e44421f0e69b6e7e9350944bc2272ac198fa3f171
b988f7952b7c5b2b90206063454b2cf785c9e2b8cf15cb97a872db93a15d4e77
c25e884cfae8bc67c62a7b164dd382014dc74a64cc7bb2d4d7b8f92f5dad11a7
d86cbe5e31b724b70b0604fdadceeeca663c65835029cf506a6e30b737cd3bae
f782a620f19b1476cc555cbb6e176d69aac1aea96208480add5cf9414ce1eb8c
fd2dda7485a9fef032f36694a1168141fbd485f1704eabca64e4a02d3ae14c9a
fd7ca55b769c5f9856e8f0a39dc3c7d96df5d716261f890381ea03c3d92dd7b0