220055806.cs2410-web01pvm.aston.ac.uk
Open in
urlscan Pro
134.151.36.17
Malicious Activity!
Public Scan
Submission Tags: phishingrod
Submission: On February 12 via api from DE — Scanned from GB
Summary
TLS certificate: Issued by R3 on February 15th 2023. Valid for: 3 months.
This is the only time 220055806.cs2410-web01pvm.aston.ac.uk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 134.151.36.17 134.151.36.17 | 786 (JANET Jis...) (JANET Jisc Services Limited) | |
2 | 2a00:1450:400... 2a00:1450:4001:801::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6810:5914 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a01:4f9:c010... 2a01:4f9:c010:b863::1 | 24940 (HETZNER-AS) (HETZNER-AS) | |
6 | 143.204.98.98 143.204.98.98 | 16509 (AMAZON-02) (AMAZON-02) | |
22 | 6 |
ASN786 (JANET Jisc Services Limited, GB)
PTR: cs2410-web01pvm.aston.ac.uk
220055806.cs2410-web01pvm.aston.ac.uk |
ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-98.fra50.r.cloudfront.net
cdn.myanimelist.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
aston.ac.uk
220055806.cs2410-web01pvm.aston.ac.uk |
2 MB |
6 |
myanimelist.net
cdn.myanimelist.net — Cisco Umbrella Rank: 104799 |
98 KB |
2 |
gstatic.com
fonts.gstatic.com |
23 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
1 KB |
1 |
jikan.moe
api.jikan.moe — Cisco Umbrella Rank: 461981 |
20 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 314 |
12 KB |
22 | 6 |
Domain | Requested by | |
---|---|---|
10 | 220055806.cs2410-web01pvm.aston.ac.uk |
220055806.cs2410-web01pvm.aston.ac.uk
|
6 | cdn.myanimelist.net | |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | fonts.googleapis.com |
220055806.cs2410-web01pvm.aston.ac.uk
|
1 | api.jikan.moe |
220055806.cs2410-web01pvm.aston.ac.uk
|
1 | cdn.jsdelivr.net |
220055806.cs2410-web01pvm.aston.ac.uk
|
22 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
myanimelist.net |
en-gb.facebook.com |
www.instagram.com |
twitter.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
220055806.cs2410-web01pvm.aston.ac.uk R3 |
2023-02-15 - 2023-05-16 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
api.jikan.moe R3 |
2024-01-22 - 2024-04-21 |
3 months | crt.sh |
*.myanimelist.net Amazon RSA 2048 M01 |
2023-08-07 - 2024-09-04 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://220055806.cs2410-web01pvm.aston.ac.uk/
Frame ID: FB6DD8829407EC663AC2D438276171C1
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
MyTopAnime - HomeDetected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: More Info
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
220055806.cs2410-web01pvm.aston.ac.uk/ |
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
1 KB 543 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
1 KB 902 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
220055806.cs2410-web01pvm.aston.ac.uk/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
boxicons.min.css
cdn.jsdelivr.net/npm/boxicons@latest/css/ |
66 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Main%20panel.png
220055806.cs2410-web01pvm.aston.ac.uk/Assets/ |
352 KB 352 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MyTopAnime.png
220055806.cs2410-web01pvm.aston.ac.uk/Assets/ |
47 KB 47 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AoT.jpg
220055806.cs2410-web01pvm.aston.ac.uk/Assets/ |
695 KB 695 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FacebookLogo.png
220055806.cs2410-web01pvm.aston.ac.uk/Assets/ |
33 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Instagram.png
220055806.cs2410-web01pvm.aston.ac.uk/Assets/ |
1 MB 1 MB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Twitter.png
220055806.cs2410-web01pvm.aston.ac.uk/Assets/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
220055806.cs2410-web01pvm.aston.ac.uk/ |
1 KB 652 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MTA-Icon.png
220055806.cs2410-web01pvm.aston.ac.uk/Assets/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DtVmJx26TKEr37c9YK5silss6w.woff2
fonts.gstatic.com/s/sarabun/v15/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DtVhJx26TKEr37c9YHZ5nXwJ.woff2
fonts.gstatic.com/s/sarabun/v15/ |
11 KB 12 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
anime
api.jikan.moe/v4/top/ |
102 KB 20 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
138006.webp
cdn.myanimelist.net/images/anime/1015/ |
15 KB 16 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
138033.webp
cdn.myanimelist.net/images/anime/1708/ |
15 KB 16 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
138581.webp
cdn.myanimelist.net/images/anime/1643/ |
14 KB 14 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
138851.webp
cdn.myanimelist.net/images/anime/1244/ |
19 KB 20 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
139641.webp
cdn.myanimelist.net/images/anime/1050/ |
19 KB 19 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
140799.webp
cdn.myanimelist.net/images/anime/1926/ |
12 KB 13 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| lightMode function| seasonAnime function| animeTemplate function| update0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
220055806.cs2410-web01pvm.aston.ac.uk
api.jikan.moe
cdn.jsdelivr.net
cdn.myanimelist.net
fonts.googleapis.com
fonts.gstatic.com
134.151.36.17
143.204.98.98
2606:4700::6810:5914
2a00:1450:4001:801::200a
2a00:1450:4001:830::2003
2a01:4f9:c010:b863::1
1b2232b8ae415935749c221ef1e6850c4faeb8371533e33fea0219320446273f
208f0f77c22ba73569fa94e86d71ad318b6f219270c89d51a0cb48beec57c3dd
20bfd0b127e8db30a19d260a3f8165a75757993c448a8864ebdb32d391e88a76
28853c473e0f6e00721af9e3def3d287982e0ac0db41a9cee9d51ab4ac12430e
292802ad934c29e8d221f39c547791b9dde7a03586d6bfb4f581677fdfe4c463
31433bf935fbc4dbed41d103245d5e44fe8cd79fe4f142965dcbee576b414583
32dd436b73cbaaf74a6b903273c188041ddd6344119a5e9dbf2f918bf78e1943
4220d8c942a4ed05aa040866cb649b88afc3633b94e7f0e0985cafa5ff2be50f
43afff484dc48fb47ee7dce681b4f7074e1eb83b84402d37cbd6b3a4a1328995
5b9253ff05aabeb1cb7cedcf24ca5ad831184f42267e739b5b92f4c430779844
5cf3675046a1234ad0101999687797b73db5fe1f90fecb48780a30b3f1610e9c
620eea24b0cee1d8cc8395c80f295cf2e7b6fab962493c26b49a8d42b63a4dc9
6d07bd0990e80412990df71aea97d4b1f497cb8a0fe3bbb9c07604ffb6b48e36
7329e2a190b6e70a3d96f8f033d43820beca22c4c2b87587e8b5c92d2dd7acc9
75a657e991fbef0f813efffd5af9a5694615622eb9f071c10e81eb98efbfd7ce
75dcbe66d8f1a993761b8a42335f441762adf881c8f958a23180c4f25ebe29b0
797efd4dfcec93333bc1c3604e0bde2c77b060551e63cff25979e5f5368821e2
97ceb517db6c2bda295f4918e014c4050b22f5e8ac78a4c8335d8cbb74e7d3c5
ad4e2d51cf7f8cad0b33fcae853656fa79fa2da3e9828bdf50895a88d9463259
b1e4ab7aa557d5f23d2c1c16832b6f39658ca0be3b5e0ea51c967575c802846c
e19607c5761bf20fdb2ed2bb7254f688b2d308da7b4289ef55a5ec3376f5529b
f9c6a157c8b03a5c1adce6eb5972e7acebbe71abc3deb03fdc6a7fe9445d2762