urlscan.io logo urlscan.io
SecurityTrails logo

outlqqk.webflow.io Open in urlscan Pro
151.101.66.188  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://outlqqk.webflow.io/
Submission Tags: https://sinking.yachts sinking-yachts phishing Search All
Submission: On February 12 via api from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 151.101.66.188, located in United States and belongs to FASTLY, US. The main domain is outlqqk.webflow.io.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q4 on November 29th 2023. Valid for: a year.
This is the only time outlqqk.webflow.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious1 votes Show Verdicts

Domain & IP information

IP Address AS Autonomous System
1 151.101.66.188 54113 (FASTLY)
4 2600:9000:218... 16509 (AMAZON-02)
1 18.245.246.151 16509 (AMAZON-02)
6 3
Apex Domain
Subdomains		 Transfer
4 website-files.com
assets-global.website-files.com — Cisco Umbrella Rank: 5944
87 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
30 KB
1 webflow.io
outlqqk.webflow.io
2 KB
6 3
Domain Requested by
4 assets-global.website-files.com outlqqk.webflow.io
1 d3e54v103j8qbb.cloudfront.net outlqqk.webflow.io
1 outlqqk.webflow.io
6 3

This site contains no links.

Subject Issuer Validity Valid
*.webflow.io
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-11-29 -
2024-12-30		 a year crt.sh
*.website-files.com
Amazon RSA 2048 M03		 2023-09-11 -
2024-10-08		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://outlqqk.webflow.io/
Frame ID: A7A14F2DA65079D88DB64CEE737A7387
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

outlQQk

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

6
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

119 kB
Transfer

309 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
outlqqk.webflow.io/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://outlqqk.webflow.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.188 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5e6eb8031247cfb20d39fd8ec8bbfe8079791667ef815253c53e4e505d4e79ee
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.webflow.com http://*.webflow.com http://*.webflow.io http://webflow.com https://webflow.com

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2405
content-encoding
gzip
content-length
1304
content-security-policy
frame-ancestors 'self' https://*.webflow.com http://*.webflow.com http://*.webflow.io http://webflow.com https://webflow.com
content-type
text/html
date
Mon, 12 Feb 2024 19:20:30 GMT
vary
x-wf-forwarded-proto, Accept-Encoding
x-cache
HIT
x-cache-hits
1
x-lambda-id
8497307b-d523-495e-9beb-9d0a907225f0
x-served-by
cache-fra-etou8220072-FRA
x-timer
S1707765630.482107,VS0,VE13
outlqqk.webflow.986431e4b.css
assets-global.website-files.com/65c0f557ea3301bff29aaeda/css/ 		38 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-global.website-files.com/65c0f557ea3301bff29aaeda/css/outlqqk.webflow.986431e4b.css
Requested by
Host: outlqqk.webflow.io
URL: https://outlqqk.webflow.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218c:9000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9015e403db9a8606cace2e7eb61d5a360e762ee532f3542989bfa06d36ad2d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://outlqqk.webflow.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 10:17:45 GMT
content-encoding
gzip
via
1.1 e4059f46272097afa4f97386185c6f4a.cloudfront.net (CloudFront)
x-amz-version-id
aKLCuV9GCdqv1coHq4PALU7oYt30TUMa
age
32566
x-amz-cf-pop
CDG50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8588
last-modified
Mon, 05 Feb 2024 19:03:49 GMT
server
AmazonS3
etag
"35ef1532803ae91b0a37da879767a378"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
6DCYdR9u37pjp1p38d0SEMzRVrHhK4rujIQpdhv-UU4rGL0XGEKjsg==
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=65c0f557ea3301bff29aaeda
Requested by
Host: outlqqk.webflow.io
URL: https://outlqqk.webflow.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.246.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-246-151.lhr5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://outlqqk.webflow.io/
Origin
https://outlqqk.webflow.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 09:54:53 GMT
content-encoding
br
via
1.1 61cfb1fbd05143386b8f46885d2beb1a.cloudfront.net (CloudFront)
age
33938
x-amz-cf-pop
LHR5-P5
x-cache
Hit from cloudfront
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
9SJrYOPhZQldcl6zC9XW6z-_bKsKbH-dAG5O1PyAZ_cLTaBrt9BCBw==
webflow.b6cd6fb64.js
assets-global.website-files.com/65c0f557ea3301bff29aaeda/js/ 		166 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-global.website-files.com/65c0f557ea3301bff29aaeda/js/webflow.b6cd6fb64.js
Requested by
Host: outlqqk.webflow.io
URL: https://outlqqk.webflow.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218c:9000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01f0a322db0c3a748cc14b477976007ec90a98b660dc12fdd4e997ea4c1c12b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://outlqqk.webflow.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 10:17:45 GMT
content-encoding
gzip
via
1.1 e4059f46272097afa4f97386185c6f4a.cloudfront.net (CloudFront)
x-amz-version-id
PMXmvcCNd7C5M1udYx6z0qGWX9Z5vT4A
age
32566
x-amz-cf-pop
CDG50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
62891
last-modified
Mon, 05 Feb 2024 19:03:49 GMT
server
AmazonS3
etag
"0b33f72bd08b12337783c55a1e73716a"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
lGJh9ycnCbxTSEyJCY2kLP5cPGBMdPt2DQnY30hehJWQY9yjjivk-A==
65c101a3ccc4cb9c462703c8_outl1.JPG
assets-global.website-files.com/65c0f557ea3301bff29aaeda/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/65c0f557ea3301bff29aaeda/65c101a3ccc4cb9c462703c8_outl1.JPG
Requested by
Host: outlqqk.webflow.io
URL: https://outlqqk.webflow.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218c:9000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92231c2dadf545e8ea7959b5911a10470e1407c084418f1757d4601e897e6a02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://outlqqk.webflow.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 10:17:45 GMT
x-amz-version-id
v9A5TqXOVh_I7Hq7N3kwcfejAhJnHEmc
via
1.1 e4059f46272097afa4f97386185c6f4a.cloudfront.net (CloudFront)
age
32566
x-amz-cf-pop
CDG50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
8147
last-modified
Mon, 05 Feb 2024 15:41:26 GMT
server
AmazonS3
etag
"ba8d907ebb2278154419fcfff3104c63"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
seF37RbMq9XKL2TPHggRWOjbhVqfiDZBDhhRmuddOEUSRXfgGcKmDA==
65c101a3b9e4683ed455a118_download.png
assets-global.website-files.com/65c0f557ea3301bff29aaeda/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/65c0f557ea3301bff29aaeda/65c101a3b9e4683ed455a118_download.png
Requested by
Host: outlqqk.webflow.io
URL: https://outlqqk.webflow.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218c:9000:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7c14ee84d81a536a4cd54e3a144f388f2174a4a5c409ae118ea49f0da6b4aa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://outlqqk.webflow.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 10:17:45 GMT
x-amz-version-id
sYDZvwv02ckGOGM4rHRIufz04qJa8ojm
via
1.1 e4059f46272097afa4f97386185c6f4a.cloudfront.net (CloudFront)
age
32566
x-amz-cf-pop
CDG50-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
7746
last-modified
Mon, 05 Feb 2024 15:41:25 GMT
server
AmazonS3
etag
"8f66b06c5aedba6a75ce7f9a49619c4a"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
DB7QrUysl_OjY_0qlX6DWlEa3nCD-htEyzk7b8e_DkapB4afCVa93w==

Verdicts & Comments Add Verdict or Comment

Malicious task.url
Submitted on February 12th 2024, 7:20:41 pm UTC — From Czech Republic

Threats: Phishing Scam
Comment: This domain is present in the Sinking Yachts anti-phishing list. More Info: https://sinking.yachts

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| tram object| Webflow

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://*.webflow.com http://*.webflow.com http://*.webflow.io http://webflow.com https://webflow.com