www.aquaimperial.in Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.aquaimperial.in/jb/kiwi/login.php
Submission: On August 03 via manual (August 3rd 2022, 1:16:52 am UTC) from AU — Scanned from NL

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 13 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.aquaimperial.in.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.

This is the only time www.aquaimperial.in was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

	IP Address	AS Autonomous System
12	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:9000:205... 2600:9000:2057:a00:10:7abf:f800:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:50c0:800... 2606:50c0:8000::153	54113 (FASTLY) (FASTLY)
13	2

12 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.aquaimperial.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:a00:10:7abf:f800:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.sitepoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8000::153 (United States)

ASN54113 (FASTLY, US)

i2.sitepoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	aquaimperial.in www.aquaimperial.in	71 KB
2	sitepoint.com 1 redirects www.sitepoint.com — Cisco Umbrella Rank: 221982 i2.sitepoint.com	6 KB
13	2

	Domain	Requested by
12	www.aquaimperial.in	www.aquaimperial.in
1	i2.sitepoint.com	www.aquaimperial.in
1	www.sitepoint.com	1 redirects
13	3

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.aquaimperial.in/jb/kiwi/login.php
Frame ID: E4CBAB9D46E419C2C43D2E42D1E81440
Requests: 10 HTTP requests in this frame

Frame: https://www.aquaimperial.in/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1659484800
Frame ID: 5A2D2C3D9E13881C3F92FC0E7CAE0A1A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login - Kiwibank Internet Banking

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

13
Requests

92 %
HTTPS

100 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

78 kB
Transfer

124 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js HTTP 301
https://i2.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login.php Show response www.aquaimperial.in/jb/kiwi/	5 KB 2 KB	434ms 380ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aquaimperial.in/jb/kiwi/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a3999a9d60ca8ea8bfbb7f975971c243e3c0426ec9c5c4be0ce72d04a390374d` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 734b35bc6e6abbec-FRA content-encoding br content-type text/html; charset=UTF-8 date Wed, 03 Aug 2022 01:16:47 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QHajnofvpyTWf5%2F5T41WFWxmwrscxQ%2F%2FmzvA%2BkshmcnA2zm1hDHwTNcIz6uqcuul4ijZDJnEUG%2FabO%2BY0rjZKoRaZyxNkETQTU%2F3fQXY5vVoalKVC%2Bs6zLLivdbiCFe%2FTBnOK3TXCv1mp9TyTOO0Mcx"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	MaskedPassword.js Show response i2.sitepoint.com/examples/password/MaskedPassword/ Redirect Chain https://www.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js https://i2.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js	17 KB 6 KB	158ms 105ms	Script application/javascript	2606:50c0:8000::153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://i2.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js Requested by Host: www.aquaimperial.in URL: https://www.aquaimperial.in/jb/kiwi/login.php Protocol H2 Server 2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US), Reverse DNS Software GitHub.com / Resource Hash `2cfdb08c07395b0be65df154f068ade61c1bfad7e3e3e2d0e40b85319fa95825` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.aquaimperial.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-fastly-request-id c0e1d38b30cac564816809a93c0d911c3bf887be date Wed, 03 Aug 2022 01:16:48 GMT content-encoding gzip age 0 x-cache HIT content-length 5816 x-served-by cache-ams21063-AMS access-control-allow-origin * last-modified Sun, 18 Oct 2020 23:08:24 GMT server GitHub.com x-github-request-id 245C:76B5:2EA053:308235:62E95CDF x-timer S1659489408.982741,VS0,VE91 etag W/"5f8ccae8-4208" vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 varnish expires Tue, 02 Aug 2022 17:30:31 GMT cache-control max-age=600 accept-ranges bytes x-proxy-cache MISS x-cache-hits 1 Redirect headers date Wed, 03 Aug 2022 00:52:06 GMT via 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront) server CloudFront age 1481 x-cache Hit from cloudfront location https://i2.sitepoint.com/examples/password/MaskedPassword/MaskedPassword.js x-amz-cf-pop FRA6-C1 content-length 0 x-amz-cf-id _oJn_FJavualC2maTYF5kLZq9eE9O2GKwSvtg50f_eUxRiT2FJzn1A==
GET H2	200	w1.png www.aquaimperial.in/jb/kiwi/images/	4 KB 4 KB	33ms 32ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aquaimperial.in/jb/kiwi/images/w1.png Requested by Host: www.aquaimperial.in URL: https://www.aquaimperial.in/jb/kiwi/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2b891501100ecfea520da3c4679ab97fc442afd3399e87585c76c5e4a4ae1f32` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.aquaimperial.in/jb/kiwi/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:16:47 GMT cf-cache-status HIT last-modified Tue, 16 Jan 2018 18:04:54 GMT server cloudflare age 2199 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MxfdYTrCSEf5q89CGKXkl95AcP1e4y4pLLh1JJ4kVOUlDP0uGlI3OEf7NEiqN5u73P1ebpIrd7JJolF1jpW1FslWLrkd8Ge14KHmMmLxATZsYsaBNrAU1t5bGxPJvTEFTrHkuQmS9QGbTPzy%2FlTPo7I"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 734b35becffabbec-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4251
GET H3	200	w2.png www.aquaimperial.in/jb/kiwi/images/	12 KB 12 KB	26ms 25ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aquaimperial.in/jb/kiwi/images/w2.png Requested by Host: www.aquaimperial.in URL: https://www.aquaimperial.in/jb/kiwi/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2a561e91a1cabd0fac5d8d1ceaae6dd88c511e2f33eb69415ec9b66169e37a9f` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.aquaimperial.in/jb/kiwi/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:16:47 GMT cf-cache-status HIT last-modified Tue, 16 Jan 2018 18:31:16 GMT server cloudflare age 2198 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBvA6%2BMMAgheeqfk03igc9e29aUzDqHye%2F83uEg1HgfEj35f4DAIv%2FTiS%2BGVg5PAIFqbxqaWYwMWT%2BW6%2BxuETIaKVj8yYUxs6BOlkyevWeVB4E0MXZRW9MHKQZ55hr4P1%2B2AQHkp3bBlG23upqQ1kMJ%2F"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 734b35bf0f609054-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 12030
GET H3	200	w3.png www.aquaimperial.in/jb/kiwi/images/	8 KB 9 KB	26ms 26ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aquaimperial.in/jb/kiwi/images/w3.png Requested by Host: www.aquaimperial.in URL: https://www.aquaimperial.in/jb/kiwi/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d5cc028a3a0b7a9cb7ddea9a57a2c6a310f6f7edd378d5fd89f333c50efacbc6` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.aquaimperial.in/jb/kiwi/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:16:47 GMT cf-cache-status HIT last-modified Tue, 16 Jan 2018 18:05:28 GMT server cloudflare age 2198 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B63sqdtMabcajKxhKmSx0s2J1Kh2sM9ijvalS3iPRRCzr4pfB0C8QtO3VUZ%2BzfNZtU5W8kyvJwzTsB0TQsOrG1%2BpnfoQECSoi1Cv5UVIt1Q9njLkm6HPTqODrV04hYfwvOaQd9UTux8qIGVZ7634nQqy"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 734b35bf4f759054-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8624
GET H3	200	w4.png www.aquaimperial.in/jb/kiwi/images/	15 KB 15 KB	25ms 25ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aquaimperial.in/jb/kiwi/images/w4.png Requested by Host: www.aquaimperial.in URL: https://www.aquaimperial.in/jb/kiwi/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c79baf4b455762f1e0b9c973ba2e382b01dd6f0ef76ef5d63ad1448211c4856c` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.aquaimperial.in/jb/kiwi/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:16:47 GMT cf-cache-status HIT last-modified Tue, 16 Jan 2018 18:05:58 GMT server cloudflare age 2198 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeABUcFaqIF84ynmy6IWlvP4uAgUWLo9Nb8x%2FF7D1IGV5wNfYkpp%2BaxsuR8gW0xEtUy9YqlttOWMHwx41nQ%2FZ1MIXb1Zqu9bp2mcX0uYONWYxlZ0pFvtIYY5z7o%2FGZXyY67CA4%2BaOyu2TOvHOyfMiehK"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 734b35bf7f8e9054-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15002
GET H3	200	w5.png www.aquaimperial.in/jb/kiwi/images/	556 B 1 KB	25ms 25ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aquaimperial.in/jb/kiwi/images/w5.png Requested by Host: www.aquaimperial.in URL: https://www.aquaimperial.in/jb/kiwi/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `494d597f402d00da5845993b835008d5e79fc28adacc34f32af6d4fe5cab9230` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.aquaimperial.in/jb/kiwi/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:16:47 GMT cf-cache-status HIT last-modified Tue, 16 Jan 2018 18:06:36 GMT server cloudflare age 2198 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlSaGZ3Kg386EmRhemDSQHIlOLTd7CRweRMEu%2Bup7AuOGqz2bWhEUJW46p4LBTGpZABdU8SaAdlwWqOLzE7phwARvMSwICflS1c6I1Tq2MM9JbbiYX2RGxpVZgSB7j4uUAgYRZYDJeKqJP%2Bs2V%2BdOLeL"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 734b35bfafad9054-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 556
GET H3	200	w6.png www.aquaimperial.in/jb/kiwi/images/	485 B 1022 B	25ms 25ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aquaimperial.in/jb/kiwi/images/w6.png Requested by Host: www.aquaimperial.in URL: https://www.aquaimperial.in/jb/kiwi/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `336e63c708741f26d7a89fbe063d8b4f5382917e0931bce8b4285fa2aeb1bbb5` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.aquaimperial.in/jb/kiwi/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:16:47 GMT cf-cache-status HIT last-modified Tue, 16 Jan 2018 18:06:18 GMT server cloudflare age 2198 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QuF33XiW%2Blt77WFXoQZn5rhUu5gtb7nfJMZtOydkutUWz2e3hZp%2FaMC%2F9aBefxd6hNS0shIuyuytxwfGSSkpGzHqjF44MHp%2Fs82lg9mn2EktKauLytSKPqqoBUntkRH4Rneju2u20Nu4Rb04awX8PSxq"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 734b35bfcfcf9054-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 485
GET H3	200	w7.png www.aquaimperial.in/jb/kiwi/images/	357 B 895 B	25ms 24ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aquaimperial.in/jb/kiwi/images/w7.png Requested by Host: www.aquaimperial.in URL: https://www.aquaimperial.in/jb/kiwi/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `08c6db9f391d14b7c1424f9f9ddc8c92db25f2410c6182c73b6b712d56818710` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.aquaimperial.in/jb/kiwi/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:16:47 GMT cf-cache-status HIT last-modified Tue, 16 Jan 2018 18:06:44 GMT server cloudflare age 2198 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GnkAmoRf9ILrAkBPCqyXNNSRDybRsTLOeCh734%2F%2FxXfjvXE0CR8UKDWRw5AV7BekGPltyMFkAQQ8Mny7rqgyLT34Sxq8TSay5RLIz5mtjADcW3yt8ct296pnSg2bEUCyKYarRBpwuWh6PmR5BYC%2BgcYd"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 734b35bfffe59054-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 357
GET H3	200	wlg.png www.aquaimperial.in/jb/kiwi/images/	2 KB 2 KB	26ms 26ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.aquaimperial.in/jb/kiwi/images/wlg.png Requested by Host: www.aquaimperial.in URL: https://www.aquaimperial.in/jb/kiwi/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `92097b63da53e9049b3e4ec5ab39f5a020ed056adeb0ee07dd1e3b080b9c387e` Request headers accept-language nl-NL,nl;q=0.9 Referer https://www.aquaimperial.in/jb/kiwi/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:16:48 GMT cf-cache-status HIT last-modified Tue, 16 Jan 2018 18:07:10 GMT server cloudflare age 2199 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0LF25VpCLWM5BroztyuYjGkNcCUxhOuCHKqLHVJKimqlKoY8GDlp3eiqfri3LJa8NgfzDw8ERcVjg2biM2oRLk5FzU2xTvmAghtl6u59ar1r%2BP8fkG%2FLvg%2BU5GDRV%2FSJBGor6TAabnT5Fn8PHo87K3S"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 734b35c018009054-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1600
GET H3	200	invisible.js Show response www.aquaimperial.in/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 5A2D	42 KB 15 KB	30ms 29ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aquaimperial.in/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1659484800 Requested by Host: www.aquaimperial.in URL: https://www.aquaimperial.in/jb/kiwi/login.php Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d08fe6c302df5d5f7733de5fba8f8295dc68da21ce37871e27eaead7cac8c71d` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:16:48 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ieDyOBQS4FF0njR8ooewdPANbOiRPSrF4J%2FYCqncoLkHzj%2B4c4C91ee9jdhnFQ4KI%2FkcfjOPzdQEni48SAl0QEwYIgAT%2B7KZNUQ4MaXGQVDr3lRwXTfOL3o55jfTuysL07ztaQB6eHW%2FsE9v%2FVZctXEH"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 734b35c0c85c9054-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	pica.js www.aquaimperial.in/cdn-cgi/challenge-platform/h/b/scripts/ Frame 5A2D	19 KB 7 KB	28ms 27ms	Other application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aquaimperial.in/cdn-cgi/challenge-platform/h/b/scripts/pica.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `da755db1ffd196aef8b31bb32a660802914fecb83430f157e635d3e84c901d9e` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 03 Aug 2022 01:16:48 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2JqNjz6UuWjsF8uYWoUKExb6I8Ov6QQTp4a5kGMsDC3l9qxoUKnkNCfv3vG0%2FkaAwcQxaOo1ET0tCtcuPv40I2cHLUPZQ7p9xD%2FpQmsxgScgf0HV8PPe5J9XbSkwdmtG90wlub5r9DQG9GOPfYUXOO8"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control max-age=14400, public x-control-type-options nosniff cf-ray 734b35c0f87c9054-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H3	200	734b35bc6e6abbec Show response www.aquaimperial.in/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 5A2D	2 B 723 B	36ms 36ms	XHR text/plain	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.aquaimperial.in/cdn-cgi/challenge-platform/h/b/cv/result/734b35bc6e6abbec Requested by Host: www.aquaimperial.in URL: https://www.aquaimperial.in/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1659484800 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Referer accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/json Response headers date Wed, 03 Aug 2022 01:16:48 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPOndkrvUti3HdGxVWBXdvibtTsID3qpApnSOAZhxi1aa0HOgkW30K%2F02OWVW7CYngErkBBZ86Qra3OpZFpXi7uPXmUIiMdlaqgahR%2BAP3lbVZPnrZYvekgb0zmlVu83X%2B23QT%2Bz18BsteFGNt1sUgjy"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 734b35c379b89054-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.aquaimperial.in/	1970-01-20 04:58:11	Name: __cf_bm Value: hpXN_Cy2RrtmzmHDKX9eXzGrewqHzVdWD7iQFYvD9I8-1659489408-0-AeSB9PfzrTS4y6v/iJT1h0DEOSyEUMJFNuvqJYc1/vbe8ti0E4Pmkip2L5WA3UNotgGwelI51mUwgCfsMYgrSqBLv2Gm8PTizmfB0M7mhvXLM8LJxu8aBkUggjes72zsvg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

i2.sitepoint.com
www.aquaimperial.in
www.sitepoint.com
2600:9000:2057:a00:10:7abf:f800:93a1
2606:50c0:8000::153
2a06:98c1:3120::3
08c6db9f391d14b7c1424f9f9ddc8c92db25f2410c6182c73b6b712d56818710
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a561e91a1cabd0fac5d8d1ceaae6dd88c511e2f33eb69415ec9b66169e37a9f
2b891501100ecfea520da3c4679ab97fc442afd3399e87585c76c5e4a4ae1f32
2cfdb08c07395b0be65df154f068ade61c1bfad7e3e3e2d0e40b85319fa95825
336e63c708741f26d7a89fbe063d8b4f5382917e0931bce8b4285fa2aeb1bbb5
494d597f402d00da5845993b835008d5e79fc28adacc34f32af6d4fe5cab9230
92097b63da53e9049b3e4ec5ab39f5a020ed056adeb0ee07dd1e3b080b9c387e
a3999a9d60ca8ea8bfbb7f975971c243e3c0426ec9c5c4be0ce72d04a390374d
c79baf4b455762f1e0b9c973ba2e382b01dd6f0ef76ef5d63ad1448211c4856c
d08fe6c302df5d5f7733de5fba8f8295dc68da21ce37871e27eaead7cac8c71d
d5cc028a3a0b7a9cb7ddea9a57a2c6a310f6f7edd378d5fd89f333c50efacbc6
da755db1ffd196aef8b31bb32a660802914fecb83430f157e635d3e84c901d9e

www.aquaimperial.in Open in urlscan Pro 2a06:98c1:3120::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

92 %HTTPS

100 %IPv6

2 Domains

3 Subdomains

2 IPs

1 Countries

78 kBTransfer

124 kBSize

1 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

11 JavaScript Global Variables

1 Cookies

Indicators

www.aquaimperial.in Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

100 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

78 kB
Transfer

124 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!