bafybeihxnpfp7rwkjs4zpzdywr7go5jrxwmhjopy4hk2sqsycnmlgtb7hq.ipfs.dweb.link
Open in
urlscan Pro
2602:fea2:2::1
Malicious Activity!
Public Scan
Submission: On July 16 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on June 11th 2023. Valid for: 3 months.
This is the only time bafybeihxnpfp7rwkjs4zpzdywr7go5jrxwmhjopy4hk2sqsycnmlgtb7hq.ipfs.dweb.link was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Optus (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 2602:fea2:2::1 2602:fea2:2::1 | 40680 (PROTOCOL) (PROTOCOL) | |
3 | 2606:4700:303... 2606:4700:3034::6815:ae5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:813::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.75.88.207 104.75.88.207 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
35 | 5 |
ASN40680 (PROTOCOL, US)
bafybeihxnpfp7rwkjs4zpzdywr7go5jrxwmhjopy4hk2sqsycnmlgtb7hq.ipfs.dweb.link |
ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-207.deploy.static.akamaitechnologies.com
smb.optus.com.au |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
dweb.link
bafybeihxnpfp7rwkjs4zpzdywr7go5jrxwmhjopy4hk2sqsycnmlgtb7hq.ipfs.dweb.link |
29 KB |
3 |
zxnclothing.com
zxnclothing.com |
98 KB |
2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 433 |
61 KB |
1 |
optus.com.au
smb.optus.com.au |
2 KB |
0 |
optusnet.com.au
Failed
webmail.optusnet.com.au Failed |
|
35 | 5 |
Domain | Requested by | |
---|---|---|
7 | bafybeihxnpfp7rwkjs4zpzdywr7go5jrxwmhjopy4hk2sqsycnmlgtb7hq.ipfs.dweb.link |
bafybeihxnpfp7rwkjs4zpzdywr7go5jrxwmhjopy4hk2sqsycnmlgtb7hq.ipfs.dweb.link
|
3 | zxnclothing.com |
bafybeihxnpfp7rwkjs4zpzdywr7go5jrxwmhjopy4hk2sqsycnmlgtb7hq.ipfs.dweb.link
zxnclothing.com |
2 | ajax.googleapis.com |
bafybeihxnpfp7rwkjs4zpzdywr7go5jrxwmhjopy4hk2sqsycnmlgtb7hq.ipfs.dweb.link
|
1 | smb.optus.com.au |
zxnclothing.com
|
0 | webmail.optusnet.com.au Failed |
bafybeihxnpfp7rwkjs4zpzdywr7go5jrxwmhjopy4hk2sqsycnmlgtb7hq.ipfs.dweb.link
|
35 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
dweb.link R3 |
2023-06-11 - 2023-09-09 |
3 months | crt.sh |
zxnclothing.com GTS CA 1P5 |
2023-06-13 - 2023-09-11 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-06-19 - 2023-09-11 |
3 months | crt.sh |
www.optus.com.au Trustwave Organization Validation SHA256 CA, Level 1 |
2023-02-10 - 2024-02-12 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://bafybeihxnpfp7rwkjs4zpzdywr7go5jrxwmhjopy4hk2sqsycnmlgtb7hq.ipfs.dweb.link/
Frame ID: 443B260DED4E7B6DF649B7C07C69D306
Requests: 35 HTTP requests in this frame
Screenshot
Page Title
Optus - WebmailDetected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
35 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
bafybeihxnpfp7rwkjs4zpzdywr7go5jrxwmhjopy4hk2sqsycnmlgtb7hq.ipfs.dweb.link/ |
136 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
247tag.js
bafybeihxnpfp7rwkjs4zpzdywr7go5jrxwmhjopy4hk2sqsycnmlgtb7hq.ipfs.dweb.link/js/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
headerFooter.css
zxnclothing.com/wp-includes/css/ |
407 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header.js
bafybeihxnpfp7rwkjs4zpzdywr7go5jrxwmhjopy4hk2sqsycnmlgtb7hq.ipfs.dweb.link/js_optus/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all-fonts4.css
zxnclothing.com/wp-includes/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lux.base.8fba59704a65bcc34212ff1ef5e4708d.css
zxnclothing.com/wp-includes/css/ |
619 KB 56 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
macpc.png
bafybeihxnpfp7rwkjs4zpzdywr7go5jrxwmhjopy4hk2sqsycnmlgtb7hq.ipfs.dweb.link/images/ |
191 B 191 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mob.png
bafybeihxnpfp7rwkjs4zpzdywr7go5jrxwmhjopy4hk2sqsycnmlgtb7hq.ipfs.dweb.link/images/ |
189 B 189 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tablet.png
bafybeihxnpfp7rwkjs4zpzdywr7go5jrxwmhjopy4hk2sqsycnmlgtb7hq.ipfs.dweb.link/images/ |
192 B 192 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.3/ |
88 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
bafybeihxnpfp7rwkjs4zpzdywr7go5jrxwmhjopy4hk2sqsycnmlgtb7hq.ipfs.dweb.link/ |
136 KB 14 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_optus.png
smb.optus.com.au/opfiles/ys/online-style/images/logo/ |
1 KB 2 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ee10f7196c1b125a3b8222341465bf5e.woff
zxnclothing.com/wp-includes/css/assets/fonts/markpro/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
markpro-heavy.woff
zxnclothing.com/wp-includes/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
2d0e6ce5791dcb72fd35df708136be66.woff
zxnclothing.com/wp-includes/css/assets/fonts/lux-icons/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
optus-icons.woff
webmail.optusnet.com.au/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
TradeGothicLTPro.woff
webmail.optusnet.com.au/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
MarkPro.woff
zxnclothing.com/wp-includes/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
507b76aa0351c57ece90f02239b62ba3.woff
zxnclothing.com/wp-includes/css/assets/fonts/markpro-bold/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
TradeGothicLTPro-Bold.woff
zxnclothing.com/wp-includes/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
markpro-medium.woff
zxnclothing.com/wp-includes/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
optus-icons.ttf
webmail.optusnet.com.au/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
TradeGothicLTPro.ttf
webmail.optusnet.com.au/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
TradeGothicLTPro.woff
zxnclothing.com/wp-includes/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
MarkPro.ttf
zxnclothing.com/wp-includes/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
e4b4a05b220275fdcd5ea00604578c52.ttf
zxnclothing.com/wp-includes/css/assets/fonts/lux-icons/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
b36bd0abdbc7fa03aa4a74b044f01b41.ttf
zxnclothing.com/wp-includes/css/assets/fonts/markpro-bold/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
markpro-medium.ttf
zxnclothing.com/wp-includes/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
markpro-heavy.ttf
zxnclothing.com/wp-includes/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
19a3ebc699884aecee079593432d97c3.ttf
zxnclothing.com/wp-includes/css/assets/fonts/markpro/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
TradeGothicLTPro-Bold.ttf
zxnclothing.com/wp-includes/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
TradeGothicLTPro.ttf
zxnclothing.com/wp-includes/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
lux-icon.f3b05436332f1b3b6e43b84b30eb59d6.woff
zxnclothing.com/wp-includes/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
lux-icon.50f215c39d502ab1ac65636dbdb277cc.ttf
zxnclothing.com/wp-includes/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- zxnclothing.com
- URL
- https://zxnclothing.com/wp-includes/css/assets/fonts/markpro/ee10f7196c1b125a3b8222341465bf5e.woff
- Domain
- zxnclothing.com
- URL
- https://zxnclothing.com/wp-includes/css/markpro-heavy.woff
- Domain
- zxnclothing.com
- URL
- https://zxnclothing.com/wp-includes/css/assets/fonts/lux-icons/2d0e6ce5791dcb72fd35df708136be66.woff
- Domain
- webmail.optusnet.com.au
- URL
- https://webmail.optusnet.com.au/fonts/optus-icons.woff
- Domain
- webmail.optusnet.com.au
- URL
- https://webmail.optusnet.com.au/fonts/TradeGothicLTPro.woff
- Domain
- zxnclothing.com
- URL
- https://zxnclothing.com/wp-includes/css/MarkPro.woff
- Domain
- zxnclothing.com
- URL
- https://zxnclothing.com/wp-includes/css/assets/fonts/markpro-bold/507b76aa0351c57ece90f02239b62ba3.woff
- Domain
- zxnclothing.com
- URL
- https://zxnclothing.com/wp-includes/fonts/TradeGothicLTPro-Bold.woff
- Domain
- zxnclothing.com
- URL
- https://zxnclothing.com/wp-includes/css/markpro-medium.woff
- Domain
- webmail.optusnet.com.au
- URL
- https://webmail.optusnet.com.au/fonts/optus-icons.ttf
- Domain
- webmail.optusnet.com.au
- URL
- https://webmail.optusnet.com.au/fonts/TradeGothicLTPro.ttf
- Domain
- zxnclothing.com
- URL
- https://zxnclothing.com/wp-includes/fonts/TradeGothicLTPro.woff
- Domain
- zxnclothing.com
- URL
- https://zxnclothing.com/wp-includes/css/MarkPro.ttf
- Domain
- zxnclothing.com
- URL
- https://zxnclothing.com/wp-includes/css/assets/fonts/lux-icons/e4b4a05b220275fdcd5ea00604578c52.ttf
- Domain
- zxnclothing.com
- URL
- https://zxnclothing.com/wp-includes/css/assets/fonts/markpro-bold/b36bd0abdbc7fa03aa4a74b044f01b41.ttf
- Domain
- zxnclothing.com
- URL
- https://zxnclothing.com/wp-includes/css/markpro-medium.ttf
- Domain
- zxnclothing.com
- URL
- https://zxnclothing.com/wp-includes/css/markpro-heavy.ttf
- Domain
- zxnclothing.com
- URL
- https://zxnclothing.com/wp-includes/css/assets/fonts/markpro/19a3ebc699884aecee079593432d97c3.ttf
- Domain
- zxnclothing.com
- URL
- https://zxnclothing.com/wp-includes/fonts/TradeGothicLTPro-Bold.ttf
- Domain
- zxnclothing.com
- URL
- https://zxnclothing.com/wp-includes/fonts/TradeGothicLTPro.ttf
- Domain
- zxnclothing.com
- URL
- https://zxnclothing.com/wp-includes/css/lux-icon.f3b05436332f1b3b6e43b84b30eb59d6.woff
- Domain
- zxnclothing.com
- URL
- https://zxnclothing.com/wp-includes/css/lux-icon.50f215c39d502ab1ac65636dbdb277cc.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Optus (Telecommunication)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery object| _0x81f0 function| isValidEmail0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
51 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
bafybeihxnpfp7rwkjs4zpzdywr7go5jrxwmhjopy4hk2sqsycnmlgtb7hq.ipfs.dweb.link
smb.optus.com.au
webmail.optusnet.com.au
zxnclothing.com
webmail.optusnet.com.au
zxnclothing.com
104.75.88.207
2602:fea2:2::1
2606:4700:3034::6815:ae5
2a00:1450:4001:813::200a
202ce28be7850087059fb7fe4f40a5d289e9c8a6b2313c2148e068b3166e7392
2033bbe4aa73f4280a88295ac24c18357b104c4ab27ebf98cf49a11ea77d64a0
576568c9ad27faacb700d282cf6d7205767d50797e70bff917ee57cf548567c8
71bbfab0b0311f8441dbd4f5eb9bfcaa863c02adc95eae898690794927b940bf
8abcf2e9fe30251d35ee775c1ec6bdc967e81f4ed3608ac638dd10d276523ad7
9af3e308c0937ccbc6fbcf2b503faaee9d3767f0ca4c1916eed19dad557d12db
a1258a16345d77ea28692eebbacf397fc69bf4e5877e4aaaaf969a54c7820f51
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
b940920ff886be054c9c637c50581a8c77ef7a7cf0fdd1d1146f2b17d3035163
e09e4a2202a3b5cc4d5820ad5fd9067af48a724ce8aa20240fb9872ce878bdb3
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d