www2.originalmechanicszz.xyz
Open in
urlscan Pro
2606:4700::6812:4795
Malicious Activity!
Public Scan
Effective URL: https://www2.originalmechanicszz.xyz/claim/ytvtcl-comp/1911-bnd-ab-gogl-sp-i11-s10-cmp-gb-en1.html?region=Hammersmith%20and%20Fulham&...
Submission: On March 22 via api from BE
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 30th 2019. Valid for: 9 months.
This is the only time www2.originalmechanicszz.xyz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 67.199.248.11 67.199.248.11 | 396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD) | |
1 1 | 103.254.139.146 103.254.139.146 | 38719 (DREAMSCAP...) (DREAMSCAPE-AS-AP Dreamscape Networks Limited) | |
1 | 185.63.253.116 185.63.253.116 | 134512 (HWSPL-AS-...) (HWSPL-AS-AP HostPalace Web Solution PVT LTD) | |
1 1 | 104.18.26.185 104.18.26.185 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
15 | 2606:4700::68... 2606:4700::6812:4795 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:816::200a | 15169 (GOOGLE) (GOOGLE) | |
17 | 3 |
ASN38719 (DREAMSCAPE-AS-AP Dreamscape Networks Limited, AU)
PTR: vs-gryba4base.au.syrahost.com
azfdr3652.live-on.net |
ASN134512 (HWSPL-AS-AP HostPalace Web Solution PVT LTD, IN)
PTR: mail.copiawealthandtax.net
viaprio.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
originalmechanicszz.xyz
www2.originalmechanicszz.xyz |
87 KB |
1 |
googleapis.com
ajax.googleapis.com |
30 KB |
1 |
wbtutorials.com
1 redirects
www.wbtutorials.com |
1 KB |
1 |
viaprio.com
viaprio.com |
443 B |
1 |
live-on.net
1 redirects
azfdr3652.live-on.net |
238 B |
1 |
bit.ly
1 redirects
bit.ly |
295 B |
17 | 6 |
Domain | Requested by | |
---|---|---|
15 | www2.originalmechanicszz.xyz |
viaprio.com
www2.originalmechanicszz.xyz |
1 | ajax.googleapis.com |
www2.originalmechanicszz.xyz
|
1 | www.wbtutorials.com | 1 redirects |
1 | viaprio.com | |
1 | azfdr3652.live-on.net | 1 redirects |
1 | bit.ly | 1 redirects |
17 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.viaprio.com Go Daddy Secure Certificate Authority - G2 |
2019-07-15 - 2020-07-15 |
a year | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-12-30 - 2020-10-09 |
9 months | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-03-03 - 2020-05-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www2.originalmechanicszz.xyz/claim/ytvtcl-comp/1911-bnd-ab-gogl-sp-i11-s10-cmp-gb-en1.html?region=Hammersmith%20and%20Fulham&td=www.wbtutorials.com&brand=Desktop&model=Desktop&cep=je84OLECeTdKhwURSLZ8A8jNfB_3ZVhHu1FawiQQgZcXkd5elksKK-jBR83jKjRFfkuZR-SoKidpEdd-jQgekOLmSaF1aet7etdx9NCUXcyvjlKwz5dKNtLNxDIISyySYkCOptQXX0_G8c1aJJx15I5KNPk2qsBdxRWKDckG3vrpyV71lk4zpFWxMw3ssLOI9sSUijAtk-8XcpZe0mBeZos2O5ekZnvMM9WX06rWWBCB_vupiKbBaVWIan_SfYJGjHfNk_ipG5rMSxzvEy82e6LMRgR3oo-aC0Tz0plsx8HA4nVdatpRLFPBoW19vuaFEOkjlTPeEI9aEONFuUQmh0wa4L2wW-ri_XdqqdC2xIcEiIZjJZJa-rLqjp_aCeYVVmZPucMzfSmckAho6SbEPQ&lptoken=151b842189fa85283313&4=&3=&5=&6=&7=&8=472176&2=&1=891545114&s1=472176&s0=891545114
Frame ID: D370CBA037D33CA44367F1E6FBD4232A
Requests: 17 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://bit.ly/2J54kuG
HTTP 301
http://azfdr3652.live-on.net/1539479ea2296731wm0HP0BP39bAr66146PU HTTP 302
https://viaprio.com/fff799f6d77613c000/15b-1539479-2296731-66146-0-/08296 Page URL
-
https://www.wbtutorials.com/e7d741a7-d679-46b5-82e0-fb8353334c97?4=&3=&5=&6=&7=&8=472176&2=&1=891545114&...
HTTP 302
https://www2.originalmechanicszz.xyz/claim/ytvtcl-comp/1911-bnd-ab-gogl-sp-i11-s10-cmp-gb-en1.html?region=Hammers... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://bit.ly/2J54kuG
HTTP 301
http://azfdr3652.live-on.net/1539479ea2296731wm0HP0BP39bAr66146PU HTTP 302
https://viaprio.com/fff799f6d77613c000/15b-1539479-2296731-66146-0-/08296 Page URL
-
https://www.wbtutorials.com/e7d741a7-d679-46b5-82e0-fb8353334c97?4=&3=&5=&6=&7=&8=472176&2=&1=891545114&s1=472176&s0=891545114
HTTP 302
https://www2.originalmechanicszz.xyz/claim/ytvtcl-comp/1911-bnd-ab-gogl-sp-i11-s10-cmp-gb-en1.html?region=Hammersmith%20and%20Fulham&td=www.wbtutorials.com&brand=Desktop&model=Desktop&cep=je84OLECeTdKhwURSLZ8A8jNfB_3ZVhHu1FawiQQgZcXkd5elksKK-jBR83jKjRFfkuZR-SoKidpEdd-jQgekOLmSaF1aet7etdx9NCUXcyvjlKwz5dKNtLNxDIISyySYkCOptQXX0_G8c1aJJx15I5KNPk2qsBdxRWKDckG3vrpyV71lk4zpFWxMw3ssLOI9sSUijAtk-8XcpZe0mBeZos2O5ekZnvMM9WX06rWWBCB_vupiKbBaVWIan_SfYJGjHfNk_ipG5rMSxzvEy82e6LMRgR3oo-aC0Tz0plsx8HA4nVdatpRLFPBoW19vuaFEOkjlTPeEI9aEONFuUQmh0wa4L2wW-ri_XdqqdC2xIcEiIZjJZJa-rLqjp_aCeYVVmZPucMzfSmckAho6SbEPQ&lptoken=151b842189fa85283313&4=&3=&5=&6=&7=&8=472176&2=&1=891545114&s1=472176&s0=891545114 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://bit.ly/2J54kuG HTTP 301
- http://azfdr3652.live-on.net/1539479ea2296731wm0HP0BP39bAr66146PU HTTP 302
- https://viaprio.com/fff799f6d77613c000/15b-1539479-2296731-66146-0-/08296
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
08296
viaprio.com/fff799f6d77613c000/15b-1539479-2296731-66146-0-/ Redirect Chain
|
189 B 443 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
1911-bnd-ab-gogl-sp-i11-s10-cmp-gb-en1.html
www2.originalmechanicszz.xyz/claim/ytvtcl-comp/ Redirect Chain
|
14 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
www2.originalmechanicszz.xyz/claim/ytvtcl-comp/ |
138 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style_ab.css
www2.originalmechanicszz.xyz/claim/ytvtcl-comp/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gicon.png
www2.originalmechanicszz.xyz/claim/ytvtcl-comp/ |
380 B 572 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.1.jpg
www2.originalmechanicszz.xyz/claim/ytvtcl-comp/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.1.jpg
www2.originalmechanicszz.xyz/claim/ytvtcl-comp/ |
978 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.1.jpg
www2.originalmechanicszz.xyz/claim/ytvtcl-comp/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5.1.jpg
www2.originalmechanicszz.xyz/claim/ytvtcl-comp/ |
1020 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6.1.jpg
www2.originalmechanicszz.xyz/claim/ytvtcl-comp/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3.1.jpg
www2.originalmechanicszz.xyz/claim/ytvtcl-comp/ |
1 KB 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7.1.jpg
www2.originalmechanicszz.xyz/claim/ytvtcl-comp/ |
890 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i11uk.png
www2.originalmechanicszz.xyz/claim/ytvtcl-comp/ |
18 KB 18 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sgs10uk.png
www2.originalmechanicszz.xyz/claim/ytvtcl-comp/ |
16 KB 16 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.js
www2.originalmechanicszz.xyz/claim/ytvtcl-comp/ |
50 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alert6.mp3
www2.originalmechanicszz.xyz/claim/ytvtcl-comp/ |
7 KB 7 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| getURLParameter function| contains object| names function| dateOffset function| $ function| jQuery object| bootstrap function| exit_a11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.www2.originalmechanicszz.xyz/ | Name: __cfduid Value: d1f1b79429111c6a62a63e31be4ad0ed71584896733 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
azfdr3652.live-on.net
bit.ly
viaprio.com
www.wbtutorials.com
www2.originalmechanicszz.xyz
103.254.139.146
104.18.26.185
185.63.253.116
2606:4700::6812:4795
2a00:1450:4001:816::200a
67.199.248.11
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2bd9c7a49876b2aa0641849b5d67fff0b2531abc1c8fe598d90833d9de22a5db
2e0091c02593ca70dddf8b23c1b3bf76e09354fcf919d768fdc3a441e58c2f99
33edb09f6ae552e8aeb798258e3a22e7096a7c87b44c79caa831cb396bfc7f58
364f54fc6245b1d8fc898c85a9d0c007b1cdc8cd885838c8406b4019c3d369de
3beb48429a842d5c330b9b4cc0a518652e1eca16121f40bdc1d4c41e4ff1a08c
3ca4237ee3c6add6a327bbacf5a863b7fbeb9af80455f0862e21fcbb53c8fe43
4fdb5a03ae3f26e801517144609db3589bd0835a686fe11dfe7afddcdb750ef8
7e9312e4c6f1e7c946abf1e32801822620ed74b382c5051f957d969476320630
9dcb3485fcccc49ae17e7314426617cf9ab4daf5502da5e4a0f06a041d79526a
a7829aa2001eb84073d42b0568794eb70d214c851f688427bb73e6b38007db22
a94dfa44b4ac4525a9a2e46e38b5c337508971650dcb63daaea62ed5f55fd888
bfcd49fdcbc3531555b7e242b73468b40f4a36c7ca56032ec0329175d8d215b1
c95898f36f8472eafac6492e34157d2a3cec2077f8b9037462269ae3a76f533e
f05c4b73200f28846b3204ed1db2fbd7e6bbc591a05573336e7bcb8da53a43c5
f3bd598c9d500a0a57f7692fd2482b2b4ce7bca8e53160da0329bed14caeee35
fe7c6bc5c38ccf8c88886f5c555887055fd035b832f23ac94d1eeea5e6576ec2