piratesinn.com.cy Open in urlscan Pro
2606:4700:3035::6818:61a1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mvha5.app.link/S9GE68Zf63
Effective URL:
https://piratesinn.com.cy/wp-includes/js/crop/Bo0o0o0o0ofa/
Submission: On February 17 via manual (February 17th 2020, 6:54:19 am UTC) from US

Summary HTTP 8 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3035::6818:61a1, located in United States and belongs to CLOUDFLARENET, US. The main domain is piratesinn.com.cy.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 1st 2019. Valid for: a year.

This is the only time piratesinn.com.cy was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address		AS Autonomous System
1	2600:9000:20e... 2600:9000:20eb:e00:19:9934:6a80:93a1		16509 (AMAZON-02) (AMAZON-02)
2	213.186.33.176 213.186.33.176		16276 (OVH) (OVH)
5	2606:4700:303... 2606:4700:3035::6818:61a1		13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	4

1 2600:9000:20eb:e00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

mvha5.app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.186.33.176 (Quesnoy-sur-Deule, France)

ASN16276 (OVH, FR)
PTR: full-cdn-01.cluster020.hosting.ovh.net

artplak.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3035::6818:61a1 (United States)

ASN13335 (CLOUDFLARENET, US)

piratesinn.com.cy	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	piratesinn.com.cy piratesinn.com.cy	68 KB
2	artplak.fr artplak.fr	330 B
1	app.link mvha5.app.link	1 KB
8	3

	Domain	Requested by
5	piratesinn.com.cy	piratesinn.com.cy
2	artplak.fr	mvha5.app.link
1	mvha5.app.link
8	3

This site contains no links.

Subject Issuer	Validity	Valid
appipv4.link Amazon	`2019-08-19` - `2020-09-19`	a year	crt.sh
artplak.fr Let's Encrypt Authority X3	`2020-01-23` - `2020-04-22`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-04-01` - `2020-04-01`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://piratesinn.com.cy/wp-includes/js/crop/Bo0o0o0o0ofa/
Frame ID: F036CE777E133DC363682775F3390CC2
Requests: 8 HTTP requests in this frame

Frame: https://artplak.fr/sites/Fidelity/SEC/AGf3qJDGFIqf38qfwf3aFIWEU/info/://open?link_click_id=757844531068219401
Frame ID: F1BA57184B1B9C8EB6EA896A5B7DD0F9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://mvha5.app.link/S9GE68Zf63 Page URL
https://artplak.fr/sites/Fidelity/SEC/AGf3qJDGFIqf38qfwf3aFIWEU/info/?_branch_match_id=75784453... Page URL
https://piratesinn.com.cy/wp-includes/js/crop/Bo0o0o0o0ofa/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /\(CloudFront\)$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /\(CloudFront\)$/i

Page Statistics

8
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

70 kB
Transfer

157 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mvha5.app.link/S9GE68Zf63 Page URL
https://artplak.fr/sites/Fidelity/SEC/AGf3qJDGFIqf38qfwf3aFIWEU/info/?_branch_match_id=757844531068219401&utm_medium=marketing Page URL
https://piratesinn.com.cy/wp-includes/js/crop/Bo0o0o0o0ofa/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set S9GE68Zf63 Show response mvha5.app.link/	2 KB 1 KB	462ms 424ms	Document text/html	2600:9000:20eb:e00:19:9934:6a80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mvha5.app.link/S9GE68Zf63 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:20eb:e00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software openresty/1.13.6.2 / Express Resource Hash `7cf4fec9f1052373263f73a67e942433e14de44aac22f49164198185e8157b68` Request headers Host mvha5.app.link Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding Server openresty/1.13.6.2 Date Mon, 17 Feb 2020 06:54:03 GMT X-Powered-By Express Set-Cookie _s=Erx0o92wu67P6u3Zi6IQp2AcTfUcmr7hm8enKB5dQct9sF3YC48TFohtZY7HjwUV; Max-Age=31536000; Domain=.app.link; Path=/; Expires=Tue, 16 Feb 2021 06:54:02 GMT Last-Modified Mon, 17 Feb 2020 06:54:03 GMT Content-Encoding gzip X-Cache Miss from cloudfront Via 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA2-C1 X-Amz-Cf-Id zyG0bNFx_TIkvYzgRxoHdSbbhg_q5mmmN8gr1Sbt0p_cvB8mtbNUMQ==
GET H2	500	open artplak.fr/sites/Fidelity/SEC/AGf3qJDGFIqf38qfwf3aFIWEU/info/:// Frame F1BA	0 0	121ms 49ms	Document text/html	213.186.33.176 OVH
General Check archive.org Show headers Download Go to Full URL https://artplak.fr/sites/Fidelity/SEC/AGf3qJDGFIqf38qfwf3aFIWEU/info/://open?link_click_id=757844531068219401 Requested by Host: mvha5.app.link URL: https://mvha5.app.link/S9GE68Zf63 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.186.33.176 Quesnoy-sur-Deule, France, ASN16276 (OVH, FR), Reverse DNS full-cdn-01.cluster020.hosting.ovh.net Software / Resource Hash Request headers :method GET :authority artplak.fr :scheme https :path /sites/Fidelity/SEC/AGf3qJDGFIqf38qfwf3aFIWEU/info/://open?link_click_id=757844531068219401 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest iframe accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://mvha5.app.link/S9GE68Zf63 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest iframe Referer https://mvha5.app.link/S9GE68Zf63 Response headers status 500 date Mon, 17 Feb 2020 06:54:03 GMT content-type text/html;charset=utf-8 x-iplb-instance 17192 set-cookie SERVERID585=20212\|Xko4j\|Xko4j; path=/ x-request-id 367102726 cache-control no-cache content-encoding gzip vary Accept-Encoding x-cdn-pop rbx1 x-cdn-pop-ip 51.254.41.192/26 x-cacheable Cacheable
GET H2	200	/ Show response artplak.fr/sites/Fidelity/SEC/AGf3qJDGFIqf38qfwf3aFIWEU/info/	104 B 330 B	41ms 41ms	Document text/html	213.186.33.176 OVH
General Check archive.org Show headers Download Go to Full URL https://artplak.fr/sites/Fidelity/SEC/AGf3qJDGFIqf38qfwf3aFIWEU/info/?_branch_match_id=757844531068219401&utm_medium=marketing Requested by Host: mvha5.app.link URL: https://mvha5.app.link/S9GE68Zf63 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.186.33.176 Quesnoy-sur-Deule, France, ASN16276 (OVH, FR), Reverse DNS full-cdn-01.cluster020.hosting.ovh.net Software / Resource Hash `c4d14e87163e479cb7056f4b408ee1096c7295e5021cac609584f0531f64a248` Request headers :method GET :authority artplak.fr :scheme https :path /sites/Fidelity/SEC/AGf3qJDGFIqf38qfwf3aFIWEU/info/?_branch_match_id=757844531068219401&utm_medium=marketing pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://mvha5.app.link/S9GE68Zf63 accept-encoding gzip, deflate, br accept-language en-US cookie SERVERID585=20212\|Xko4j\|Xko4j Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Referer https://mvha5.app.link/S9GE68Zf63 Response headers status 200 date Mon, 17 Feb 2020 06:54:03 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-iplb-instance 18162 x-request-id 367102727 content-encoding br x-cdn-pop rbx1 x-cdn-pop-ip 51.254.41.192/26 x-cacheable Cacheable accept-ranges bytes content-length 90
GET H2	200	Primary Request / Show response piratesinn.com.cy/wp-includes/js/crop/Bo0o0o0o0ofa/	550 B 799 B	420ms 387ms	Document text/html	2606:4700:3035::6818:61a1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://piratesinn.com.cy/wp-includes/js/crop/Bo0o0o0o0ofa/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:61a1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.0.33 Resource Hash `e3fb360f6ba7f25795ef7541d122c137cf84b71f5c5fa3d02672dc88ad841973` Request headers :method GET :authority piratesinn.com.cy :scheme https :path /wp-includes/js/crop/Bo0o0o0o0ofa/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://artplak.fr/sites/Fidelity/SEC/AGf3qJDGFIqf38qfwf3aFIWEU/info/?_branch_match_id=757844531068219401&utm_medium=marketing accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Referer https://artplak.fr/sites/Fidelity/SEC/AGf3qJDGFIqf38qfwf3aFIWEU/info/?_branch_match_id=757844531068219401&utm_medium=marketing Response headers status 200 date Mon, 17 Feb 2020 06:54:04 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d9e6c4bbf2a5650422bf3e956f9889e581581922443; expires=Wed, 18-Mar-20 06:54:03 GMT; path=/; domain=.piratesinn.com.cy; HttpOnly; SameSite=Lax cazanova=i00dl0khsimmoisb9qcgcjs23aq34e3j; expires=Mon, 17-Feb-2020 08:54:04 GMT; Max-Age=7200; path=/; HttpOnly x-powered-by PHP/7.0.33 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache vary Accept-Encoding x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5665d909ac11c2db-FRA content-encoding br
GET H2	200	0b0oa5MwsS6tvMuZtJ2sw-NN-q0.js Show response piratesinn.com.cy/cdn-cgi/apps/head/	5 KB 2 KB	11ms 11ms	Script application/javascript	2606:4700:3035::6818:61a1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://piratesinn.com.cy/cdn-cgi/apps/head/0b0oa5MwsS6tvMuZtJ2sw-NN-q0.js Requested by Host: piratesinn.com.cy URL: https://piratesinn.com.cy/wp-includes/js/crop/Bo0o0o0o0ofa/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:61a1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5451b6deafd9c28fa80433d181d30669da0c4a9487b0c37b600631b7b3cc4368` Request headers Referer https://piratesinn.com.cy/wp-includes/js/crop/Bo0o0o0o0ofa/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Mon, 17 Feb 2020 06:54:04 GMT content-encoding br cf-cache-status HIT age 4512 status 200 x-amz-request-id FB319BC2789C91E6 x-amz-id-2 vGmAZN3r3wYqwcN4+y8yyvIQHGxOLn8fVY3SG4TI/2o4h+ZpKN8HwrOcJRsAis6KsrbH7XAM8lE= last-modified Thu, 12 Dec 2019 08:26:08 GMT server cloudflare etag W/"609c28aabe2f9b6493cb29ebcec6e898" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 x-amz-version-id DonS3MWAkdrqPX4tK_T8zjckNcFDyEBY cf-ray 5665d90c9a39c2db-FRA
GET H2	200	captcha.js Show response piratesinn.com.cy/wp-includes/js/crop/Bo0o0o0o0ofa//assets/js/	123 KB 44 KB	19ms 19ms	Script application/x-javascript	2606:4700:3035::6818:61a1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://piratesinn.com.cy/wp-includes/js/crop/Bo0o0o0o0ofa//assets/js/captcha.js Requested by Host: piratesinn.com.cy URL: https://piratesinn.com.cy/wp-includes/js/crop/Bo0o0o0o0ofa/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:61a1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `abda937cf2741f8b08acc1fa946f155ee91073120f8de3dbcd26f70fc24f698b` Request headers Referer https://piratesinn.com.cy/wp-includes/js/crop/Bo0o0o0o0ofa/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Mon, 17 Feb 2020 06:54:04 GMT content-encoding br cf-cache-status HIT last-modified Mon, 07 Oct 2019 17:02:48 GMT server cloudflare age 151435 etag W/"1ecbb-5d9b6fb8-ed7ce324688a0150;gz" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript status 200 cache-control public, max-age=691200 x-turbo-charged-by LiteSpeed cf-ray 5665d90c9a3cc2db-FRA expires Sat, 22 Feb 2020 12:50:09 GMT
GET H2	200	FqCn1UcLFJeW5B0SzT6U1c5RWyk.js Show response piratesinn.com.cy/cdn-cgi/apps/body/	6 KB 2 KB	10ms 10ms	Script application/javascript	2606:4700:3035::6818:61a1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://piratesinn.com.cy/cdn-cgi/apps/body/FqCn1UcLFJeW5B0SzT6U1c5RWyk.js Requested by Host: piratesinn.com.cy URL: https://piratesinn.com.cy/cdn-cgi/apps/head/0b0oa5MwsS6tvMuZtJ2sw-NN-q0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:61a1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8fb0367f7c36ada1fc457cfaad4f38a06c5547ab45b7476135268f5e3c7ffd8a` Request headers Referer https://piratesinn.com.cy/wp-includes/js/crop/Bo0o0o0o0ofa/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Mon, 17 Feb 2020 06:54:04 GMT content-encoding br cf-cache-status HIT age 4512 status 200 x-amz-request-id 96FD815D0618FA31 x-amz-id-2 JOGJCvf+aXzopwP3unjNjNepDE1K8EobyqurMuRThSevAUiFiEAKlgz0Q+Ci3iMOv3+cbzcpRVg= last-modified Thu, 12 Dec 2019 08:26:07 GMT server cloudflare etag W/"36eed4af225ad31abab8ed8aa7cb7741" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 x-amz-version-id eiGjLF0_LACRc_UDRcRvJPOOc0fYXFWe cf-ray 5665d90cba66c2db-FRA
GET DATA	200 OK	truncated /	1 KB 0		Stylesheet text/css
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `0c7ad05bd4addfaa84b5610e30c6379039b426e8c8b857ecb146eebf6c37efb0` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type text/css;charset=utf-8
GET H2	200	captcha.png piratesinn.com.cy/wp-includes/js/crop/Bo0o0o0o0ofa//	19 KB 19 KB	85ms 85ms	Image image/png	2606:4700:3035::6818:61a1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://piratesinn.com.cy/wp-includes/js/crop/Bo0o0o0o0ofa//captcha.png?_1581922446302 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6818:61a1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.0.33 Resource Hash `739646e6ec89521ad7a03daa069171b4c00933a60ab46229e4d79884cf188e0d` Request headers Referer https://piratesinn.com.cy/wp-includes/js/crop/Bo0o0o0o0ofa/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers pragma no-cache date Mon, 17 Feb 2020 06:54:06 GMT cf-cache-status MISS server cloudflare x-powered-by PHP/7.0.33 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=691200, must-revalidate x-turbo-charged-by LiteSpeed cf-ray 5665d9197ebfc2db-FRA expires Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| CloudflareApps function| setImmediate function| clearImmediate function| Vue

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			piratesinn.com.cy/	1970-01-19 07:25:29	Name: cazanova Value: i00dl0khsimmoisb9qcgcjs23aq34e3j
			.piratesinn.com.cy/	1970-01-19 08:08:34	Name: __cfduid Value: d9e6c4bbf2a5650422bf3e956f9889e581581922443

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

artplak.fr
mvha5.app.link
piratesinn.com.cy
213.186.33.176
2600:9000:20eb:e00:19:9934:6a80:93a1
2606:4700:3035::6818:61a1
0c7ad05bd4addfaa84b5610e30c6379039b426e8c8b857ecb146eebf6c37efb0
5451b6deafd9c28fa80433d181d30669da0c4a9487b0c37b600631b7b3cc4368
739646e6ec89521ad7a03daa069171b4c00933a60ab46229e4d79884cf188e0d
7cf4fec9f1052373263f73a67e942433e14de44aac22f49164198185e8157b68
8fb0367f7c36ada1fc457cfaad4f38a06c5547ab45b7476135268f5e3c7ffd8a
abda937cf2741f8b08acc1fa946f155ee91073120f8de3dbcd26f70fc24f698b
c4d14e87163e479cb7056f4b408ee1096c7295e5021cac609584f0531f64a248
e3fb360f6ba7f25795ef7541d122c137cf84b71f5c5fa3d02672dc88ad841973