replicadash.sbs
Open in
urlscan Pro
2a06:98c1:3120::3
Malicious Activity!
Public Scan
Effective URL: https://replicadash.sbs/?s1=350359&s2=1151603280&s3=2565&s4=GIZA&ow=&s10=3595
Submission: On March 05 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on March 3rd 2024. Valid for: 3 months.
This is the only time replicadash.sbs was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Customer Survey Spam (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 54.231.203.41 54.231.203.41 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 146.190.102.210 146.190.102.210 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 45.139.123.67 45.139.123.67 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL) | |
20 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
30 | 5 |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
impnztesiaye.s3.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
replicadash.sbs
replicadash.sbs |
144 KB |
2 |
artvalvas.net
lilw.artvalvas.net |
1 KB |
1 |
echoestune.com
echoestune.com |
437 B |
1 |
amazonaws.com
impnztesiaye.s3.amazonaws.com |
554 B |
30 | 4 |
Domain | Requested by | |
---|---|---|
20 | replicadash.sbs |
echoestune.com
replicadash.sbs |
2 | lilw.artvalvas.net |
impnztesiaye.s3.amazonaws.com
lilw.artvalvas.net |
1 | echoestune.com |
lilw.artvalvas.net
|
1 | impnztesiaye.s3.amazonaws.com | |
30 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.s3.amazonaws.com Amazon RSA 2048 M01 |
2023-10-10 - 2024-07-03 |
9 months | crt.sh |
echoestune.com R3 |
2024-01-30 - 2024-04-29 |
3 months | crt.sh |
replicadash.sbs GTS CA 1P5 |
2024-03-03 - 2024-06-01 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://replicadash.sbs/?s1=350359&s2=1151603280&s3=2565&s4=GIZA&ow=&s10=3595
Frame ID: 43AABE10C86AED7904153144CA854B57
Requests: 30 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://impnztesiaye.s3.amazonaws.com/impnztesiaye.html Page URL
- http://lilw.artvalvas.net/rd/4WLMRm6568FXUa468xxvskiedrs1581MYVMPKNWLWXWVJP1570/725518e21 Page URL
- http://lilw.artvalvas.net/t/4WLMRm6568FXUa468xxvskiedrs1581MYVMPKNWLWXWVJP1570/725518e21 Page URL
- https://echoestune.com/0/0/0/da3ebcfddb2decce404cbde0ccc7619c/21/468-6568/1581-1570-725518 Page URL
- https://replicadash.sbs/?s1=350359&s2=1151603280&s3=2565&s4=GIZA&ow=&s10=3595 Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://impnztesiaye.s3.amazonaws.com/impnztesiaye.html Page URL
- http://lilw.artvalvas.net/rd/4WLMRm6568FXUa468xxvskiedrs1581MYVMPKNWLWXWVJP1570/725518e21 Page URL
- http://lilw.artvalvas.net/t/4WLMRm6568FXUa468xxvskiedrs1581MYVMPKNWLWXWVJP1570/725518e21 Page URL
- https://echoestune.com/0/0/0/da3ebcfddb2decce404cbde0ccc7619c/21/468-6568/1581-1570-725518 Page URL
- https://replicadash.sbs/?s1=350359&s2=1151603280&s3=2565&s4=GIZA&ow=&s10=3595 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
impnztesiaye.html
impnztesiaye.s3.amazonaws.com/ |
160 B 554 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
725518e21
lilw.artvalvas.net/rd/4WLMRm6568FXUa468xxvskiedrs1581MYVMPKNWLWXWVJP1570/ |
235 B 489 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
725518e21
lilw.artvalvas.net/t/4WLMRm6568FXUa468xxvskiedrs1581MYVMPKNWLWXWVJP1570/ |
306 B 560 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1581-1570-725518
echoestune.com/0/0/0/da3ebcfddb2decce404cbde0ccc7619c/21/468-6568/ |
140 B 437 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
replicadash.sbs/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a47cb1abcf9955f8ec1de38117dc2907
replicadash.sbs/ |
57 KB 19 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.css
replicadash.sbs/assets/js/vendor/bootstrap/css/ |
141 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
all.css
replicadash.sbs/assets/vendors/fontawesome/css/ |
72 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
common-hybrid.css
replicadash.sbs/assets/css/giza/dist/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
msg.v3.js
replicadash.sbs/inc/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bredband-ice-logo.png
replicadash.sbs/uploads/archive/company/410/images/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
flag-de.png
replicadash.sbs/assets/images/flags/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
check.svg
replicadash.sbs/assets/images/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ci3.jpg
replicadash.sbs/assets/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vicon.png
replicadash.sbs/assets/images/ |
972 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ci17.jpg
replicadash.sbs/assets/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ci29.jpg
replicadash.sbs/assets/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ci13.jpg
replicadash.sbs/assets/images/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ci25.jpg
replicadash.sbs/assets/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ci21.jpg
replicadash.sbs/assets/images/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ci11.jpg
replicadash.sbs/assets/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ci35.jpg
replicadash.sbs/assets/images/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
x.png
replicadash.sbs/assets/images/common/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
email-decode.min.js
replicadash.sbs/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-3.4.1.min.js
replicadash.sbs/assets/js/vendor/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.js
replicadash.sbs/assets/js/vendor/bootstrap/js/ |
48 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
functions.js
replicadash.sbs/assets/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
gbvar.js
replicadash.sbs/assets/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
intl_functions.js
replicadash.sbs/assets/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
common-hybrid.js
replicadash.sbs/assets/js/giza/dist/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- replicadash.sbs
- URL
- https://replicadash.sbs/assets/css/giza/dist/common-hybrid.css?v=1f9e27e6941315cf2e727c744bf5da66
- Domain
- replicadash.sbs
- URL
- https://replicadash.sbs/inc/msg.v3.js?65e75df272423
- Domain
- replicadash.sbs
- URL
- https://replicadash.sbs/assets/js/functions.js?v=1f9e27e6941315cf2e727c744bf5da66
- Domain
- replicadash.sbs
- URL
- https://replicadash.sbs/assets/js/gbvar.js?v=49
- Domain
- replicadash.sbs
- URL
- https://replicadash.sbs/assets/js/intl_functions.js?v=1f9e27e6941315cf2e727c744bf5da66
- Domain
- replicadash.sbs
- URL
- https://replicadash.sbs/assets/js/giza/dist/common-hybrid.js?v=1f9e27e6941315cf2e727c744bf5da66
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Customer Survey Spam (Consumer)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| _0x4eba function| _0x3ccf2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
echoestune.com/ | Name: uid2565 Value: 1151603280-20240305130120-5ba165a6bc31abaff6de694727ce6d09-3644 |
|
replicadash.sbs/ | Name: PHPSESSID Value: 3bade05baf174ff1df3b0940047d85e1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
echoestune.com
impnztesiaye.s3.amazonaws.com
lilw.artvalvas.net
replicadash.sbs
replicadash.sbs
146.190.102.210
2a06:98c1:3120::3
45.139.123.67
54.231.203.41
10ba49eb3165c20fb10cb5b2abc25543b9876aa66914075d33f2818e990b6436
1fd65fd757a11fa25900759e3e24763d02649a2de7d0cbc00f2cae6e9ec5d110
249fd954ee073b4596065bcf075f3f469029f16cdbf37b60d611407e8e4469ea
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
4746ae0e52f56d36f02f11e290a5e90b9cdb00935b49e0f4e3dad24edda473e6
48b6803dc69737cad86905052c453344f8725d7b2d9009077b087d526ce74d1b
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
5157378a4441bc07c005f21b99d77d0c6406d86a2a55eeca84304941f8645182
7c057ba06a777e9e0405766d40f25f4774199b15cc9fd21d393d4a75d5c7140c
983b44573bb03fc79b0acf38881ec254127a02913e0f418887a68a9e6bfb1f63
b7d826bf62262fb8d66325774d1cefd98501ab9e70d614f2c140e5762edcea08
b902eec0b1fdf27ccd39b06e13ea1c5cd1ca51d7eb721eff09817e6d821442ad
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
c86fc6524af3fab1567a1206ea20eca001d2b8eaa06b1fef573a7319f45c467c
dba8f9dfea5bada9ef456b4518fba0c7185a4c6ed0f6c9bda71e9c5b11a5342e
dca6865d61263f859163bd345931bc032ef3c7e090c8e35ff9ae0731811d5bca
e76803c59c910dabc01ef803f9064c86bc4128de152874796a1f3947c4b25662
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f8ea74221ac765638936628340aaf91d78b40a82277de5a6c615b4c35a6f3b8b