www.possearchau.icu
38.54.111.179 Malicious Activity!

Go To Rescan
Add Verdict Report

Submitted URL:
https://cutt.ly/y8GOhfk
Effective URL:
https://www.possearchau.icu/
Submission Tags: phishing amazon Search All
Submission: On March 08 via api (March 8th 2023, 5:54:39 am UTC) from JP — Scanned from JP

Summary HTTP 10 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 38.54.111.179, located in United States and belongs to KAOPU-HK Kaopu Cloud HK Limited, HK. The main domain is www.possearchau.icu.
TLS certificate: Issued by R3 on March 8th 2023. Valid for: 3 months.

This is the only time www.possearchau.icu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Amazon (Online) Amazon Japan (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 11	38.54.111.179 38.54.111.179	138915 (KAOPU-HK ...) (KAOPU-HK Kaopu Cloud HK Limited)
10	2

1 2606:4700:10::6816:e8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 38.54.111.179 (United States) 1 redirects

ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK)

www.possearchau.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	possearchau.icu 1 redirects www.possearchau.icu	750 KB
1	cutt.ly 1 redirects cutt.ly — Cisco Umbrella Rank: 76960	436 B
10	2

	Domain	Requested by
11	www.possearchau.icu	1 redirects www.possearchau.icu
1	cutt.ly	1 redirects
10	2

This site contains links to these domains. Also see Links.

Domain
www.amazon.co.jp

Subject Issuer	Validity	Valid
possearchau.icu R3	`2023-03-08` - `2023-06-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.possearchau.icu/
Frame ID: 12047D8D4712F2AC5B9E51B16B0B2E3C
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cutt.ly/y8GOhfk HTTP 301
http://www.possearchau.icu/ HTTP 301
https://www.possearchau.icu/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

10
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

750 kB
Transfer

4513 kB
Size

2
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.amazon.co.jp/ref=ap_frn_logo

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/gp/help/customer/display.html/ref=ap_signin_notification_condition_of_use?ie=UTF8&nodeId=643006
Title: 利用規約

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/gp/help/customer/display.html/ref=ap_signin_notification_privacy_notice?ie=UTF8&nodeId=643000
Title: プライバシー規約

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/ap/forgotpassword?showRememberMe=true&openid.pape.max_auth_age=0&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&pageId=jpflex&openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2Fref%3Dnav_em_hd_re_signin&prevRID=95YJHC51TTZ9XPG0XS1H&openid.assoc_handle=jpflex&openid.mode=checkid_setup&prepopulatedLoginId=&failedSignInCount=0&ref_=nav_em_hd_clc_signin&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
Title: パスワードを忘れた場合

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/gp/help/customer/account-issues/ref=ap_login_with_otp_claim_collection?ie=UTF8
Title: その他のログインに関する問題

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/ap/register?showRememberMe=true&openid.pape.max_auth_age=0&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&pageId=jpflex&openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2Fref%3Dnav_em_hd_re_signin&prevRID=95YJHC51TTZ9XPG0XS1H&openid.assoc_handle=jpflex&openid.mode=checkid_setup&prepopulatedLoginId=&failedSignInCount=0&ref_=nav_em_hd_clc_signin&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0
Title: Amazonアカウントを作成

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/gp/help/customer/display.html/ref=ap_desktop_footer_cou?ie=UTF8&nodeId=643006
Title: 利用規約

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/gp/help/customer/display.html/ref=ap_desktop_footer_privacy_notice?ie=UTF8&nodeId=643000
Title: プライバシー規約

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/help
Title: ヘルプ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cutt.ly/y8GOhfk HTTP 301
http://www.possearchau.icu/ HTTP 301
https://www.possearchau.icu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.possearchau.icu/ Redirect Chain https://cutt.ly/y8GOhfk http://www.possearchau.icu/ https://www.possearchau.icu/	592 B 470 B	334ms 109ms	Document text/html	38.54.111.179 KAOPU-HK Kaopu Cl...
General Check archive.org Show headers Download Go to Full URL https://www.possearchau.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 38.54.111.179 , United States, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK), Reverse DNS Software Apache / Resource Hash `be85666270e0c2d16585cbdd0dd8f133294a7a3b233966e8d088b42268b23d00` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 332 content-type text/html date Wed, 08 Mar 2023 05:54:42 GMT etag "250-5f65bb3416716-gzip" last-modified Wed, 08 Mar 2023 04:09:53 GMT server Apache vary Accept-Encoding Redirect headers Connection close Content-Length 305 Content-Type text/html; charset=iso-8859-1 Date Wed, 08 Mar 2023 05:54:41 GMT Location https://www.possearchau.icu/ Server Apache
GET H2	200	app.752839d3f58c010ecc04f48dcc063497.css www.possearchau.icu/static/css/	4 MB 634 KB	327ms 326ms	Stylesheet text/css	38.54.111.179 KAOPU-HK Kaopu Cl...
General Check archive.org Show headers Download Go to Full URL https://www.possearchau.icu/static/css/app.752839d3f58c010ecc04f48dcc063497.css Requested by Host: www.possearchau.icu URL: https://www.possearchau.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 38.54.111.179 , United States, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK), Reverse DNS Software Apache / Resource Hash `e6be99ea2c533ddca872535bb6fbc4d45ad36b5e3f6c24e133bf1e45b003ce26` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.possearchau.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 08 Mar 2023 05:54:42 GMT content-encoding gzip last-modified Wed, 08 Mar 2023 04:10:18 GMT server Apache etag "420568-5f65bb4b984ad-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes
GET H2	200	manifest.dd091f32d078ce1ae228.js Show response www.possearchau.icu/static/js/	3 KB 1 KB	110ms 110ms	Script application/javascript	38.54.111.179 KAOPU-HK Kaopu Cl...
General Check archive.org Show headers Download Go to Full URL https://www.possearchau.icu/static/js/manifest.dd091f32d078ce1ae228.js Requested by Host: www.possearchau.icu URL: https://www.possearchau.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 38.54.111.179 , United States, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK), Reverse DNS Software Apache / Resource Hash `819f3664edeb9b5173d990c80fc6fd2a0ad9660d193dc37e219de1d00d271360` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.possearchau.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 08 Mar 2023 05:54:42 GMT content-encoding gzip last-modified Wed, 08 Mar 2023 04:10:39 GMT server Apache etag "aa7-5f65bb602aac6-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1190
GET H2	200	vendor.8942a87b5a70d06cf6ea.js Show response www.possearchau.icu/static/js/	233 KB 82 KB	125ms 124ms	Script application/javascript	38.54.111.179 KAOPU-HK Kaopu Cl...
General Check archive.org Show headers Download Go to Full URL https://www.possearchau.icu/static/js/vendor.8942a87b5a70d06cf6ea.js Requested by Host: www.possearchau.icu URL: https://www.possearchau.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 38.54.111.179 , United States, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK), Reverse DNS Software Apache / Resource Hash `1f940df454ae24dce204417bc1652b54a5928fa332ae82c5a54c61d894fd8fec` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.possearchau.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 08 Mar 2023 05:54:42 GMT content-encoding gzip last-modified Wed, 08 Mar 2023 04:10:40 GMT server Apache etag "3a533-5f65bb6141f8b-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes
GET H2	200	app.75f405b5d5d325e145c9.js Show response www.possearchau.icu/static/js/	11 KB 2 KB	112ms 112ms	Script application/javascript	38.54.111.179 KAOPU-HK Kaopu Cl...
General Check archive.org Show headers Download Go to Full URL https://www.possearchau.icu/static/js/app.75f405b5d5d325e145c9.js Requested by Host: www.possearchau.icu URL: https://www.possearchau.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 38.54.111.179 , United States, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK), Reverse DNS Software Apache / Resource Hash `a62e508cfe383d2bd5bc08b4c5c7859ceb3ea69179515435040b2e0327225868` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.possearchau.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 08 Mar 2023 05:54:42 GMT content-encoding gzip last-modified Wed, 08 Mar 2023 04:10:38 GMT server Apache etag "2c5f-5f65bb5eb2737-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 2178
GET H2	200	8.67434be2e9f5b166bccc.js Show response www.possearchau.icu/static/js/	861 B 642 B	108ms 108ms	Script application/javascript	38.54.111.179 KAOPU-HK Kaopu Cl...
General Check archive.org Show headers Download Go to Full URL https://www.possearchau.icu/static/js/8.67434be2e9f5b166bccc.js Requested by Host: www.possearchau.icu URL: https://www.possearchau.icu/static/js/manifest.dd091f32d078ce1ae228.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 38.54.111.179 , United States, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK), Reverse DNS Software Apache / Resource Hash `dd49eb3cdcd3de9fbf684dba385a4ac0d5dd3be2847e25474a9508b967ac28f8` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.possearchau.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 08 Mar 2023 05:54:44 GMT content-encoding gzip last-modified Wed, 08 Mar 2023 04:10:36 GMT server Apache etag "35d-5f65bb5d5af19-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 542
GET H2	200	jump.php Show response www.possearchau.icu/api/	2 B 226 B	549ms 549ms	XHR text/html	38.54.111.179 KAOPU-HK Kaopu Cl...
General Check archive.org Show headers Download Go to Full URL https://www.possearchau.icu/api/jump.php Requested by Host: www.possearchau.icu URL: https://www.possearchau.icu/static/js/vendor.8942a87b5a70d06cf6ea.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 38.54.111.179 , United States, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK), Reverse DNS Software Apache / Resource Hash `d8463bd3ba4b10e5916f65fa7b0c1f9f91f67ca40cc25b48810fb2f5a3340488` Request headers Accept application/json, text/plain, / Referer https://www.possearchau.icu/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Wed, 08 Mar 2023 05:54:44 GMT content-encoding gzip server Apache vary Accept-Encoding access-control-allow-methods * content-type text/html;charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true content-length 22 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	11.8b1570ce205b9a0d5ecb.js Show response www.possearchau.icu/static/js/	10 KB 3 KB	110ms 109ms	Script application/javascript	38.54.111.179 KAOPU-HK Kaopu Cl...
General Check archive.org Show headers Download Go to Full URL https://www.possearchau.icu/static/js/11.8b1570ce205b9a0d5ecb.js Requested by Host: www.possearchau.icu URL: https://www.possearchau.icu/static/js/manifest.dd091f32d078ce1ae228.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 38.54.111.179 , United States, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK), Reverse DNS Software Apache / Resource Hash `d6265261c26dfd2ef33b0ab4e87c26ba44fc55553b76c0a95914404ab75a53ce` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.possearchau.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 08 Mar 2023 05:54:44 GMT content-encoding gzip last-modified Wed, 08 Mar 2023 04:10:28 GMT server Apache etag "279f-5f65bb55cf89d-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 3034
GET H2	200	api_session.php Show response www.possearchau.icu/api/	75 B 129 B	180ms 179ms	XHR text/html	38.54.111.179 KAOPU-HK Kaopu Cl...
General Check archive.org Show headers Download Go to Full URL https://www.possearchau.icu/api/api_session.php Requested by Host: www.possearchau.icu URL: https://www.possearchau.icu/static/js/vendor.8942a87b5a70d06cf6ea.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 38.54.111.179 , United States, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK), Reverse DNS Software Apache / Resource Hash `035bea5d37ada818781cc516f492615f3d16721d5c276794a7b7350a1d242652` Request headers Accept application/json, text/plain, / Referer https://www.possearchau.icu/ap/signin/openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.co.jp%2F%3Fref_%3Dnav_ya_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=jpflex&openid.mode=checkid_setup&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&1 accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Wed, 08 Mar 2023 05:54:44 GMT content-encoding gzip server Apache vary Accept-Encoding access-control-allow-methods POST content-type text/html;charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true content-length 88 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	AmazonUIBaseCSS-sprite_1x-28bd59af93d9b1c745bb0aca4de58763b54df7cf._V2_.6a23b50.png www.possearchau.icu/static/img/	26 KB 26 KB	109ms 109ms	Image image/png	38.54.111.179 KAOPU-HK Kaopu Cl...
General Check archive.org Show headers Download Go to Show image Full URL https://www.possearchau.icu/static/img/AmazonUIBaseCSS-sprite_1x-28bd59af93d9b1c745bb0aca4de58763b54df7cf._V2_.6a23b50.png Requested by Host: www.possearchau.icu URL: https://www.possearchau.icu/static/css/app.752839d3f58c010ecc04f48dcc063497.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 38.54.111.179 , United States, ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK), Reverse DNS Software Apache / Resource Hash `e1283c0339d0393ebf45c02a0b34618f572b82eb5dbda366385498ae01413d3d` Request headers accept-language jp-JP,jp;q=0.9 Referer https://www.possearchau.icu/static/css/app.752839d3f58c010ecc04f48dcc063497.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 08 Mar 2023 05:54:44 GMT last-modified Wed, 08 Mar 2023 04:10:19 GMT server Apache accept-ranges bytes etag "6607-5f65bb4cf5e73" content-length 26119 content-type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a515dcb414d0c44f70cbdc70eb4eceae128f82667a9d143731e3b4f608f3f483` Request headers accept-language jp-JP,jp;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Amazon (Online) Amazon Japan (Online)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cutt.ly/	1969-12-31 23:59:59	Name: PHPSESSID Value: 77oh57ukr717q4dksnk0iikqdu
			www.possearchau.icu/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3garmq293qc24fs4t1bftkrnv5

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cutt.ly
www.possearchau.icu
2606:4700:10::6816:e8
38.54.111.179
035bea5d37ada818781cc516f492615f3d16721d5c276794a7b7350a1d242652
1f940df454ae24dce204417bc1652b54a5928fa332ae82c5a54c61d894fd8fec
819f3664edeb9b5173d990c80fc6fd2a0ad9660d193dc37e219de1d00d271360
a515dcb414d0c44f70cbdc70eb4eceae128f82667a9d143731e3b4f608f3f483
a62e508cfe383d2bd5bc08b4c5c7859ceb3ea69179515435040b2e0327225868
be85666270e0c2d16585cbdd0dd8f133294a7a3b233966e8d088b42268b23d00
d6265261c26dfd2ef33b0ab4e87c26ba44fc55553b76c0a95914404ab75a53ce
d8463bd3ba4b10e5916f65fa7b0c1f9f91f67ca40cc25b48810fb2f5a3340488
dd49eb3cdcd3de9fbf684dba385a4ac0d5dd3be2847e25474a9508b967ac28f8
e1283c0339d0393ebf45c02a0b34618f572b82eb5dbda366385498ae01413d3d
e6be99ea2c533ddca872535bb6fbc4d45ad36b5e3f6c24e133bf1e45b003ce26

www.possearchau.icu Open in urlscan Pro 38.54.111.179 Malicious Activity!

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

750 kBTransfer

4513 kBSize

2 Cookies

9 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

2 Cookies

Indicators

www.possearchau.icu
38.54.111.179 Malicious Activity!

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

750 kB
Transfer

4513 kB
Size

2
Cookies

10 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!