www.quickwebtech.com
Open in
urlscan Pro
2606:4700:3035::681b:96df
Malicious Activity!
Public Scan
Submission Tags: 6777181
Submission: On September 21 via api from NL
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 22nd 2020. Valid for: a year.
This is the only time www.quickwebtech.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 2606:4700:303... 2606:4700:3035::681b:96df | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 195.91.45.51 195.91.45.51 | 6855 (SK-TELEKOM) (SK-TELEKOM) | |
1 2 | 15.236.175.233 15.236.175.233 | 16509 (AMAZON-02) (AMAZON-02) | |
20 | 3 |
ASN6855 (SK-TELEKOM, SK)
PTR: mob-51.195-91-45.telekom.sk
ib.primabanka.sk |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-175-233.eu-west-3.compute.amazonaws.com
synacor.112.2o7.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
quickwebtech.com
www.quickwebtech.com |
527 KB |
2 |
2o7.net
1 redirects
synacor.112.2o7.net |
1 KB |
1 |
primabanka.sk
ib.primabanka.sk |
3 KB |
20 | 3 |
Domain | Requested by | |
---|---|---|
18 | www.quickwebtech.com |
www.quickwebtech.com
|
2 | synacor.112.2o7.net |
1 redirects
www.quickwebtech.com
|
1 | ib.primabanka.sk |
www.quickwebtech.com
|
20 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-07-22 - 2021-07-22 |
a year | crt.sh |
ib.primabanka.sk DigiCert SHA2 Extended Validation Server CA |
2019-08-09 - 2021-09-23 |
2 years | crt.sh |
*.112.2o7.net DigiCert SHA2 High Assurance Server CA |
2019-04-23 - 2021-04-27 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.quickwebtech.com/wp-content/themes/js/a_prima/page/visitor/customer-821/
Frame ID: 5314848C8102ACD5FE01E0FEF9E31BD6
Requests: 20 HTTP requests in this frame
Screenshot
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
CloudFlare (CDN) Expand
Detected patterns
- headers server /^cloudflare$/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
SiteCatalyst (Analytics) Expand
Detected patterns
- script /\/s[_-]code.*\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- https://synacor.112.2o7.net/b/ss/synacortveauth/1/H.24.4/s05434295046876?AQB=1&ndh=1&t=21%2F8%2F2020%2010%3A38%3A42%201%20-120&ce=UTF-8&ns=synacor&pageName=Federated%20Login&g=https%3A%2F%2Fwww.quickwebtech.com%2Fwp-content%2Fthemes%2Fjs%2Fa_prima%2Fpage%2Fvisitor%2Fcustomer-821%2F&cc=USD&c1=CenturyLink&c6=Federated%20Login&c7=7a4816c3b72052726a665505abae3e3c&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
- https://synacor.112.2o7.net/b/ss/synacortveauth/1/H.24.4/s05434295046876?AQB=1&pccr=true&vidn=2FB4334985158109-6000089CF8B875C6&ndh=1&t=21%2F8%2F2020%2010%3A38%3A42%201%20-120&ce=UTF-8&ns=synacor&pageName=Federated%20Login&g=https%3A%2F%2Fwww.quickwebtech.com%2Fwp-content%2Fthemes%2Fjs%2Fa_prima%2Fpage%2Fvisitor%2Fcustomer-821%2F&cc=USD&c1=CenturyLink&c6=Federated%20Login&c7=7a4816c3b72052726a665505abae3e3c&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.quickwebtech.com/wp-content/themes/js/a_prima/page/visitor/customer-821/ |
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-latest.min.js
www.quickwebtech.com/wp-content/themes/js/a_prima/page/visitor/customer-821/js/ |
94 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.mask.min.js
www.quickwebtech.com/wp-content/themes/js/a_prima/page/visitor/customer-821/js/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Acc_Carding.js
www.quickwebtech.com/wp-content/themes/js/a_prima/page/visitor/customer-821/js/ |
1 KB 468 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
www.quickwebtech.com/wp-content/themes/js/a_prima/page/visitor/customer-821/index_fichiers/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
www.quickwebtech.com/wp-content/themes/js/a_prima/page/visitor/customer-821/index_fichiers/ |
79 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk.css
www.quickwebtech.com/wp-content/themes/js/a_prima/page/visitor/customer-821/index_fichiers/ |
155 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
www.quickwebtech.com/wp-content/themes/js/a_prima/page/visitor/customer-821/img/ |
10 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social.css
www.quickwebtech.com/wp-content/themes/js/a_prima/page/visitor/customer-821/index_fichiers/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social_responsive.css
www.quickwebtech.com/wp-content/themes/js/a_prima/page/visitor/customer-821/index_fichiers/ |
1 KB 583 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
social_login.css
www.quickwebtech.com/wp-content/themes/js/a_prima/page/visitor/customer-821/index_fichiers/ |
2 KB 844 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
quora.js
www.quickwebtech.com/wp-content/themes/js/a_prima/page/visitor/customer-821/index_fichiers/ |
128 B 194 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
www.quickwebtech.com/wp-content/themes/js/a_prima/page/visitor/customer-821/index_fichiers/ |
91 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
primabanka.png
ib.primabanka.sk/ib/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.js
www.quickwebtech.com/wp-content/themes/js/a_prima/page/visitor/customer-821/index_fichiers/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s_code.js
www.quickwebtech.com/wp-content/themes/js/a_prima/page/visitor/customer-821/index_fichiers/ |
30 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
www.quickwebtech.com/wp-content/themes/js/a_prima/page/visitor/customer-821/index_fichiers/ |
386 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk.js
www.quickwebtech.com/wp-content/themes/js/a_prima/page/visitor/customer-821/index_fichiers/ |
1 MB 308 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
www.quickwebtech.com/wp-content/themes/js/a_prima/page/visitor/customer-821/index_fichiers/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s05434295046876
synacor.112.2o7.net/b/ss/synacortveauth/1/H.24.4/ Redirect Chain
|
43 B 291 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic (Online)27 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| $ function| jQuery object| $jscomp function| isNumber function| updateTracking string| s_account object| s string| s_code string| s_objectID function| s_gi function| s_giqf string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft object| s_c_il number| s_c_in number| s_giq object| webpackJsonp object| s_i_synacor object| $elements string| $escaped3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.quickwebtech.com/ | Name: s_cc Value: true |
|
.quickwebtech.com/ | Name: s_sq Value: %5B%5BB%5D%5D |
|
.quickwebtech.com/ | Name: __cfduid Value: d774af3764d4519f9b27f87eb7578632e1600677506 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ib.primabanka.sk
synacor.112.2o7.net
www.quickwebtech.com
15.236.175.233
195.91.45.51
2606:4700:3035::681b:96df
073942bcaaf8c34a9e5b6c61a55a0457678e6a4be2e82141bce57b6ec4bb1050
2cdf35c0be9b59afc14cb25be11af2acb20c310f4e294d992f44a766e56e41ee
34e7485254321247359d42d049d1e880f0c54c3a6e9232ee99ccf9c17622b67f
38e5e364478300874178b0b16015d1a0500b64cb119c8c94378fdf508b13ddcf
42d4026becd2456bb97a87adec29c1f423c1062a91eb98ed69bcd6489f20df98
44d0d4d970f61ac3792db6e448ed2495ec75b34c991024bb0067105d550b4593
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5b72e7dbb2817288fea74a3e78626e5316610b4371a0c47b6b010fb178bca3e4
678142bea0f875f9140575b7643f9f76486cf2139270371acd1543f063c93ec1
7ee3e233c43210eb0971fc3afafec85b26a487cba24399b0a72683e317e958cf
8ae2198685862aa7223d6992148994c2b2f5f812746c2b0cb661163e0ffd2e06
a1305347219d673cc973172494248e557ce8eccaf65af995c07c9d7daed4475d
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b502b8972198a2b3701b859b0bfc2d6c9fa35278e94a358acaa353db3b6d82ad
bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e
df19b3ef0af7d926b4a442d1f5f9fb5d7cfc6047d8945160df9d589bab5f5585
f8e673c25be39d8531277d87b18ac3cf91def3c21ca9c171625e6c2aaa796bbd