accounts-luno.log-webs.com
Open in
urlscan Pro
2a06:98c1:3120::c
Malicious Activity!
Public Scan
Submission: On January 18 via manual from US — Scanned from NL
Summary
This is the only time accounts-luno.log-webs.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Luno (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 2a06:98c1:312... 2a06:98c1:3120::c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 99.86.247.197 99.86.247.197 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:400d:80a::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
14 | 4 |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-247-197.vie50.r.cloudfront.net
d32exi8v9av3ux.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
log-webs.com
accounts-luno.log-webs.com |
49 KB |
5 |
cloudfront.net
d32exi8v9av3ux.cloudfront.net |
188 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 672 |
31 KB |
1 |
gstatic.com
fonts.gstatic.com |
126 KB |
14 | 4 |
Domain | Requested by | |
---|---|---|
7 | accounts-luno.log-webs.com |
accounts-luno.log-webs.com
|
5 | d32exi8v9av3ux.cloudfront.net |
accounts-luno.log-webs.com
|
1 | code.jquery.com |
accounts-luno.log-webs.com
|
1 | fonts.gstatic.com |
accounts-luno.log-webs.com
|
14 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
discover.luno.com |
status.luno.com |
luno.sng.link |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-12-12 - 2023-03-06 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://accounts-luno.log-webs.com/
Frame ID: A0116C517BD8482437EBC18A41EEC1FF
Requests: 14 HTTP requests in this frame
4 Outgoing links
These are links going to different origins than the main page.
Title: local_library Discover
Search URL Search Domain Scan URL
Title: update Status
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
accounts-luno.log-webs.com/ |
134 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.b50078a8c778e101.css
accounts-luno.log-webs.com/home_files/ |
159 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Fracktif-Regular.woff
d32exi8v9av3ux.cloudfront.net/static/fonts/ |
72 KB 73 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ill_email.png
accounts-luno.log-webs.com/home_files/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v139/ |
125 KB 126 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Fracktif-SemiBold.woff
d32exi8v9av3ux.cloudfront.net/static/fonts/ |
73 KB 74 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
social-apple-white.svg
accounts-luno.log-webs.com/home_files/ |
691 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
social-google.svg
accounts-luno.log-webs.com/home_files/ |
802 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ill_password@2x.png
d32exi8v9av3ux.cloudfront.net/static/v3/illustrations/auth/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
social-facebook-white.svg
accounts-luno.log-webs.com/home_files/ |
350 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ill_no_account_v3.png
d32exi8v9av3ux.cloudfront.net/static/v3/illustrations/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ill_spot_key@3x.png
d32exi8v9av3ux.cloudfront.net/static/themes/luno_v3/illustrations/spot/general/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
email-decode.min.js
accounts-luno.log-webs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.1.min.js
code.jquery.com/ |
88 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Luno (Crypto Exchange)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery string| email string| password string| code undefined| timer function| check1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
accounts-luno.log-webs.com/ | Name: ASP.NET_SessionId Value: z2c01u14jj14qqethznxab3o |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts-luno.log-webs.com
code.jquery.com
d32exi8v9av3ux.cloudfront.net
fonts.gstatic.com
2001:4de0:ac18::1:a:3b
2a00:1450:400d:80a::2003
2a06:98c1:3120::c
99.86.247.197
1cc8d959ade8be4fc824a682cd1ca71c9a7f507804cae6ed51b9ee44868ffc5a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2da59bb74d8445fbcb91a383ffe55c4bf84b85d2268ae743a8587702f5b37b7b
412b2537f5f90857519fd60ec6ad2d749f36dbde3c70172d286367f626beff83
44c3cdb0ef17065437a2d1124f14e78a892408dc0fd89b680fd01a1a3030fe7c
4fd6a73539f01d13a8a5dcec4dd85db54b4f25fdeb20d6668710fd29c5460e20
679785cc82679994e23fd35b49d35b812b01f7ca7889e0529744b248bcb01722
6a5deaa1e615f61b05aee54e35a402f674672a9144cbfa67d120eef5f67ca57d
77c3567fde5b5ed9ce148161ec12a0d99c69ec4794db9231616115f0e2dcb832
83be7b2f504af2c948c5106fa907dc4224380a7b75a993a7bff52cd71ec8c7d3
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a607182ebb16a317c166b448efab29ab70386b3b6163950ea6e1baac6694b004
d09aa5fd7f1f63fae4c8f6e532f6957a96add99e54c13ae4991ab8b4d7186550
fbff55fa35995b30857a3e31aaaf37d60e60809655b38702211dc74d94790efa