afinternationalbd.com
Open in
urlscan Pro
204.197.251.120
Malicious Activity!
Public Scan
Submitted URL: https://f4c1e2ad9652405eb7af055116630b18.svc.dynamics.com/t/r/v6FPC9XeDyn6UJhsU97xabGavJcIjjtBbAn6XrZdRsA
Effective URL: https://afinternationalbd.com/home/vector.php?carp=040404
Submission: On July 20 via manual from IN
Effective URL: https://afinternationalbd.com/home/vector.php?carp=040404
Submission: On July 20 via manual from IN
Summary
This website contacted 4 IPs
in 2 countries
across 4 domains to perform 22 HTTP transactions.
The main IP is 204.197.251.120, located in
United States and
belongs to PRIVATESYSTEMS, US.
The main domain is afinternationalbd.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 6th 2021. Valid for: 3 months.
This is the only time afinternationalbd.com was scanned on urlscan.io!
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 6th 2021. Valid for: 3 months.
This is the only time afinternationalbd.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Office 365 (Online)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 104.40.78.147 104.40.78.147 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 17 | 204.197.251.120 204.197.251.120 | 63410 (PRIVATESY...) (PRIVATESYSTEMS) | |
| 3 | 2a00:1450:400... 2a00:1450:4001:831::200a | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:800::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:812::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 22 | 4 |
1
104.40.78.147
(San Jose, United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| f4c1e2ad9652405eb7af055116630b18.svc.dynamics.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 17 |
afinternationalbd.com
afinternationalbd.com |
2 MB |
| 3 |
googleapis.com
fonts.googleapis.com |
3 KB |
| 2 |
gstatic.com
fonts.gstatic.com |
29 KB |
| 1 |
dynamics.com
1 redirects
f4c1e2ad9652405eb7af055116630b18.svc.dynamics.com |
485 B |
| 22 | 4 |
| Domain | Requested by | |
|---|---|---|
| 17 | afinternationalbd.com |
afinternationalbd.com
|
| 3 | fonts.googleapis.com |
afinternationalbd.com
|
| 2 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | f4c1e2ad9652405eb7af055116630b18.svc.dynamics.com | 1 redirects |
| 22 | 4 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| afinternationalbd.com cPanel, Inc. Certification Authority |
2021-06-06 - 2021-09-04 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1O1 |
2021-06-28 - 2021-09-20 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2021-06-22 - 2021-09-14 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://afinternationalbd.com/home/vector.php?carp=040404
Frame ID: 0020631A7587B03F9A2439A7D5F06498
Requests: 22 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://f4c1e2ad9652405eb7af055116630b18.svc.dynamics.com/t/r/v6FPC9XeDyn6UJhsU97xabGavJcIjjtBbAn6XrZdRsA
HTTP 302
https://afinternationalbd.com/home/vector.php?carp=040404 Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
animate.css (Web Frameworks) Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
OWL Carousel
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
- script /owl\.carousel.*\.js/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i
- script /owl\.carousel.*\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://f4c1e2ad9652405eb7af055116630b18.svc.dynamics.com/t/r/v6FPC9XeDyn6UJhsU97xabGavJcIjjtBbAn6XrZdRsA
HTTP 302
https://afinternationalbd.com/home/vector.php?carp=040404 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
vector.php
afinternationalbd.com/home/ Redirect Chain
|
5 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
22 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.css
afinternationalbd.com/home/assets/css/ |
141 KB 142 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
all.min.css
afinternationalbd.com/home/assets/css/ |
56 KB 56 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
animate.css
afinternationalbd.com/home/assets/css/ |
79 KB 80 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
owl.carousel.min.css
afinternationalbd.com/home/assets/plugins/slider/css/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
owl.theme.default.css
afinternationalbd.com/home/assets/plugins/slider/css/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
afinternationalbd.com/home/assets/css/ |
10 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
art-direction.png
afinternationalbd.com/home/assets/images/ |
214 KB 214 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
nt.jpg
afinternationalbd.com/home/assets/images/ |
674 B 916 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo.png
afinternationalbd.com/home/assets/images/ |
34 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-3.2.1.min.js
afinternationalbd.com/home/assets/js/ |
85 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
popper.min.js
afinternationalbd.com/home/assets/js/ |
19 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.js
afinternationalbd.com/home/assets/js/ |
48 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-scrolltofixed-min.js
afinternationalbd.com/home/assets/plugins/scroll-fixed/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
owl.carousel.min.js
afinternationalbd.com/home/assets/plugins/slider/js/ |
42 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
script.js
afinternationalbd.com/home/assets/js/ |
727 B 981 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
css
fonts.googleapis.com/ |
6 KB 648 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
css
fonts.googleapis.com/ |
9 KB 753 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
v.gif
afinternationalbd.com/home/assets/images/ |
1 MB 1 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Office 365 (Online)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| Popper object| bootstrap0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
afinternationalbd.com
f4c1e2ad9652405eb7af055116630b18.svc.dynamics.com
fonts.googleapis.com
fonts.gstatic.com
104.40.78.147
204.197.251.120
2a00:1450:4001:800::2003
2a00:1450:4001:812::2003
2a00:1450:4001:831::200a
0883ffacfd4c998ca72bcaac0bfa192ea0c9cd0db257c03a3ef83d5df5fe8a7c
2a5d6f434ca2a1ee89ea27668f9e6a18d8283ab28e4c987859815d9a2567bd9c
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2c80946ac7f16a2f05e1eada7e105651381e3d7ba9e07d555ab52c5fa8609390
42c96e75988266ffe1bd9d531c2e920cb0b4583b734c6050b11468e13b8039d1
547c0b62d173846604f91235302fd1d7a31083d58c74014b9b0d68f6308e13b3
68c71219bdbe57d40b8871cf280843285f6b27dfc13231b39d9c0b6caf378926
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
8864f83325db89c90cdbaac91d4a05a196968594e4564a657231aa010bb894ee
9f79f33e6422447b91059192452a123b2d5b4f05993eb50df73b351eb75d460f
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a6b23d5249774944dc40ad8877f441277ef10ce618fb28df5a7b28ee8b14aced
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b508a39e1d80f8843ca9774700f6fe60b158c094835f09f47209affa36237ec8
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c9b46437d7418e1712daaad6d73fa17c2c6afb5681770c90339c25428415b7fd
d37676fd7b04f32abd7d3aa6ca96643ce4163ede9cc7f05be42f671fce5d7fef
d7051faafa76e4d173cf2722cb402dae1f2ca6e13dcf11ddf5355b9c0a9c5d41
db163d9468eaec9c0c440474152ada5e53d8c781e84ddb5b250d365ab5b55bb7
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ede1466795eb4042a622781a4b5f0e8e12a93257b6dc5deae7deaaf4d2b33a5e
f11ed90b40e2b67e8dd5117ffcfaee8ede0a7bbc0fd99e1d1912580a79fe5b4a