220055806.cs2410-web01pvm.aston.ac.uk Open in urlscan Pro
134.151.36.17 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://220055806.cs2410-web01pvm.aston.ac.uk/
Submission Tags: phishingrod
Submission: On February 12 via api (February 12th 2024, 1:45:48 am UTC) from DE — Scanned from GB

Summary HTTP 22 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 22 HTTP transactions. The main IP is 134.151.36.17, located in Birmingham, United Kingdom and belongs to JANET Jisc Services Limited, GB. The main domain is 220055806.cs2410-web01pvm.aston.ac.uk.
TLS certificate: Issued by R3 on February 15th 2023. Valid for: 3 months.

This is the only time 220055806.cs2410-web01pvm.aston.ac.uk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
10	134.151.36.17 134.151.36.17	786 (JANET Jis...) (JANET Jisc Services Limited)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a01:4f9:c010... 2a01:4f9:c010:b863::1	24940 (HETZNER-AS) (HETZNER-AS)
6	143.204.98.98 143.204.98.98	16509 (AMAZON-02) (AMAZON-02)
22	6

10 134.151.36.17 (Birmingham, United Kingdom)

ASN786 (JANET Jisc Services Limited, GB)
PTR: cs2410-web01pvm.aston.ac.uk

220055806.cs2410-web01pvm.aston.ac.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f9:c010:b863::1 (Germany)

ASN24940 (HETZNER-AS, DE)

api.jikan.moe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.98.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-98.fra50.r.cloudfront.net

cdn.myanimelist.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	aston.ac.uk 220055806.cs2410-web01pvm.aston.ac.uk	2 MB
6	myanimelist.net cdn.myanimelist.net — Cisco Umbrella Rank: 104799	98 KB
2	gstatic.com fonts.gstatic.com	23 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	jikan.moe api.jikan.moe — Cisco Umbrella Rank: 461981	20 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 314	12 KB
22	6

	Domain	Requested by
10	220055806.cs2410-web01pvm.aston.ac.uk	220055806.cs2410-web01pvm.aston.ac.uk
6	cdn.myanimelist.net
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	220055806.cs2410-web01pvm.aston.ac.uk
1	api.jikan.moe	220055806.cs2410-web01pvm.aston.ac.uk
1	cdn.jsdelivr.net	220055806.cs2410-web01pvm.aston.ac.uk
22	6

This site contains links to these domains. Also see Links.

Domain
myanimelist.net
en-gb.facebook.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
220055806.cs2410-web01pvm.aston.ac.uk R3	`2023-02-15` - `2023-05-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
api.jikan.moe R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.myanimelist.net Amazon RSA 2048 M01	`2023-08-07` - `2024-09-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://220055806.cs2410-web01pvm.aston.ac.uk/
Frame ID: FB6DD8829407EC663AC2D438276171C1
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MyTopAnime - Home

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

22
Requests

55 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

2368 kB
Transfer

2513 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://myanimelist.net/anime/40028/Shingeki_no_Kyojin__The_Final_Season?q=final%20season&cat=anime
Title: More Info

Search URL Search Domain Scan URL

URL: https://en-gb.facebook.com/Anitrendz/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/animes/?hl=en

Search URL Search Domain Scan URL

URL: https://twitter.com/alltheanime?lang=en

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
220055806.cs2410-web01pvm.aston.ac.uk/ 10 KB
3 KB 364ms
30ms Document
text/html 134.151.36.17
JANET Jisc Servic...

General

220055806.cs2410-web01pvm.aston.ac.uk Open in urlscan Pro 134.151.36.17 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

22 Requests

55 %HTTPS

67 %IPv6

6 Domains

6 Subdomains

6 IPs

3 Countries

2368 kBTransfer

2513 kBSize

0 Cookies

4 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

Indicators

220055806.cs2410-web01pvm.aston.ac.uk Open in urlscan Pro
134.151.36.17 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

55 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

2368 kB
Transfer

2513 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!