![](/screenshots/02c15cf1-76a3-42b5-a1ba-ed74cacaf801.png)
yutube.cam
Open in
urlscan Pro
66.29.141.190
Malicious Activity!
Public Scan
Submission: On July 08 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 25th 2023. Valid for: a year.
This is the only time yutube.cam was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Porn Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 66.29.141.190 66.29.141.190 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
2 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
11 | 4 |
ASN22612 (NAMECHEAP-NET, US)
PTR: premium220-2.web-hosting.com
yutube.cam |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
yutube.cam
yutube.cam |
330 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1359 |
36 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 277 |
27 KB |
0 |
foxygirluv.com
Failed
foxygirluv.com Failed |
|
11 | 4 |
Domain | Requested by | |
---|---|---|
6 | yutube.cam |
yutube.cam
|
2 | maxcdn.bootstrapcdn.com |
yutube.cam
|
1 | cdnjs.cloudflare.com |
yutube.cam
|
0 | foxygirluv.com Failed | |
11 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
yutube.cam Sectigo RSA Domain Validation Secure Server CA |
2023-11-25 - 2024-11-25 |
a year | crt.sh |
bootstrapcdn.com GTS CA 1P5 |
2024-05-25 - 2024-08-23 |
3 months | crt.sh |
cdnjs.cloudflare.com E1 |
2024-06-02 - 2024-08-31 |
3 months | crt.sh |
This page contains 1 frames:
Frame:
https://foxygirluv.com/?utm_source=JEtZ5lofd8dfO&utm_campaign=alemong
Frame ID: D24A204362F51986C2E050270E26C0E4
Requests: 14 HTTP requests in this frame
Screenshot
![](/screenshots/02c15cf1-76a3-42b5-a1ba-ed74cacaf801.png)
Page Title
foxygirluv.comDetected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
yutube.cam/ |
1 KB 704 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ |
118 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
yutube.cam/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.gif
yutube.cam/ |
320 KB 320 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.2/ |
84 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ |
36 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
yutube.cam/ |
223 B 374 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.jpg
yutube.cam/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
yutube.cam/ |
1 KB 1 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
foxygirluv.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
5 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
155 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
foxygirluv.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- foxygirluv.com
- URL
- https://foxygirluv.com/?utm_source=JEtZ5lofd8dfO&utm_campaign=alemong
- Domain
- foxygirluv.com
- URL
- https://foxygirluv.com/?utm_source=JEtZ5lofd8dfO&utm_campaign=alemong
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Porn Scam (Online)51 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence function| onResize function| setupMobileNav function| assert function| CollisionBox function| Runner function| GeneratedSoundFx function| announcePhrase function| getA11yString function| getRandomNum function| vibrate function| createCanvas function| decodeBase64ToArrayBuffer function| getTimeStamp function| GameOverPanel function| checkForCollision function| createAdjustedCollisionBox function| drawCollisionBoxes function| boxCompare function| Obstacle function| Trex function| DistanceMeter function| Cloud function| BackgroundEl function| NightMode function| HorizonLine function| Horizon function| toggleHelpBox function| diagnoseErrors function| portalSignin function| updateForDnsProbe function| updateIconClass function| reloadButtonClick function| downloadButtonClick function| detailsButtonClick function| setAutoFetchState function| savePageLaterClick function| cancelSavePageClick function| toggleErrorInformationPopup function| launchDownloadsPage function| toggleOfflineContentListVisibility function| onDocumentLoadOrUpdate function| onDocumentLoad function| jstGetTemplate function| JsEvalContext function| jstProcess object| loadTimeDataRaw object| certificateErrorPageController object| errorPageController object| supervisedUserErrorPageController0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
foxygirluv.com
maxcdn.bootstrapcdn.com
yutube.cam
foxygirluv.com
2606:4700::6811:190e
2606:4700::6812:bcf
66.29.141.190
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
0d200aaab5d1273fcd990e2a567a7c45036aacef3ce80559990e3052f643ac2a
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
4140e9881c9efc0ffcf3ab55000a12d0a8f6a7d0d5e0b71fdead65c5fbd92ba6
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
9b46174b0e7dc93d7cd6c5403f8bc4b99614b641b2115e95bd874b29795f0509
d420d63692c08b3e81350bbc773084aa1a7550a164a45f324fda2dc51885546a
db9f54a16b24701002055d7f26e8b5f3c2cb29a73475f2ff43466c6dc6417ff0
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c