search.vancubwhy.live
Open in
urlscan Pro
185.155.186.26
Malicious Activity!
Public Scan
Effective URL: https://search.vancubwhy.live/nytrgotq/?utm_campaign=VJs2EGUVTg8_uKzVQPPwwUeB-7yIeD3phNgLVq29j2I1&m=1&cid=cqk08k2jvq35pto1pod0...
Submission: On July 29 via manual from GB — Scanned from GB
Summary
TLS certificate: Issued by E6 on July 20th 2024. Valid for: 3 months.
This is the only time search.vancubwhy.live was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Google (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 185.215.36.78 185.215.36.78 | 6908 (DATAHOP D...) (DATAHOP Datahop - Six Degrees) | |
1 1 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 185.155.184.85 185.155.184.85 | 6898 (AS-6898 C...) (AS-6898 C41.CH SAGL - LUGANO Data Center) | |
27 | 185.155.186.26 185.155.186.26 | 203639 (TEKNOLOGY) (TEKNOLOGY) | |
1 | 136.243.216.235 136.243.216.235 | 24940 (HETZNER-AS) (HETZNER-AS) | |
30 | 3 |
ASN6908 (DATAHOP Datahop - Six Degrees, GB)
PTR: swift21.swiftinter.net
www.langleyband.co.uk |
ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH)
vipbonusgain.life |
ASN24940 (HETZNER-AS, DE)
PTR: static.235.216.243.136.clients.your-server.de
jsontdsexit2.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
vancubwhy.live
search.vancubwhy.live |
299 KB |
2 |
vipbonusgain.life
vipbonusgain.life |
61 KB |
1 |
jsontdsexit2.com
jsontdsexit2.com — Cisco Umbrella Rank: 410365 |
416 B |
1 |
dns-routing.net
1 redirects
dns-routing.net |
520 B |
1 |
langleyband.co.uk
1 redirects
www.langleyband.co.uk |
433 B |
30 | 5 |
Domain | Requested by | |
---|---|---|
27 | search.vancubwhy.live |
vipbonusgain.life
search.vancubwhy.live |
2 | vipbonusgain.life | |
1 | jsontdsexit2.com |
search.vancubwhy.live
|
1 | dns-routing.net | 1 redirects |
1 | www.langleyband.co.uk | 1 redirects |
30 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
vipbonusgain.life R11 |
2024-07-17 - 2024-10-15 |
3 months | crt.sh |
vancubwhy.live E6 |
2024-07-20 - 2024-10-18 |
3 months | crt.sh |
jsontdsexit2.com E5 |
2024-07-19 - 2024-10-17 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://search.vancubwhy.live/nytrgotq/?utm_campaign=VJs2EGUVTg8_uKzVQPPwwUeB-7yIeD3phNgLVq29j2I1&m=1&cid=cqk08k2jvq35pto1pod0&f=1&sid=t4~4nf2onk1wj3tom4aggg0c5v0&fp=yvwj7KzmDAwZMlaUptMLoQ%3D%3D
Frame ID: 1A73CB742DE56CA22FACCDD1E05FE605
Requests: 30 HTTP requests in this frame
Screenshot
Page Title
2024 Annual Visitor SurveyPage URL History Show full URLs
-
https://www.langleyband.co.uk/
HTTP 302
https://dns-routing.net/?cqk08k2jvq35pto1pod0 HTTP 302
https://vipbonusgain.life/?utm_campaign=VJs2EGUVTg8_uKzVQPPwwUeB-7yIeD3phNgLVq29j2I1&m=1&cid=cqk08k2jv... Page URL
- https://search.vancubwhy.live/nytrgotq/?utm_campaign=VJs2EGUVTg8_uKzVQPPwwUeB-7yIeD3phNgLVq29j2I1&m=1&cid=... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.langleyband.co.uk/
HTTP 302
https://dns-routing.net/?cqk08k2jvq35pto1pod0 HTTP 302
https://vipbonusgain.life/?utm_campaign=VJs2EGUVTg8_uKzVQPPwwUeB-7yIeD3phNgLVq29j2I1&m=1&cid=cqk08k2jvq35pto1pod0 Page URL
- https://search.vancubwhy.live/nytrgotq/?utm_campaign=VJs2EGUVTg8_uKzVQPPwwUeB-7yIeD3phNgLVq29j2I1&m=1&cid=cqk08k2jvq35pto1pod0&f=1&sid=t4~4nf2onk1wj3tom4aggg0c5v0&fp=yvwj7KzmDAwZMlaUptMLoQ%3D%3D Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://www.langleyband.co.uk/ HTTP 302
- https://dns-routing.net/?cqk08k2jvq35pto1pod0 HTTP 302
- https://vipbonusgain.life/?utm_campaign=VJs2EGUVTg8_uKzVQPPwwUeB-7yIeD3phNgLVq29j2I1&m=1&cid=cqk08k2jvq35pto1pod0
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
vipbonusgain.life/ Redirect Chain
|
60 KB 61 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
search.vancubwhy.live/nytrgotq/ |
15 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
vipbonusgain.life/ |
0 136 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-mini.css
search.vancubwhy.live/media/mainstream/all/mb/ |
10 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome-mini.css
search.vancubwhy.live/media/mainstream/all/mb/ |
2 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main-like.css
search.vancubwhy.live/media/mainstream/all/mb/ |
7 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
search.vancubwhy.live/media/mainstream/all/mb/ |
85 KB 85 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.js
search.vancubwhy.live/media/mainstream/all/mb/ |
12 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
8.js
search.vancubwhy.live/media/mainstream/all/mb/ |
6 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
u.js
search.vancubwhy.live/media/mainstream/ |
23 KB 24 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_f01.png
search.vancubwhy.live/media/mainstream/all/mb/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.js
search.vancubwhy.live/media/mainstream/all/mb/ |
15 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3.js
search.vancubwhy.live/media/mainstream/all/mb/ |
15 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aldi2.png
search.vancubwhy.live/media/mainstream/all/mb/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img1.jpg
search.vancubwhy.live/media/mainstream/all/mb/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img2.jpg
search.vancubwhy.live/media/mainstream/all/mb/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3temv7e.jpg
search.vancubwhy.live/media/mainstream/all/mb/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
9PH2QqX.jpg
search.vancubwhy.live/media/mainstream/all/mb/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EKZrmbS.jpg
search.vancubwhy.live/media/mainstream/all/mb/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
KqX499j.png
search.vancubwhy.live/media/mainstream/all/mb/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DsrKpkj.jpg
search.vancubwhy.live/media/mainstream/all/mb/ |
1 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
plR22yu.jpg
search.vancubwhy.live/media/mainstream/all/mb/ |
1017 B 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
4.js
search.vancubwhy.live/media/mainstream/all/mb/ |
679 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5.js
search.vancubwhy.live/media/mainstream/all/mb/ |
12 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6.js
search.vancubwhy.live/media/mainstream/all/mb/ |
28 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
7.js
search.vancubwhy.live/media/mainstream/all/mb/ |
8 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
getextparams
jsontdsexit2.com/ExtService.svc/ |
472 B 416 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chrome58x58.png
search.vancubwhy.live/media/mainstream/us/wap/mobsurvey/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
alert.mp3
search.vancubwhy.live/media/mainstream/ |
9 KB 9 KB |
XHR
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
search.vancubwhy.live/ |
0 107 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Google (Online)92 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| requestLink object| geoInfo string| ip string| devInfo function| $ function| jQuery function| _0xc564 function| _0x1ac3e6 function| _0x1b24 function| detect_language function| faviconPulse function| geoip_city function| loadJSON function| loadTextFileAjaxSync object| locationJSON string| sMobile string| sDesktop function| isMobileDevice string| sound function| _0x2716 function| _0x1281 function| returnDate function| _0x58f5f8 function| getCookie function| getBackendParamsByName function| addSessionId function| returnSessionId number| exDays function| wireUpEvents function| getUrlParameter function| _0x220e string| exitsplashpage function| _0x474f function| getUrlWithParam function| DisplayExitSplash function| addLoadEvent function| addClickEvent function| disablelinksfunc function| disableformsfunc function| prevent function| getParameterByName function| languageDetection function| writeLocation function| showLocation function| docReady function| Cookies function| _0x49ff33 function| _0x41af string| nAgt string| browserName number| verOffset function| _0xc3b8 function| _0xf2f28d function| _0x546c function| _0xe019 function| FBcom function| handleIntersection object| observer object| targetElement function| _0x510a23 object| canvas1 object| ctx number| W number| H number| mp number| animationHandler object| particles number| angle number| tiltAngle boolean| confettiActive object| particleColors function| confettiParticle function| InitializeButton function| SetGlobals function| InitializeConfetti function| Draw function| RandomFromTo function| _0x5186 function| Update function| CheckForReposition function| _0x9e7e function| stepParticle function| repositionParticle function| StartConfetti function| ClearTimers function| DeactivateConfetti function| StopConfetti function| RestartConfetti function| requestAnimFrame function| _0x59ea function| _0x4b9a08 function| _0x42205 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.langleyband.co.uk/ | Name: PHPSESSID Value: rciacekq1p1nrnqi72nbbfkcrr |
|
www.langleyband.co.uk/ | Name: wpsc_customer_cookie_e74c35ac7f083e56a17f837fa754a362 Value: 609536%7C1722459983%7C7bd9065209807c6bbbe2ce00420d6ded |
|
vipbonusgain.life/ | Name: sid Value: t4~4nf2onk1wj3tom4aggg0c5v0 |
|
vipbonusgain.life/ | Name: p1 Value: https://vancubwhy.live/nytrgotq/ |
|
vipbonusgain.life/ | Name: s1 Value: yo7hvva01zzg8tmr |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dns-routing.net
jsontdsexit2.com
search.vancubwhy.live
vipbonusgain.life
www.langleyband.co.uk
136.243.216.235
185.155.184.85
185.155.186.26
185.215.36.78
188.114.96.3
03764aa86cdd3dde4d2441b90a813d055e9f8af852d849ff18bc148b9554549b
3219e9b5673785cb942331858ef7eee4924ac34c885f2f11533c52b2ec622784
388e1eb0cb648490ea1c4913f4ea3128f3fbfbda0608bf85e471d947db905302
4a38335b55379462b766727785b7505320bcc608f7c9c8890b7bf70513570624
7a94681a57ec6c39e857fcaa26418de63c5e93b827f0fa1e44d3da3b7d3c2a7d
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
8bb11ce1179082b22a0c4c2411bb65a4946949ae498b9d8ad836862594e2f85d
91e5c1968eee9298437a097fd47978a077d667e086593ab0fd7988ef60d2ddf4
9545948eefe774be5121de01ef9c14207891c35116bba14056471a59e4c212a1
9d3497a2d77fdd3eeeca1fa511771f641dd2cf62380a65513c1c9c81ffa0c856
9fb377b3f22e990e3b90997f33cf34f8f3602a816ab3a5b9b0c51e8c1df56983
aa05de326a8afd2a7b16c253d8c10fc41857b474f23a814ffa7684d4ef17c1a9
aea3443ffa2df4454daac365b37a61f9b9b1ba24dc0899ff3afca9f770765ce0
b2134512608af652a98e1fa0528865c9ed7bfbc0776865fbbbf3ea552260ff46
b31317c3e7816470c11e8c1060d770b0c79f84c65f800512a83062d69f80caed
ba858c8ecc8f498253509a9251e5070ce3b3ad9950b704a22a9a1fb1efc62541
d79bc81189750262716692ade6cc4d6fb6c4fbc4aa01c2b9d0aa67e5788821fc
da6b9222d60f021de37dbcfb23d67a505271716c8105a3507e94160a51db8a14
dc211fc5aaf09e6247f24d7cc75e542d6a2f009f10e4f220836ade12c639840e
df13515853ed2541b20a4ff5dc48ed81abc416f3633de894e6e685d54dcf634f
e157b45ed9a28fe95914f413692e496fc0a04a4191f22492ff3a8296fbaeda47
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3da7d20be42da6e260d3085d2a3f3965a549065345ee2d139e28625104e2393
e7eb3ba41e31f5d9710bb64a87a5e9e7664143a95f68d0f357fe0d4252bb58d5
eb9fe798331b592bd8fc54d5ede3ac19e961b5aa7c2dffb3dbb17ce5fcb88e01
f2ead250f003ad44fad41af0a1554922e31ab930fa86d90a8f2df62c048c2843
fa07d78345204bf48b255523990b544e1b28f9a7810aaf2b8a5a356d05575205