bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link
Open in
urlscan Pro
2602:fea2:2::1
Malicious Activity!
Public Scan
Submission: On March 29 via automatic, source phishtank — Scanned from DE
Summary
TLS certificate: Issued by R3 on February 6th 2024. Valid for: 3 months.
This is the only time bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Email (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2602:fea2:2::1 2602:fea2:2::1 | 40680 (PROTOCOL) (PROTOCOL) | |
4 | 2606:4700:310... 2606:4700:3108::ac42:2911 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
15 | 3 |
ASN40680 (PROTOCOL, US)
bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link |
ASN13335 (CLOUDFLARENET, US)
internationalyachtchartergroup.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
internationalyachtchartergroup.com
internationalyachtchartergroup.com |
36 KB |
1 |
dweb.link
bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link |
318 KB |
0 |
autofer.site
Failed
autofer.site Failed |
|
15 | 3 |
Domain | Requested by | |
---|---|---|
4 | internationalyachtchartergroup.com |
bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link
internationalyachtchartergroup.com |
1 | bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link | |
0 | autofer.site Failed |
bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link
|
15 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
dweb.link R3 |
2024-02-06 - 2024-05-06 |
3 months | crt.sh |
internationalyachtchartergroup.com E1 |
2024-03-18 - 2024-06-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link/
Frame ID: A9D5B8D8BC4E303BB3AE58929441BFF6
Requests: 16 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link/ |
3 MB 318 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.min.css
internationalyachtchartergroup.com/webmail/skins/larry/ |
53 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery-3.2.1.min.js
autofer.site/myjs/vendor/jquery/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
animsition.min.js
autofer.site/myjs/vendor/animsition/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
popper.js
autofer.site/myjs/vendor/bootstrap/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
bootstrap.min.js
autofer.site/myjs/vendor/bootstrap/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
select2.min.js
autofer.site/myjs/vendor/select2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
moment.min.js
autofer.site/myjs/vendor/daterangepicker/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
daterangepicker.js
autofer.site/myjs/vendor/daterangepicker/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
countdowntime.js
autofer.site/myjs/vendor/countdowntime/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
main.js
autofer.site/myjs/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linen.jpg
internationalyachtchartergroup.com/webmail/skins/larry/images/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linen_login.jpg
internationalyachtchartergroup.com/webmail/skins/larry/images/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login_shadow.png
internationalyachtchartergroup.com/webmail/skins/larry/images/ |
562 B 953 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
favicon.ico
autofer.site/rcubby/black/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- autofer.site
- URL
- https://autofer.site/myjs/vendor/jquery/jquery-3.2.1.min.js
- Domain
- autofer.site
- URL
- https://autofer.site/myjs/vendor/animsition/js/animsition.min.js
- Domain
- autofer.site
- URL
- https://autofer.site/myjs/vendor/bootstrap/js/popper.js
- Domain
- autofer.site
- URL
- https://autofer.site/myjs/vendor/bootstrap/js/bootstrap.min.js
- Domain
- autofer.site
- URL
- https://autofer.site/myjs/vendor/select2/select2.min.js
- Domain
- autofer.site
- URL
- https://autofer.site/myjs/vendor/daterangepicker/moment.min.js
- Domain
- autofer.site
- URL
- https://autofer.site/myjs/vendor/daterangepicker/daterangepicker.js
- Domain
- autofer.site
- URL
- https://autofer.site/myjs/vendor/countdowntime/countdowntime.js
- Domain
- autofer.site
- URL
- https://autofer.site/myjs/js/main.js
- Domain
- autofer.site
- URL
- https://autofer.site/rcubby/black/favicon.ico
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Email (Online)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onpagereveal function| _0x1dbbe1 function| _0x409b35 function| _0x390112 function| _0x3c53 function| _0x35b73c function| _0x5729f0 object| filter function| search function| _0xcddf function| _0x475052 object| modal number| count string| dot0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
20 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
autofer.site
bafybeiausquqvspogh2244lqkmupvo5jojbvrfcbkcvhtceli3o6g4iuri.ipfs.dweb.link
internationalyachtchartergroup.com
autofer.site
2602:fea2:2::1
2606:4700:3108::ac42:2911
32475dee52caa49526b0fcf33968518747e33c04e5730d22a54962e865b15b8e
343b43c50e3c026f49164591bcd84a3a6a4f69dd0b4e56a2418ad19b930f537a
465cfa8692ff9561b87f8df906324b4219e333667ab219555e4695bb97fa4546
7d2b05ab3b56f1ec14df70df01c82a7771b9e3c56e881e15ba952ebe0746af23
a712b63789e2d5ca0d67dfc6583e3c4374daf13bbd23ef76c83c3c9e881dea7b
cede90ea2d2fc62a7f606fa90e57ff7d8fc7d640d10cbf118c65b9c860ef5bbd