cousin.rainfallexam.best
Open in
urlscan Pro
172.67.183.163
Malicious Activity!
Public Scan
Submission: On March 24 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on March 13th 2023. Valid for: 3 months.
This is the only time cousin.rainfallexam.best was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: The Loft Co (Retail)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 172.67.183.163 172.67.183.163 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
17 | 2606:4700:303... 2606:4700:3036::6815:4bed | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
30 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
30 |
rainfallexam.best
cousin.rainfallexam.best |
2 MB |
30 | 1 |
Domain | Requested by | |
---|---|---|
30 | cousin.rainfallexam.best |
cousin.rainfallexam.best
|
30 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.rainfallexam.best GTS CA 1P5 |
2023-03-13 - 2023-06-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://cousin.rainfallexam.best/
Frame ID: DB04254EAC13ADD12A8FCE298E8CB696
Requests: 30 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
30 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
cousin.rainfallexam.best/ |
17 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stylesheet.css
cousin.rainfallexam.best/includes/templates/musheji/css/ |
34 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stylesheet_css_buttons.css
cousin.rainfallexam.best/includes/templates/musheji/css/ |
1 KB 785 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stylesheet_main.css
cousin.rainfallexam.best/includes/templates/musheji/css/ |
20 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stylesheet_musheji.css
cousin.rainfallexam.best/includes/templates/musheji/css/ |
395 B 470 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stylesheet_no_account.css
cousin.rainfallexam.best/includes/templates/musheji/css/ |
4 KB 996 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stylesheet_quick.css
cousin.rainfallexam.best/includes/templates/musheji/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stylesheet_quick1.css
cousin.rainfallexam.best/includes/templates/musheji/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stylesheet_tm.css
cousin.rainfallexam.best/includes/templates/musheji/css/ |
17 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jscript_banner_change.js
cousin.rainfallexam.best/includes/templates/musheji/jscript/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jscript_jquery-1.8.3.min.js
cousin.rainfallexam.best/includes/templates/musheji/jscript/ |
91 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jscript_jquery-min.js
cousin.rainfallexam.best/includes/templates/musheji/jscript/ |
70 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jscript_muencss.js
cousin.rainfallexam.best/includes/templates/musheji/jscript/ |
57 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
cousin.rainfallexam.best/includes/templates/musheji/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
imgcdn.php
cousin.rainfallexam.best/ |
71 KB 72 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
imgcdn.php
cousin.rainfallexam.best/ |
60 KB 60 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
imgcdn.php
cousin.rainfallexam.best/ |
43 KB 44 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
imgcdn.php
cousin.rainfallexam.best/ |
209 KB 210 KB |
Image
image/jpg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
br1.png
cousin.rainfallexam.best/includes/templates/musheji/images/ |
107 KB 108 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
br2.png
cousin.rainfallexam.best/includes/templates/musheji/images/ |
353 KB 353 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
br3.png
cousin.rainfallexam.best/includes/templates/musheji/images/ |
339 KB 339 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
br4.png
cousin.rainfallexam.best/includes/templates/musheji/images/ |
299 KB 299 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jscript_jquery-1.8.3.min.js
cousin.rainfallexam.best/includes/templates/musheji//jscript/ |
91 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jscript_banner_change.js
cousin.rainfallexam.best/includes/templates/musheji//jscript/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
print_stylesheet.css
cousin.rainfallexam.best/includes/templates/musheji/css/ |
289 B 668 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
searchs2.png
cousin.rainfallexam.best/includes/templates/musheji/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ico_sub_news.png
cousin.rainfallexam.best/includes/templates/musheji/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ico_ct.gif
cousin.rainfallexam.best/includes/templates/musheji/images/ |
50 B 560 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ico_sub_release.png
cousin.rainfallexam.best/includes/templates/musheji/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
browse.png
cousin.rainfallexam.best/includes/templates/musheji/images/ |
942 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: The Loft Co (Retail)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery object| arrowimages object| jqueryslidemenu function| nTabs1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.cousin.rainfallexam.best/ | Name: zenid Value: i0bhu9rvov8iufbi8snsji0sq5 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cousin.rainfallexam.best
172.67.183.163
2606:4700:3036::6815:4bed
06aac1cb4fe21ec16ea8d5c46292293210d404a862aac32b1dddaf3cc1878032
09c392e800de914b48bb394a3d4bc40906b7bb545713a87d61f81e1a92620b9d
154f5e274ff9ad3e89ef3f9acc7cb93650f6c6604450c187bf6ac7bcdc0a2082
263b3a1c333f99de1cf6caacc8967e22c32caae0fc90612203b466413cfed808
2c166c52e1af277fa08505642aa1917ab536e29d180b2bc6a3f35ddf6a5aa398
324cb38aa3218bdc736490a0365ed415bee121b2b557e2ec09e24b7500874f1e
360fa3d86aaf1488404923b2028a48adf85075dfd51d1c0f54241caece486af3
397b067a87b7c3dd631cd61250d3630ab6b1d499b270a5d03f229ab0313c533d
3bb29dcf7b2d16929b1772f8e03f33159a7101a7dd82233b0eba20532038abe3
41106ea931a503a4354fa160338a9329c9be903092d44f1045a303bf14ccba25
4656666e6df677867d23148fc97473477f4b66c0f1f891f9273c488c2b29f23c
4cf3b3b45de9ee21f44a50e0bab05773ef73df2263738a7da3c1874cad6a2573
70a8163126699acad6671aec32922c3d8b3cc02013c7fbc637c4698fc1e5fca8
78dbd7ee570ea738ce6569365bbbbdbac78db2a10c741a8b507ca9c33cced407
7c6576b2f95b76949e113d259a6f31ff452c0bd7ee8f7714a824908f814fbb92
7f7244ac1caf44c2c485aebe9befadc5d014222d681c5dc4442a4bcf699fa150
861fea187cb81bf22cab38d21eae7c4fb939993ec269be0df31504bfc6a777f1
9a7d23871e4ced25a439140113b60408082da3b13c89732c5a02a650ec2e76fe
adc6112cba24182eb560607d6e49716703294955214b1f6f7c6c77c066b1eb0a
b98484b7926b3d15aa15ef40f3b9bb02b8d7658f4a21a3049cdbbfc34e5f33ff
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
c4feebbeb2996e71467b9a73287bdc4be2bde8fb90d21c116bb7b9b9d10797b5
cbf9bc6e6e4767bbd33ae50d38a96cd696b8177eab565c3b5cec7b17ede4c5f1
cf56b739e74e4ec7e7016ba72a53bcd02c9e550c292d6888acd16f2294569cfc
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e7cb101dee8f4b411cd04d6feed12e7ed5917561841bbdcdd02617abfea7898d
edd616461efb808a45eb0a1d128377123c72a7fa932705405e156512b3227510
f8b56951f88270bb0f0adbe40d44c8fab760e45edca6748917caacbbc782858b