aminah.skylaaminah.site Open in urlscan Pro
5.104.107.248  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://altennerth.rest/qkabbocxoh Page URL
2. https://aminah.skylaaminah.site/s/de5851ef674bb Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	qkabbocxoh Show response altennerth.rest/	7 KB 4 KB	1680ms 1654ms	Document text/html	104.21.80.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://altennerth.rest/qkabbocxoh Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.30 Resource Hash aa0982c9eaa963a36c0254e7d6cbb4148aa1ea2d4814d9455fbdfdec85cbfa89 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f1f6e4f4c5ad398-FRA content-encoding zstd content-type text/html; charset=UTF-8 date Sat, 14 Dec 2024 16:04:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QO%2FTJgni9r09IzNyxCAXiGd4CH9wPYb%2FEXeMDaQkGzTs%2BQfLQ%2BsEvbaPTSjsudP%2FZuzz1kqPz2FBnnwsi6uvYvQdJX68fUmygnq%2BUDxVUsNgEPonPFmAonKxaLIWxcTX7XM%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.30
GET H3	404	favicon.ico altennerth.rest/	552 B 582 B	314ms 314ms	Other text/html	104.21.80.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://altennerth.rest/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.80.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://altennerth.rest/qkabbocxoh Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control max-age=14400 content-encoding zstd cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lagFgVrxwo7Jj92JhSrGVfzHUnDroTG%2ByeHQEygvwLydbh4pZc5bvOtjJ2nQ8WHr27bldDFW9UnGlE2rwKqct%2B%2BbOVSVb4Xdh4an2d9A44dGb4JzLOEjTHa%2BJ9oAV%2B6jB7A%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f1f6e59bcc4d398-FRA alt-svc h3=":443"; ma=86400 date Sat, 14 Dec 2024 16:04:40 GMT content-type text/html vary Accept-Encoding server cloudflare
GET H/1.1	200 OK	Primary Request de5851ef674bb Show response aminah.skylaaminah.site/s/	47 KB 19 KB	451ms 116ms	Document text/html	5.104.107.248 MYLOC-AS WIIT AG
General Check archive.org Show headers Download Go to Full URL https://aminah.skylaaminah.site/s/de5851ef674bb Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE), Reverse DNS srv11409.dus4.dedicated.server-hosting.expert Software openresty / Resource Hash e24ff3cf50a8a257a1f4cfe34e0b12c382f91b04aa4c253ea9d7fa750ac6c02b Request headers Referer https://altennerth.rest/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Cache-Control must-revalidate, no-cache, no-store, private Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sat, 14 Dec 2024 16:04:43 GMT Server openresty Transfer-Encoding chunked Vary Accept-Encoding expires -1 pragma no-cache
GET H/1.1	200 OK	style.css aminah.skylaaminah.site/bundle/302/assets/css/	2 KB 1 KB	17ms 16ms	Stylesheet text/css	5.104.107.248 MYLOC-AS WIIT AG
General Check archive.org Show headers Download Go to Full URL https://aminah.skylaaminah.site/bundle/302/assets/css/style.css Requested by Host: aminah.skylaaminah.site URL: https://aminah.skylaaminah.site/s/de5851ef674bb Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE), Reverse DNS srv11409.dus4.dedicated.server-hosting.expert Software openresty / Resource Hash bc7da3819f5351addb3853324860e2ba01a074bd8d4bdc61b177403da5a67742 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aminah.skylaaminah.site/s/de5851ef674bb Response headers Transfer-Encoding chunked Cache-Control max-age=2592000, private Content-Encoding gzip ETag W/"6332c5be-790" Connection keep-alive Expires Mon, 13 Jan 2025 16:04:44 GMT Date Sat, 14 Dec 2024 16:04:44 GMT Last-Modified Tue, 27 Sep 2022 09:43:26 GMT Content-Type text/css Vary Accept-Encoding Server openresty
GET H3	200	font-awesome.min.css stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/	30 KB 7 KB	38ms 18ms	Stylesheet text/css	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: aminah.skylaaminah.site URL: https://aminah.skylaaminah.site/s/de5851ef674bb Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://aminah.skylaaminah.site Referer https://aminah.skylaaminah.site/ Response headers cdn-status 200 content-encoding br cf-cache-status HIT etag "269550530cc127b6aa5a35925a7de6ce" age 64498 x-content-type-options nosniff alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Sat, 14 Dec 2024 16:04:44 GMT last-modified Mon, 25 Jan 2021 22:04:55 GMT content-type text/css; charset=utf-8 vary Accept-Encoding cdn-cache HIT cdn-cachedat 10/17/2024 22:45:09 cdn-requestpullcode 200 priority u=0,i=?0 strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31919000 cdn-requestpullsuccess True timing-allow-origin * cdn-requesttime 0 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 7e75edae8f8a794a4e323bb7ce5f5ac3 cross-origin-resource-policy cross-origin cdn-pullzone 252412 cdn-proxyver 1.04 cf-ray 8f1f6e6f7e842c4f-FRA access-control-allow-origin * cdn-edgestorageid 1078 server cloudflare cdn-requestcountrycode US
GET H/1.1	200 OK	jquery.js Show response aminah.skylaaminah.site/bundle/302/assets/js/	84 KB 30 KB	36ms 19ms	Script application/javascript	5.104.107.248 MYLOC-AS WIIT AG
General Check archive.org Show headers Download Go to Full URL https://aminah.skylaaminah.site/bundle/302/assets/js/jquery.js Requested by Host: aminah.skylaaminah.site URL: https://aminah.skylaaminah.site/s/de5851ef674bb Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE), Reverse DNS srv11409.dus4.dedicated.server-hosting.expert Software openresty / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aminah.skylaaminah.site/s/de5851ef674bb Response headers Transfer-Encoding chunked Cache-Control max-age=2592000, private Content-Encoding gzip ETag W/"6332c5bf-14e4a" Connection keep-alive Expires Mon, 13 Jan 2025 16:04:44 GMT Date Sat, 14 Dec 2024 16:04:44 GMT Last-Modified Tue, 27 Sep 2022 09:43:27 GMT Content-Type application/javascript Vary Accept-Encoding Server openresty
GET H/1.1	200 OK	functions.js Show response aminah.skylaaminah.site/bundle/302/assets/js/	1 KB 862 B	38ms 13ms	Script application/javascript	5.104.107.248 MYLOC-AS WIIT AG
General Check archive.org Show headers Download Go to Full URL https://aminah.skylaaminah.site/bundle/302/assets/js/functions.js Requested by Host: aminah.skylaaminah.site URL: https://aminah.skylaaminah.site/s/de5851ef674bb Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE), Reverse DNS srv11409.dus4.dedicated.server-hosting.expert Software openresty / Resource Hash bcc57d3a442a70e9352320038b7dec514b03520e7b1c6c8645cf2ac8d7578723 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aminah.skylaaminah.site/s/de5851ef674bb Response headers Transfer-Encoding chunked Cache-Control max-age=2592000, private Content-Encoding gzip ETag W/"6332c5bf-43d" Connection keep-alive Expires Mon, 13 Jan 2025 16:04:44 GMT Date Sat, 14 Dec 2024 16:04:44 GMT Last-Modified Tue, 27 Sep 2022 09:43:27 GMT Content-Type application/javascript Vary Accept-Encoding Server openresty
GET H/1.1	200 OK	body.jpg aminah.skylaaminah.site/bundle/302/assets/img/	338 KB 338 KB	15ms 15ms	Image image/jpeg	5.104.107.248 MYLOC-AS WIIT AG
General Check archive.org Show headers Download Go to Show image Full URL https://aminah.skylaaminah.site/bundle/302/assets/img/body.jpg Requested by Host: aminah.skylaaminah.site URL: https://aminah.skylaaminah.site/bundle/302/assets/css/style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE), Reverse DNS srv11409.dus4.dedicated.server-hosting.expert Software openresty / Resource Hash a97b3a6a51a87af2cf849ac895c62960a6a15e0c41e6b9a4b4316aac4a3f7d24 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aminah.skylaaminah.site/bundle/302/assets/css/style.css Response headers Cache-Control max-age=2592000, private ETag "6332c5be-54747" Connection keep-alive Expires Mon, 13 Jan 2025 16:04:44 GMT Content-Length 345927 Date Sat, 14 Dec 2024 16:04:44 GMT Content-Type image/jpeg Last-Modified Tue, 27 Sep 2022 09:43:26 GMT Server openresty
GET H/1.1	200 OK	favicon.png aminah.skylaaminah.site/bundle/302/assets/img/	2 KB 2 KB	15ms 14ms	Other image/png	5.104.107.248 MYLOC-AS WIIT AG
General Check archive.org Show headers Download Go to Full URL https://aminah.skylaaminah.site/bundle/302/assets/img/favicon.png Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.104.107.248 Düsseldorf, Germany, ASN24961 (MYLOC-AS WIIT AG, DE), Reverse DNS srv11409.dus4.dedicated.server-hosting.expert Software openresty / Resource Hash d939f4e0922bf8c52dea5946e5b72af59230babbf06aa740646218be04b0ae6d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://aminah.skylaaminah.site/s/de5851ef674bb Response headers Cache-Control max-age=2592000, private ETag "6332c5bf-704" Connection keep-alive Expires Mon, 13 Jan 2025 16:04:44 GMT Content-Length 1796 Date Sat, 14 Dec 2024 16:04:44 GMT Content-Type image/png Last-Modified Tue, 27 Sep 2022 09:43:27 GMT Server openresty

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| sendTrack function| Fingerprint2 function| fingerprintGo function| collectTrackParams function| closingConfirm function| handleError function| getParameterByName function| collectParams function| checkRequired function| setLeadInfo function| setCF

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.skylaaminah.site/	1970-01-21 01:44:38	Name: s Value: 9JbudLQ8ZvvGuikVViZeAUtx6AhDhPWKfLO%2FbYQX60wPUCGtqBOR7BT44zvicafAJRlYNfeW3yZWUHd8rdSDeiB%2BLvYRH5tb%2FTdQQiJD4fZWtegbdbKA8IcBDbXSqkEKRfAy4lWDPyFn5Ce6FsnEqQVaKF9S9Z3GmFC9ohKrALec7ASTqhV7Vn96ReO44iTpg5IdL7WBe%2F4fIuu5t0I4UaBjJoHBttkR0Dy%2Bt4oapqU%2BIgUCu0zNU3t%2BszMt%2BbhY1G6fCQcvn8dKeabexx30GcBhUxRC5AEpy9xddkSCIYMLQI4Bq8eIiGo3jI4hWJyQHR68rlvogXTRw9NKl2NjdQX4%2BPKcZjUbPfw1GbVZ3b7KIomV4%2FnaS6yZif2urbJO6p1sAQsqdlf8RE6s%2FnJs8XPLuvatI6QvSA8L0lBOc0PA%2FINk%2BNJMC2RNqIRv4E9FAELIfjD%2BV6ajnc6NkQqiuMXHVbFCX6ZSG38iDgDDBXR4k4rvwbLH%2FjiIgLoBbONyUJpfoMlhez8HHKlR9Fy7U85XLpbG%2Fa7yg7Gotf3uyLhPyYR2A8bANcwhtcLnmPzQXgYf8IuRjUt8pi%2BriP3%2Fp31M2F3M5euCLQjpsFboTlvpQhlbgA%2BXjVnBFODchuA1SAEx0H0cBaAYe1kWJ7KzysGbif9sjd%2FiyG5E5ziJ6TjVolHyRhc1rSgsw%2FfowHLXGBTi5XVpsU3TszunjPA%2FDQV6bgZPYEvgTVjq1EqWpAm0NuKs632Ax6yx2n%2FdgoTBa3LOQszN4CvirDSRrgWEHnssmezjc0ohCrAxIr6iQ23%2BK336f%2FEGVcqoNfN95TizKzZKNNR5Yi%2Bln3q7FgNCzbHun9bv%2FU1KqWPMqTJkyzKw4k1uXbdLWiMh0Zq80MoV90uId2hBmZSq%2BcH6GbWj58GoibNTsbyvb%2BC04hHDfe37cC7IUAmi%2B2u72tT9hVR91Hb7UdIk9UcXy9AQi0HqWVGck8DJXQuYjvh66J9LohmhL1afOkMk1zPRZyWBMTkLSYYwDMGIvUwI78XqCFeKAwvH0o5QJe4473e3jaXbneBBDMTR9b26is1y27jOsmy6WNvoxp211TwAW2BQS81mUuoB7B32kh%2Frs0Q88%2FhdZpg1sYUt5ZLq7l93MMbTIwqeX5d2gXHa6NndtJOXPZOgVSwFdBUm4wsz2PNWV5w0Hq7i%2BCtj9c%2BafXeTQb1Sxy1HpYDkgpJ6JakzVbo75b7H5cy8LluoSv8M8eDt0WYZz17mfB9dLXvF1XP%2Bxo6CzBbfj6jYFEqE%2FQ2YN9hRi39UkLOo%2FWWN0q3XHRFGS%2BkUrTTUX%2Fzk7lkeSJhZ%2Bvss91FXPO58GNrmBFhdEFTzYqJRorCV1k%2F%2FD1pLOTsavRyewh%2BSguLm23N0Mn57gEBZIUIsrh1GPqxjesaFkp%2Bm5x9fLUCqSerd3RBe6zW7Q9xtLAvU99KZWRM443VejItYA2sgYrwqbWQfmkQGFDIptRgxH77EI9Z%2BQw4lDOx7OoU5tUQXl04lSfvR6OibceHeyP8uW%2ByT2sDkbRP6%2FDJUhqt4bj70IyyX5BpW5GXBX2HX7GRYboCSZpfo2VDTaVkZGRHMzKomZaYr9n%2BJgA4eGwk0963pS%2FoYdoQknR%2F7ky0nWa7Wr2JvD%2B8gkltHfGwtRv8TS%2BAsLbXHVMJnN05PQaX6ZqePjN9W3%2FXyWZSJPr%2FHNI%2By8j%2BfxO2jPftyVZM8tm4i0A3CCSKQzXzQ70J%2FmzWiml%2FuZgYL3e6D7WRmIny7t7Skvw4CdMcGWoZihw1IPjmGUuhgWw%2BIOcpf%2FMAEw6mHa36yZU8G%2F4FnHZu6SjdQUXkB6bWVRRNdaSkYg%2FjDSyqBTXw27yiF0RZpGVcsd770emddSmM%2Byb57u2TOYpKfrw%3D%3D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://altennerth.rest/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
rendering	warning	URL: https://aminah.skylaaminah.site/s/de5851ef674bb(Line 6) Message: The value "false" for key "user-scalable" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

altennerth.rest
aminah.skylaaminah.site
stackpath.bootstrapcdn.com
104.18.11.207
104.21.80.1
5.104.107.248
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
a97b3a6a51a87af2cf849ac895c62960a6a15e0c41e6b9a4b4316aac4a3f7d24
a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb
aa0982c9eaa963a36c0254e7d6cbb4148aa1ea2d4814d9455fbdfdec85cbfa89
bc7da3819f5351addb3853324860e2ba01a074bd8d4bdc61b177403da5a67742
bcc57d3a442a70e9352320038b7dec514b03520e7b1c6c8645cf2ac8d7578723
d939f4e0922bf8c52dea5946e5b72af59230babbf06aa740646218be04b0ae6d
e24ff3cf50a8a257a1f4cfe34e0b12c382f91b04aa4c253ea9d7fa750ac6c02b