mee6-verification.xyz
Open in
urlscan Pro
2a06:98c1:3121::c
Malicious Activity!
Public Scan
Submission Tags: https://sinking.yachts sinking-yachts phishing Search All
Submission: On February 20 via api from US — Scanned from NL
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 13th 2023. Valid for: a year.
This is the only time mee6-verification.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Community Verdicts: Malicious — 1 votes Show Verdicts
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2a06:98c1:312... 2a06:98c1:3121::c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a02:26f0:350... 2a02:26f0:3500:16::215:148f | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 162.159.128.232 162.159.128.232 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a02:26f0:11a... 2a02:26f0:11a::6867:4832 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
6 | 5 |
ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
discordapp.net
media.discordapp.net — Cisco Umbrella Rank: 5781 |
2 MB |
2 |
typekit.net
use.typekit.net — Cisco Umbrella Rank: 440 p.typekit.net — Cisco Umbrella Rank: 577 |
1 KB |
1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2334 |
25 KB |
1 |
mee6-verification.xyz
mee6-verification.xyz |
1 KB |
6 | 4 |
Domain | Requested by | |
---|---|---|
2 | media.discordapp.net |
mee6-verification.xyz
|
1 | p.typekit.net |
use.typekit.net
|
1 | use.typekit.net |
mee6-verification.xyz
|
1 | stackpath.bootstrapcdn.com |
mee6-verification.xyz
|
1 | mee6-verification.xyz | |
6 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-02-13 - 2024-02-12 |
a year | crt.sh |
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-09-14 - 2023-10-15 |
a year | crt.sh |
discordapp.net Cloudflare Inc ECC CA-3 |
2022-10-03 - 2023-10-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://mee6-verification.xyz/
Frame ID: 41FF308C47EB84AE0937CAFC70022D23
Requests: 6 HTTP requests in this frame
Screenshot
Page Title
Discord ConfirmationDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Typekit (Font Scripts) Expand
Detected patterns
- <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
mee6-verification.xyz/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/ |
157 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
joc7wli.css
use.typekit.net/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
755244169898885160.gif
media.discordapp.net/attachments/851389970840944640/851390759998586910/ |
1 MB 1 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.css
p.typekit.net/ |
5 B 181 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
755243061088616458.gif
media.discordapp.net/attachments/851389970840944640/851390664788934656/ |
1 MB 1 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Malicious
task.url
Submitted on
February 20th 2023, 9:51:15 pm
UTC —
From United States
Threats:
Phishing
Scam
Comment: This domain is present in the Sinking Yachts anti-phishing list. More Info: https://sinking.yachts
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.discordapp.net/ | Name: __cfruid Value: 89741a67868731589bf0258c3cd726798e1781ea-1676929866 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
media.discordapp.net
mee6-verification.xyz
p.typekit.net
stackpath.bootstrapcdn.com
use.typekit.net
162.159.128.232
2606:4700::6812:bcf
2a02:26f0:11a::6867:4832
2a02:26f0:3500:16::215:148f
2a06:98c1:3121::c
114e67405826448c9a4cbde3d543c2382e40dcab06dfa046889a8decfb7cdc57
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
82d5c8126fceb14a7c701ee0410044b256bfcdc7aaf147d6c3186bca42709061
8c0386b9e97ef5f685a69ebda001e2cc21fd9ca77ed1025bed07bd31ef71ed41
f81e626efeacfaacbf060eb78a0bbe6daa0d1de15cb9ab4a31578b60d715ef4e