sudetyrus.surf Open in urlscan Pro
162.241.87.185 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sudetyrus.surf/main/mega/login.php?l=secure
Submission: On November 02 via automatic, source phishtank (November 2nd 2021, 10:08:36 am UTC) — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 162.241.87.185, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is sudetyrus.surf.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 27th 2021. Valid for: 3 months.

This is the only time sudetyrus.surf was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Paxful (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
11	162.241.87.185 162.241.87.185	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
13	2

11 162.241.87.185 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-87-185.unifiedlayer.com

sudetyrus.surf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	sudetyrus.surf sudetyrus.surf	4 MB
2	gstatic.com fonts.gstatic.com	64 KB
13	2

	Domain	Requested by
11	sudetyrus.surf	sudetyrus.surf
2	fonts.gstatic.com	sudetyrus.surf
13	2

This site contains no links.

Subject Issuer	Validity	Valid
sudetyrus.surf cPanel, Inc. Certification Authority	`2021-10-27` - `2022-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sudetyrus.surf/main/mega/login.php?l=secure
Frame ID: 16D686718992800D9FC110154511B7C3
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Paxful Accounts

Page Statistics

13
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

4559 kB
Transfer

4556 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request login.php Show response
sudetyrus.surf/main/mega/ 20 KB
20 KB 450ms
137ms Document
text/html 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://sudetyrus.surf/main/mega/login.php?l=secure
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.87.185 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: 3d75f07572545f82ad2d9d0aa21d427d97d26a79453a2a28209b03250a2736da

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 02 Nov 2021 10:08:29 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK vendors.chunk.css
sudetyrus.surf/main/mega/fege/ 38 KB
38 KB 229ms
131ms Stylesheet
text/css 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://sudetyrus.surf/main/mega/fege/vendors.chunk.css
Requested by: Host: sudetyrus.surf
URL: https://sudetyrus.surf/main/mega/login.php?l=secure
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.87.185 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: 48e271f720233e74b9f16f1a6aa46730aeb6884df8d15fcb0abcd2b472d7e4b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sudetyrus.surf/main/mega/login.php?l=secure
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 10:08:29 GMT
Last-Modified: Wed, 20 Oct 2021 23:14:54 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 39070

GET
H/1.1 200
OK main.af63dc631e61fb87f6de.css
sudetyrus.surf/main/mega/fege/ 4 MB
4 MB 387ms
130ms Stylesheet
text/css 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://sudetyrus.surf/main/mega/fege/main.af63dc631e61fb87f6de.css
Requested by: Host: sudetyrus.surf
URL: https://sudetyrus.surf/main/mega/login.php?l=secure
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.87.185 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: 7d060e3c8a16ee2f9262fe1e8a436d464d550e4e8b2caf95719f271f3e9610f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sudetyrus.surf/main/mega/login.php?l=secure
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 10:08:29 GMT
Last-Modified: Wed, 20 Oct 2021 23:14:54 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3977868

GET
H/1.1 200
OK css
sudetyrus.surf/main/mega/fege/ 13 KB
13 KB 390ms
131ms Stylesheet
text/plain 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://sudetyrus.surf/main/mega/fege/css
Requested by: Host: sudetyrus.surf
URL: https://sudetyrus.surf/main/mega/login.php?l=secure
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.87.185 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: 1550ad0c9eccbed709f8652cda3509af300e42e93bf1dd0fd6f09433e392db22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sudetyrus.surf/main/mega/login.php?l=secure
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 10:08:29 GMT
Last-Modified: Wed, 20 Oct 2021 23:14:56 GMT
Server: Apache
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 13579

GET
H/1.1 200
OK index.js.download Show response
sudetyrus.surf/main/mega/fege/ 157 KB
157 KB 393ms
130ms Script
application/javascript 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://sudetyrus.surf/main/mega/fege/index.js.download
Requested by: Host: sudetyrus.surf
URL: https://sudetyrus.surf/main/mega/login.php?l=secure
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.87.185 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: 1c68d6e7f449ced5d6b14207b0ed8c3bb0c55c5350e99dc72185304a46aae371

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sudetyrus.surf/main/mega/login.php?l=secure
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 10:08:29 GMT
Last-Modified: Wed, 20 Oct 2021 23:14:56 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 160969

GET
H/1.1 200
OK gettype.php Show response
sudetyrus.surf/main/mega/fege/ 515 B
722 B 162ms
162ms Script
text/html 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://sudetyrus.surf/main/mega/fege/gettype.php
Requested by: Host: sudetyrus.surf
URL: https://sudetyrus.surf/main/mega/login.php?l=secure
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.87.185 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: c370c516ab3d4461094bbcbd3734a8e70dc8e2c6e3390a5515955796a9319a9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sudetyrus.surf/main/mega/login.php?l=secure
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 10:08:30 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK fullpage.9.0.7.js.download Show response
sudetyrus.surf/main/mega/fege/ 313 KB
313 KB 143ms
143ms Script
application/javascript 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://sudetyrus.surf/main/mega/fege/fullpage.9.0.7.js.download
Requested by: Host: sudetyrus.surf
URL: https://sudetyrus.surf/main/mega/login.php?l=secure
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.87.185 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: dc4c16d1855a221cee1dba0a0e13ca39177e61a4446a3ba4ebfb0965094f5830

Request headers

Referer: https://sudetyrus.surf/main/mega/login.php?l=secure
Origin: https://sudetyrus.surf
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 10:08:30 GMT
Last-Modified: Wed, 20 Oct 2021 23:15:00 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 320282

GET
H/1.1 200
OK get.php Show response
sudetyrus.surf/main/mega/fege/ 117 B
323 B 389ms
131ms Script
text/html 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://sudetyrus.surf/main/mega/fege/get.php
Requested by: Host: sudetyrus.surf
URL: https://sudetyrus.surf/main/mega/login.php?l=secure
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.87.185 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: 65b3a46be7aa4a03027d2c5cb109a5316bb1d149d2c850b90d68d993a93d7a75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sudetyrus.surf/main/mega/login.php?l=secure
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 10:08:29 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK style_https.1.5.8.css
sudetyrus.surf/main/mega/fege/ 40 KB
40 KB 301ms
132ms Stylesheet
text/css 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://sudetyrus.surf/main/mega/fege/style_https.1.5.8.css
Requested by: Host: sudetyrus.surf
URL: https://sudetyrus.surf/main/mega/login.php?l=secure
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.87.185 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: 8ba195fffe0097e44a5dd29c35c092f10039e126cc9c4113330e8bf690c2461e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sudetyrus.surf/main/mega/login.php?l=secure
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 10:08:29 GMT
Last-Modified: Wed, 20 Oct 2021 23:15:02 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 40702

GET
H/1.1 200
OK https-label-91194ad43fc85d71e34a467282e95f23.webp
sudetyrus.surf/main/mega/fege/ 1 KB
1 KB 140ms
139ms Image
image/webp 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudetyrus.surf/main/mega/fege/https-label-91194ad43fc85d71e34a467282e95f23.webp
Requested by: Host: sudetyrus.surf
URL: https://sudetyrus.surf/main/mega/login.php?l=secure
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.87.185 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: 134f21ebaee6bd53399c56a6db3b8e30b767e8d6e0f4af10a18c71b48a395526

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sudetyrus.surf/main/mega/login.php?l=secure
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 10:08:30 GMT
Last-Modified: Wed, 20 Oct 2021 23:15:02 GMT
Server: Apache
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1026

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 45ms
14ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: sudetyrus.surf
URL: https://sudetyrus.surf/main/mega/fege/css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudetyrus.surf/
Origin: https://sudetyrus.surf
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 18:26:14 GMT
x-content-type-options: nosniff
age: 402137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 18:26:14 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 35ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: sudetyrus.surf
URL: https://sudetyrus.surf/main/mega/fege/css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sudetyrus.surf/
Origin: https://sudetyrus.surf
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:11:57 GMT
x-content-type-options: nosniff
age: 46594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 01 Nov 2022 21:11:57 GMT

GET
H/1.1 200
OK file.png
sudetyrus.surf/main/mega/fege/ 25 KB
25 KB 129ms
128ms Image
image/png 162.241.87.185
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sudetyrus.surf/main/mega/fege/file.png
Requested by: Host: sudetyrus.surf
URL: https://sudetyrus.surf/main/mega/login.php?l=secure
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.87.185 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-87-185.unifiedlayer.com
Software: Apache /
Resource Hash: 9f85870dd352c77d79b65b00827f4876cb1d5c8b5227376a56f474f409057396

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sudetyrus.surf/main/mega/login.php?l=secure
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 10:08:31 GMT
Last-Modified: Thu, 21 Oct 2021 00:01:48 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 25463

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Paxful (Crypto Exchange)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
sudetyrus.surf
162.241.87.185
2a00:1450:4001:827::2003
134f21ebaee6bd53399c56a6db3b8e30b767e8d6e0f4af10a18c71b48a395526
1550ad0c9eccbed709f8652cda3509af300e42e93bf1dd0fd6f09433e392db22
1c68d6e7f449ced5d6b14207b0ed8c3bb0c55c5350e99dc72185304a46aae371
3d75f07572545f82ad2d9d0aa21d427d97d26a79453a2a28209b03250a2736da
48e271f720233e74b9f16f1a6aa46730aeb6884df8d15fcb0abcd2b472d7e4b6
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
65b3a46be7aa4a03027d2c5cb109a5316bb1d149d2c850b90d68d993a93d7a75
7d060e3c8a16ee2f9262fe1e8a436d464d550e4e8b2caf95719f271f3e9610f9
8ba195fffe0097e44a5dd29c35c092f10039e126cc9c4113330e8bf690c2461e
9f85870dd352c77d79b65b00827f4876cb1d5c8b5227376a56f474f409057396
c370c516ab3d4461094bbcbd3734a8e70dc8e2c6e3390a5515955796a9319a9b
dc4c16d1855a221cee1dba0a0e13ca39177e61a4446a3ba4ebfb0965094f5830
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

sudetyrus.surf Open in urlscan Pro 162.241.87.185 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

13 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

4559 kBTransfer

4556 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

0 Cookies

Indicators

sudetyrus.surf Open in urlscan Pro
162.241.87.185 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

4559 kB
Transfer

4556 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!