youtuberbuzz.com
Open in
urlscan Pro
104.168.181.55
Malicious Activity!
Public Scan
Submission: On September 21 via automatic, source openphish
Summary
This is the only time youtuberbuzz.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Credit Agricole (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 104.168.181.55 104.168.181.55 | 54290 (HOSTWINDS) (HOSTWINDS - Hostwinds LLC.) | |
2 | 158.191.172.47 158.191.172.47 | 9159 () () | |
1 | 2400:cb00:204... 2400:cb00:2048:1::6812:3665 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare) | |
1 | 2400:cb00:204... 2400:cb00:2048:1::6812:3765 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare) | |
8 | 4 |
ASN54290 (HOSTWINDS - Hostwinds LLC., US)
PTR: client-104-168-181-55.hostwindsdns.com
youtuberbuzz.com |
ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
store1.up-00.com |
ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
store4.up-00.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
youtuberbuzz.com
youtuberbuzz.com |
6 KB |
2 |
up-00.com
store1.up-00.com store4.up-00.com |
98 KB |
2 |
credit-agricole.fr
www.credit-agricole.fr |
11 KB |
8 | 3 |
Domain | Requested by | |
---|---|---|
4 | youtuberbuzz.com |
youtuberbuzz.com
|
2 | www.credit-agricole.fr |
youtuberbuzz.com
|
1 | store4.up-00.com |
youtuberbuzz.com
|
1 | store1.up-00.com |
youtuberbuzz.com
|
8 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.credit-agricole.fr CLASS 2 KEYNECTIS CA |
2016-12-07 - 2017-12-08 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://youtuberbuzz.com/cledigita10Ginrmation/www.mes-acces.credit-agri-cole.fr-banques-portailL-particulier-homepagese5642A/cred/0c8938464c37dadabb9e02f491d72bd9/final.php
Frame ID: 18153.1
Requests: 8 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
final.php
youtuberbuzz.com/cledigita10Ginrmation/www.mes-acces.credit-agri-cole.fr-banques-portailL-particulier-homepagese5642A/cred/0c8938464c37dadabb9e02f491d72bd9/ |
17 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
authentication.js
youtuberbuzz.com/cledigita10Ginrmation/www.mes-acces.credit-agri-cole.fr-banques-portailL-particulier-homepagese5642A/cred/0c8938464c37dadabb9e02f491d72bd9/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
f4e4b15ee25a1b4dca5039e50b3f32.png
www.credit-agricole.fr/local/cache-gd2/90/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
205be68a1ef005d2e7792dd79f3c24.png
www.credit-agricole.fr/local/cache-gd2/21/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
150509208302571.png
store1.up-00.com/2017-09/ |
769 B 769 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
150509102477841.png
store4.up-00.com/2017-09/ |
97 KB 97 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ar_h.gif
youtuberbuzz.com/cledigita10Ginrmation/www.mes-acces.credit-agri-cole.fr-banques-portailL-particulier-homepagese5642A/cred/imgs/imagesTemplates/ |
1 KB 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ar_b.gif
youtuberbuzz.com/cledigita10Ginrmation/www.mes-acces.credit-agri-cole.fr-banques-portailL-particulier-homepagese5642A/cred/imgs/imagesTemplates/ |
1 KB 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Credit Agricole (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
store1.up-00.com
store4.up-00.com
www.credit-agricole.fr
youtuberbuzz.com
104.168.181.55
158.191.172.47
2400:cb00:2048:1::6812:3665
2400:cb00:2048:1::6812:3765
6b598512a01f4d0780b5f4b99e55942fcbfb254d2c9ab36a4db3f2fcd4d9d2b6
70c65bd0e084398a87baa298c1fafa52afff402096cb350d563d309565c07e83
9916360fd7629d7dc9abc3b1e16ba24152275e208c37386205dfb95b0b8e8c01
b2d514069c57ccfac450842727d457a50dd41d5543799241b0b254afa1dd9ee1
f1965d63907826b0d6649e89d45f51da57718622274e652cb22ad0e0518a2115
f333f2fcf0fc6deb49618932f5ce44eb14b0bac35322fd98100fab9490551903