outlqqk.webflow.io
Open in
urlscan Pro
151.101.66.188
Malicious Activity!
Public Scan
Submission Tags: https://sinking.yachts sinking-yachts phishing Search All
Submission: On February 12 via api from CZ — Scanned from DE
Summary
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q4 on November 29th 2023. Valid for: a year.
This is the only time outlqqk.webflow.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Community Verdicts: Malicious — 1 votes Show Verdicts
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 151.101.66.188 151.101.66.188 | 54113 (FASTLY) (FASTLY) | |
4 | 2600:9000:218... 2600:9000:218c:9000:12:9e5f:cac0:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 18.245.246.151 18.245.246.151 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 3 |
ASN16509 (AMAZON-02, US)
assets-global.website-files.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-245-246-151.lhr5.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
website-files.com
assets-global.website-files.com — Cisco Umbrella Rank: 5944 |
87 KB |
1 |
cloudfront.net
d3e54v103j8qbb.cloudfront.net |
30 KB |
1 |
webflow.io
outlqqk.webflow.io |
2 KB |
6 | 3 |
Domain | Requested by | |
---|---|---|
4 | assets-global.website-files.com |
outlqqk.webflow.io
|
1 | d3e54v103j8qbb.cloudfront.net |
outlqqk.webflow.io
|
1 | outlqqk.webflow.io | |
6 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.webflow.io GlobalSign Atlas R3 DV TLS CA 2023 Q4 |
2023-11-29 - 2024-12-30 |
a year | crt.sh |
*.website-files.com Amazon RSA 2048 M03 |
2023-09-11 - 2024-10-08 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://outlqqk.webflow.io/
Frame ID: A7A14F2DA65079D88DB64CEE737A7387
Requests: 6 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
outlqqk.webflow.io/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
outlqqk.webflow.986431e4b.css
assets-global.website-files.com/65c0f557ea3301bff29aaeda/css/ |
38 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webflow.b6cd6fb64.js
assets-global.website-files.com/65c0f557ea3301bff29aaeda/js/ |
166 KB 62 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
65c101a3ccc4cb9c462703c8_outl1.JPG
assets-global.website-files.com/65c0f557ea3301bff29aaeda/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
65c101a3b9e4683ed455a118_download.png
assets-global.website-files.com/65c0f557ea3301bff29aaeda/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Malicious
task.url
Submitted on
February 12th 2024, 7:20:41 pm
UTC —
From Czech Republic
Threats:
Phishing
Scam
Comment: This domain is present in the Sinking Yachts anti-phishing list. More Info: https://sinking.yachts
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| tram object| Webflow0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' https://*.webflow.com http://*.webflow.com http://*.webflow.io http://webflow.com https://webflow.com |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets-global.website-files.com
d3e54v103j8qbb.cloudfront.net
outlqqk.webflow.io
151.101.66.188
18.245.246.151
2600:9000:218c:9000:12:9e5f:cac0:93a1
01f0a322db0c3a748cc14b477976007ec90a98b660dc12fdd4e997ea4c1c12b2
5e6eb8031247cfb20d39fd8ec8bbfe8079791667ef815253c53e4e505d4e79ee
92231c2dadf545e8ea7959b5911a10470e1407c084418f1757d4601e897e6a02
a7c14ee84d81a536a4cd54e3a144f388f2174a4a5c409ae118ea49f0da6b4aa6
d9015e403db9a8606cace2e7eb61d5a360e762ee532f3542989bfa06d36ad2d4
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d