f6f991-39754.portmap.io
Open in
urlscan Pro
193.161.193.99
Malicious Activity!
Public Scan
Effective URL: https://f6f991-39754.portmap.io:39754/c35385dab71720262277sb/en-09/?x=
Submission: On July 06 via manual from ZA — Scanned from DE
Summary
TLS certificate: Issued by E6 on June 30th 2024. Valid for: 3 months.
This is the only time f6f991-39754.portmap.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Standard Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 104.21.48.17 104.21.48.17 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 52.21.33.16 52.21.33.16 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 23 | 193.161.193.99 193.161.193.99 | 198134 (GETWIFI-AS) (GETWIFI-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 34.117.186.192 34.117.186.192 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
24 | 3 |
ASN14618 (AMAZON-AES, US)
PTR: us-ip-1.short.io
576fhgg6u.yachts |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.186.117.34.bc.googleusercontent.com
ipinfo.io |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
portmap.io
1 redirects
f6f991-39754.portmap.io |
227 KB |
1 |
ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 5906 |
924 B |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 530 |
31 KB |
1 |
576fhgg6u.yachts
1 redirects
576fhgg6u.yachts |
81 B |
1 |
tyny.to
1 redirects
tyny.to |
618 B |
24 | 5 |
Domain | Requested by | |
---|---|---|
23 | f6f991-39754.portmap.io |
1 redirects
f6f991-39754.portmap.io
|
1 | ipinfo.io |
ajax.googleapis.com
|
1 | ajax.googleapis.com |
f6f991-39754.portmap.io
|
1 | 576fhgg6u.yachts | 1 redirects |
1 | tyny.to | 1 redirects |
24 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
f6f991-39754.portmap.io E6 |
2024-06-30 - 2024-09-28 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
ipinfo.io R3 |
2024-06-03 - 2024-09-01 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://f6f991-39754.portmap.io:39754/c35385dab71720262277sb/en-09/?x=
Frame ID: 4A77E025600E2E5769ABA59DDD553424
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
Standard Bank Online BankingPage URL History Show full URLs
-
https://tyny.to/sf45ed
HTTP 302
https://576fhgg6u.yachts/l13mzY HTTP 302
https://f6f991-39754.portmap.io:39754/?x=sb090507 HTTP 302
https://f6f991-39754.portmap.io:39754/c35385dab71720262277sb/en-09/?x= Page URL
Detected technologies
ZURB Foundation (Web Frameworks) ExpandDetected patterns
- <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://tyny.to/sf45ed
HTTP 302
https://576fhgg6u.yachts/l13mzY HTTP 302
https://f6f991-39754.portmap.io:39754/?x=sb090507 HTTP 302
https://f6f991-39754.portmap.io:39754/c35385dab71720262277sb/en-09/?x= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/ Redirect Chain
|
31 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.min.css
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/Lib/stylesheets/css/ |
67 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sb_logo.png
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/Lib/img/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
locked_24_tertiary.png
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/Lib/img/ |
351 B 587 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icn_shield_with_lock_42.png
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/Lib/img/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icn_register_28.png
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/Lib/img/ |
611 B 847 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-email.png
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/Lib/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PlayBadge.png
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/Lib/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
appStoreBadge.png
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/Lib/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_south_africa_white.png
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/Lib/img/ |
850 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_global_white.png
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/Lib/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_email_white.png
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/Lib/img/ |
795 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.min-blessed49.css
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/Lib/stylesheets/css/ |
303 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.min-blessed45.css
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/Lib/stylesheets/css/ |
425 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.min-blessed44.css
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/Lib/stylesheets/css/ |
104 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.min-blessed41.css
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/Lib/stylesheets/css/ |
240 KB 30 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.min-blessed40.css
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/Lib/stylesheets/css/ |
324 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.min-blessed39.css
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/Lib/stylesheets/css/ |
247 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Background_Image_Large.jpg
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/Lib/img/ |
273 B 273 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bentonsans-regular-webfont.woff
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/Lib/fonts/bentonsans/regular/ |
12 KB 12 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icomoon.ttf
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/Lib/fonts/ |
26 KB 26 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ipinfo.io/ |
622 B 924 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
f6f991-39754.portmap.io/c35385dab71720262277sb/en-09/Lib/img/ |
6 KB 6 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Standard Bank (Banking)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| $ function| jQuery function| checkForm function| isInputNumber object| phoneInput3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
tyny.to/ | Name: PHPSESSID Value: tr3rs5shau484v169flti4cout |
|
tyny.to/ | Name: sf45ed Value: 1 |
|
f6f991-39754.portmap.io/ | Name: PHPSESSID Value: v4ukst32m9t2u360opoocucn0f |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
576fhgg6u.yachts
ajax.googleapis.com
f6f991-39754.portmap.io
ipinfo.io
tyny.to
104.21.48.17
193.161.193.99
2a00:1450:4001:810::200a
34.117.186.192
52.21.33.16
0402b8e6e3b789ffec9618f6baea5b80a5c7d20a44394327a4d5a8e5ee369acf
18260da7dd57578e792e7c38896f648b6c57c1b3b6b2931a94426f11f5f608ae
1bcd43816acb11bb4f8004724b406ee0c4b040f379d6e1515a3ccbd466b5d662
1d37a24706a9b7ef61dfef37effcf7e9668080b854e2ecba5db74f89c208230d
1d3edfb3b0cec0a47e6e85a2d752993a077473aa8c03dfeac5ce873fc9abe639
23d2b540921ec0655b5f581999a09914fa8751b73b90bd981840183dc2a4ec95
2450014250927af73636e00dd54036fbd745d5169435ed779b0bcb675258361f
287794a8f89b9a10b699cf3c625e0f4847b0989018675fdb55c7182003a13dc0
2daf53b1d65351e31f6c8513731bec5ecd65fd1c072d8ddd5521e35cc31a73de
539663d83d4d2e55bca59ded8aefef25111691bc9795d5c0c1d13b142795cf6e
57f6f21b2fe8bc0c67e9ff4350c825de7a3cc8b3259253828d12d396d616aefd
5e03e8a2ea184c5c68a1d0e1446b7ea7c57d60a4d18400267136ff423ac9633e
61d18c253909a2759193f36bd4f4757a47d5de7be38c7a0052947453daec6282
659ec5c9f365d3e03d205766dcf6103fdb716dae3e99d8742d33f1e31eb37b2d
a1f6e503104c96c6214a2a7af1d677a8b33cf419d80c8cd20e895cf977668b4e
a4341534409961ae34ca429828b0352bf2fb321944ff513581b9810da9b401db
a98db87f78fe65c1c150fe8eddba301a4040bec74b19304bcad6405dbc323d9d
ab9b1811fa5cdcb1468e501c5ae704095fe7b771574274e1774c282e01aeba6f
b7b76d870a0a9617e0f6126f9c78b7d35733c13d67bd7df584515e8b32594f18
b9339526d34d7d298dabb34b9c04be6da2d80ef3432ce9b8f6a5a4c25e2ddf4c
c415bbd5aeeaa215da204eeacdad5471ee670c054e295a2df1232a575166a2cf
c7301a7edfff636ba8ab0adc618816ce76208f1a363b8dafb2204fd426160029
e63e4818edbc63a849b1f1733278136eb041951fba85f76975d77f71c9e12132
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d