russel-boat.ownwebsite.com Open in urlscan Pro
194.42.98.31 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://russel-boat.ownwebsite.com/
Submission: On January 12 via manual (January 12th 2022, 12:31:44 am UTC) from AU — Scanned from DE

Summary HTTP 23 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 23 HTTP transactions. The main IP is 194.42.98.31, located in Luxembourg and belongs to ZONAT-AS, LU. The main domain is russel-boat.ownwebsite.com.
TLS certificate: Issued by R3 on January 11th 2022. Valid for: 3 months.

This is the only time russel-boat.ownwebsite.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

	IP Address	AS Autonomous System
19	194.42.98.31 194.42.98.31	213183 (ZONAT-AS) (ZONAT-AS)
4	2606:4700:303... 2606:4700:3031::ac43:ac24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2

19 194.42.98.31 (Luxembourg)

ASN213183 (ZONAT-AS, LU)
PTR: plesk1.ownwebsite.com

russel-boat.ownwebsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3031::ac43:ac24 (United States)

ASN13335 (CLOUDFLARENET, US)

fonts.cdnfonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	ownwebsite.com russel-boat.ownwebsite.com	993 KB
4	cdnfonts.com fonts.cdnfonts.com — Cisco Umbrella Rank: 30769	102 KB
23	2

	Domain	Requested by
19	russel-boat.ownwebsite.com	russel-boat.ownwebsite.com
4	fonts.cdnfonts.com	russel-boat.ownwebsite.com fonts.cdnfonts.com
23	2

This site contains links to these domains. Also see Links.

Domain
sunshineart.me

Subject Issuer	Validity	Valid
russel-boat.ownwebsite.com R3	`2022-01-11` - `2022-04-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://russel-boat.ownwebsite.com/
Frame ID: C64E2C1CF3C03A63AAA724758924F399
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Checkout

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

23
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1095 kB
Transfer

2735 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://sunshineart.me/wp-admin/images/system/template/theme/updation

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response russel-boat.ownwebsite.com/	25 KB 6 KB	249ms 185ms	Document text/html	194.42.98.31 ZONAT-AS
General Check archive.org Show headers Download Go to Full URL https://russel-boat.ownwebsite.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.42.98.31 , Luxembourg, ASN213183 (ZONAT-AS, LU), Reverse DNS plesk1.ownwebsite.com Software nginx / PHP/7.4.27 PleskLin Resource Hash `a28e1e833ddb6448aaecb274016c54e33d3ff6a9ff7ac4039ad274b52df1ee09` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx date Wed, 12 Jan 2022 00:31:39 GMT content-type text/html; charset=UTF-8 content-length 5981 x-powered-by PHP/7.4.27 PleskLin cache-control private, must-revalidate pragma no-cache expires -1 vary Accept-Encoding content-encoding gzip
GET H2	200	default.css russel-boat.ownwebsite.com/userfiles/modules/microweber/	14 KB 3 KB	29ms 29ms	Stylesheet text/css	194.42.98.31 ZONAT-AS
General Check archive.org Show headers Download Go to Full URL https://russel-boat.ownwebsite.com/userfiles/modules/microweber/default.css Requested by Host: russel-boat.ownwebsite.com URL: https://russel-boat.ownwebsite.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.42.98.31 , Luxembourg, ASN213183 (ZONAT-AS, LU), Reverse DNS plesk1.ownwebsite.com Software nginx / PleskLin Resource Hash `5643ecdf55b054207a7d3c99b3fcc8259a4c7070a33600c29017d642ab7e65b8` Request headers Accept-Language de-DE,de;q=0.9 Referer https://russel-boat.ownwebsite.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:31:39 GMT content-encoding br last-modified Wed, 08 Dec 2021 12:42:54 GMT server nginx x-powered-by PleskLin etag W/"61b0a84e-3920" content-type text/css cache-control max-age=2592000 expires Fri, 11 Feb 2022 00:31:39 GMT
GET H2	200	apijs_combined Show response russel-boat.ownwebsite.com/	496 KB 117 KB	134ms 133ms	Script application/javascript	194.42.98.31 ZONAT-AS
General Check archive.org Show headers Download Go to Full URL https://russel-boat.ownwebsite.com/apijs_combined?mwv=1.2.10 Requested by Host: russel-boat.ownwebsite.com URL: https://russel-boat.ownwebsite.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.42.98.31 , Luxembourg, ASN213183 (ZONAT-AS, LU), Reverse DNS plesk1.ownwebsite.com Software nginx / PHP/7.4.27, PleskLin Resource Hash `a4143f83db2c7fdced75b69e41fa3eabaf9a2fd753ef9b4a8438f654a1a3b8cf` Request headers Accept-Language de-DE,de;q=0.9 Referer https://russel-boat.ownwebsite.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 12 Jan 2022 00:31:39 GMT content-encoding gzip server nginx x-powered-by PHP/7.4.27, PleskLin vary Accept-Encoding content-type application/javascript cache-control private, must-revalidate expires -1
GET H2	200	milliard fonts.cdnfonts.com/css/	5 KB 948 B	71ms 25ms	Stylesheet text/css	2606:4700:3031::ac43:ac24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.cdnfonts.com/css/milliard Requested by Host: russel-boat.ownwebsite.com URL: https://russel-boat.ownwebsite.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ac24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d3faf2d5a5660d3b14b0e5375ab5eb8754ad77d8f53ca456835f101fefca9545` Request headers Accept-Language de-DE,de;q=0.9 Referer https://russel-boat.ownwebsite.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:31:39 GMT content-encoding br cf-cache-status HIT last-modified Tue, 11 Jan 2022 07:59:27 GMT server cloudflare age 59532 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NOsffW5joSDfJI%2F7j33h759mcbmHxr%2Bvq1C4j44M9JQjoXliAPSGmVJVkRN92wq8dn2eqItrPd9zedw%2BTiX3cGj4TPdyFgjuV9%2BKoZVBIDazr7ku02NK36PkVRYRfEGKG9T1h03cUsU62MgkEH2Ejeg%3D"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 access-control-allow-origin * cache-control max-age=86400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6cc2487f28fd5b5c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	colors.scss.1.2.10-2.1.css russel-boat.ownwebsite.com/userfiles/media/default/css/urban/assets/css/	329 B 462 B	72ms 71ms	Stylesheet text/css	194.42.98.31 ZONAT-AS
General Check archive.org Show headers Download Go to Full URL https://russel-boat.ownwebsite.com/userfiles/media/default/css/urban/assets/css/colors.scss.1.2.10-2.1.css?t=1641930978 Requested by Host: russel-boat.ownwebsite.com URL: https://russel-boat.ownwebsite.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.42.98.31 , Luxembourg, ASN213183 (ZONAT-AS, LU), Reverse DNS plesk1.ownwebsite.com Software nginx / PleskLin Resource Hash `0a1fd172d51f2c4fb8096e7bbe64ecb05ccc73233f82b68af0ccaae78f37a5c4` Request headers Accept-Language de-DE,de;q=0.9 Referer https://russel-boat.ownwebsite.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:31:39 GMT content-encoding gzip etag "149-5d553d8baa7d6-gzip" last-modified Tue, 11 Jan 2022 19:56:18 GMT server nginx x-powered-by PleskLin vary Accept-Encoding content-type text/css x-accel-version 0.01 cache-control max-age=2592000 accept-ranges bytes content-length 202 expires Fri, 11 Feb 2022 00:31:39 GMT
GET H2	200	main.css russel-boat.ownwebsite.com/userfiles/templates/urban/assets/css/	398 KB 47 KB	50ms 49ms	Stylesheet text/css	194.42.98.31 ZONAT-AS
General Check archive.org Show headers Download Go to Full URL https://russel-boat.ownwebsite.com/userfiles/templates/urban/assets/css/main.css Requested by Host: russel-boat.ownwebsite.com URL: https://russel-boat.ownwebsite.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.42.98.31 , Luxembourg, ASN213183 (ZONAT-AS, LU), Reverse DNS plesk1.ownwebsite.com Software nginx / PleskLin Resource Hash `bb5d30e2d06613772a3b6e3ab29723989eddbcea3b9e6e4897b1ed452417e0eb` Request headers Accept-Language de-DE,de;q=0.9 Referer https://russel-boat.ownwebsite.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:31:39 GMT content-encoding br last-modified Thu, 11 Nov 2021 11:50:36 GMT server nginx x-powered-by PleskLin etag W/"618d038c-639d9" content-type text/css cache-control max-age=2592000 expires Fri, 11 Feb 2022 00:31:39 GMT
GET H2	200	live_edit.css russel-boat.ownwebsite.com/userfiles/css/urban/	919 B 549 B	71ms 71ms	Stylesheet text/css	194.42.98.31 ZONAT-AS
General Check archive.org Show headers Download Go to Full URL https://russel-boat.ownwebsite.com/userfiles/css/urban/live_edit.css?version=1641930924 Requested by Host: russel-boat.ownwebsite.com URL: https://russel-boat.ownwebsite.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.42.98.31 , Luxembourg, ASN213183 (ZONAT-AS, LU), Reverse DNS plesk1.ownwebsite.com Software nginx / PleskLin Resource Hash `01d14794c80ee0c629039d8ff2606ea53d9455de2049bd499d783da38a20935b` Request headers Accept-Language de-DE,de;q=0.9 Referer https://russel-boat.ownwebsite.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:31:39 GMT content-encoding gzip etag "397-5d553d57a1318-gzip" last-modified Tue, 11 Jan 2022 19:55:24 GMT server nginx x-powered-by PleskLin vary Accept-Encoding content-type text/css x-accel-version 0.01 cache-control max-age=2592000 accept-ranges bytes content-length 289 expires Fri, 11 Feb 2022 00:31:39 GMT
GET H2	200	wellsfargo-ach-payment-confirmation-1.png russel-boat.ownwebsite.com/userfiles/media/default/	338 KB 338 KB	28ms 28ms	Image image/png	194.42.98.31 ZONAT-AS
General Check archive.org Show headers Download Go to Show image Full URL https://russel-boat.ownwebsite.com/userfiles/media/default/wellsfargo-ach-payment-confirmation-1.png Requested by Host: russel-boat.ownwebsite.com URL: https://russel-boat.ownwebsite.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.42.98.31 , Luxembourg, ASN213183 (ZONAT-AS, LU), Reverse DNS plesk1.ownwebsite.com Software nginx / PleskLin Resource Hash `de6f953ea7440b102c37751289cfd123de29556e2e91cfc98a30d57f61df9083` Request headers Accept-Language de-DE,de;q=0.9 Referer https://russel-boat.ownwebsite.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:31:39 GMT etag "61dde326-54653" last-modified Tue, 11 Jan 2022 20:05:58 GMT server nginx x-powered-by PleskLin content-type image/png cache-control max-age=31536000 accept-ranges bytes content-length 345683 expires Thu, 12 Jan 2023 00:31:39 GMT
GET H2	200	main.min.js Show response russel-boat.ownwebsite.com/userfiles/templates/urban/dist/	166 KB 38 KB	40ms 40ms	Script application/javascript	194.42.98.31 ZONAT-AS
General Check archive.org Show headers Download Go to Full URL https://russel-boat.ownwebsite.com/userfiles/templates/urban/dist/main.min.js Requested by Host: russel-boat.ownwebsite.com URL: https://russel-boat.ownwebsite.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.42.98.31 , Luxembourg, ASN213183 (ZONAT-AS, LU), Reverse DNS plesk1.ownwebsite.com Software nginx / PleskLin Resource Hash `61ff5cde291bec4be06746e02c181296ee397d2e62371d4dcdc2c489748bf527` Request headers Accept-Language de-DE,de;q=0.9 Referer https://russel-boat.ownwebsite.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:31:39 GMT content-encoding br last-modified Thu, 11 Nov 2021 11:50:36 GMT server nginx x-powered-by PleskLin etag W/"618d038c-29879" content-type application/javascript cache-control max-age=2592000 expires Fri, 11 Feb 2022 00:31:39 GMT
GET H2	200	ping.3133518981.1.2.10.js Show response russel-boat.ownwebsite.com/userfiles/cache/apijs/	276 B 427 B	26ms 26ms	Script application/javascript	194.42.98.31 ZONAT-AS
General Check archive.org Show headers Download Go to Full URL https://russel-boat.ownwebsite.com/userfiles/cache/apijs/ping.3133518981.1.2.10.js Requested by Host: russel-boat.ownwebsite.com URL: https://russel-boat.ownwebsite.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.42.98.31 , Luxembourg, ASN213183 (ZONAT-AS, LU), Reverse DNS plesk1.ownwebsite.com Software nginx / PleskLin Resource Hash `d270f135da7365b170a00fcbe48e46062ffb14790046007c02d1612ad61274e3` Request headers Accept-Language de-DE,de;q=0.9 Referer https://russel-boat.ownwebsite.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:31:39 GMT content-encoding gzip etag "114-5d553dab01718-gzip" last-modified Tue, 11 Jan 2022 19:56:51 GMT server nginx x-powered-by PleskLin vary Accept-Encoding content-type application/javascript x-accel-version 0.01 cache-control max-age=2592000 accept-ranges bytes content-length 157 expires Fri, 11 Feb 2022 00:31:39 GMT
GET H2	200	ui.css russel-boat.ownwebsite.com/userfiles/modules/microweber/css/	179 KB 26 KB	42ms 42ms	Stylesheet text/css	194.42.98.31 ZONAT-AS
General Check archive.org Show headers Download Go to Full URL https://russel-boat.ownwebsite.com/userfiles/modules/microweber/css/ui.css Requested by Host: russel-boat.ownwebsite.com URL: https://russel-boat.ownwebsite.com/userfiles/modules/microweber/default.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.42.98.31 , Luxembourg, ASN213183 (ZONAT-AS, LU), Reverse DNS plesk1.ownwebsite.com Software nginx / PleskLin Resource Hash `b8a3733a9beff0eee3e072775a658f49789030ce18946267c618c65db60d545e` Request headers Accept-Language de-DE,de;q=0.9 Referer https://russel-boat.ownwebsite.com/userfiles/modules/microweber/default.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:31:39 GMT content-encoding br last-modified Wed, 08 Dec 2021 12:42:54 GMT server nginx x-powered-by PleskLin etag W/"61b0a84e-2cb20" content-type text/css cache-control max-age=2592000 expires Fri, 11 Feb 2022 00:31:39 GMT
GET H2	200	materialdesignicons.min.css russel-boat.ownwebsite.com/userfiles/modules/microweber/css/fonts/materialdesignicons/css/	225 KB 35 KB	34ms 34ms	Stylesheet text/css	194.42.98.31 ZONAT-AS
General Check archive.org Show headers Download Go to Full URL https://russel-boat.ownwebsite.com/userfiles/modules/microweber/css/fonts/materialdesignicons/css/materialdesignicons.min.css Requested by Host: russel-boat.ownwebsite.com URL: https://russel-boat.ownwebsite.com/userfiles/modules/microweber/css/ui.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.42.98.31 , Luxembourg, ASN213183 (ZONAT-AS, LU), Reverse DNS plesk1.ownwebsite.com Software nginx / PleskLin Resource Hash `a20895084ce79c6c034a046e97df80c5642283e0da4cdaf92ffd96c97646a7bf` Request headers Accept-Language de-DE,de;q=0.9 Referer https://russel-boat.ownwebsite.com/userfiles/modules/microweber/css/ui.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:31:39 GMT content-encoding br last-modified Wed, 08 Dec 2021 12:42:54 GMT server nginx x-powered-by PleskLin etag W/"61b0a84e-385e7" content-type text/css cache-control max-age=2592000 expires Fri, 11 Feb 2022 00:31:39 GMT
GET H2	200	icon_selector.js Show response russel-boat.ownwebsite.com/userfiles/modules/microweber/api/	30 KB 5 KB	28ms 28ms	XHR application/javascript	194.42.98.31 ZONAT-AS
General Check archive.org Show headers Download Go to Full URL https://russel-boat.ownwebsite.com/userfiles/modules/microweber/api/icon_selector.js?mwv=1.2.10 Requested by Host: russel-boat.ownwebsite.com URL: https://russel-boat.ownwebsite.com/apijs_combined?mwv=1.2.10 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.42.98.31 , Luxembourg, ASN213183 (ZONAT-AS, LU), Reverse DNS plesk1.ownwebsite.com Software nginx / PleskLin Resource Hash `9c313d5faa42e19623898cd2d2402cbaed7649ee65606fd9310ec4c2092acbd5` Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer https://russel-boat.ownwebsite.com/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:31:39 GMT content-encoding br last-modified Wed, 08 Dec 2021 12:42:54 GMT server nginx x-powered-by PleskLin etag W/"61b0a84e-7909" content-type application/javascript cache-control max-age=2592000 expires Fri, 11 Feb 2022 00:31:39 GMT
GET H2	200	bootstrap.bundle.min.js Show response russel-boat.ownwebsite.com/userfiles/modules/microweber/api/libs/bootstrap5/js/	77 KB 21 KB	31ms 31ms	XHR application/javascript	194.42.98.31 ZONAT-AS
General Check archive.org Show headers Download Go to Full URL https://russel-boat.ownwebsite.com/userfiles/modules/microweber/api/libs/bootstrap5/js/bootstrap.bundle.min.js?mwv=1.2.10 Requested by Host: russel-boat.ownwebsite.com URL: https://russel-boat.ownwebsite.com/apijs_combined?mwv=1.2.10 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.42.98.31 , Luxembourg, ASN213183 (ZONAT-AS, LU), Reverse DNS plesk1.ownwebsite.com Software nginx / PleskLin Resource Hash `75407612846faa50c7a083ba0e59923f6f2a12e8804ad144c4dd4cd95004a187` Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer https://russel-boat.ownwebsite.com/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:31:39 GMT content-encoding br last-modified Wed, 08 Dec 2021 12:42:54 GMT server nginx x-powered-by PleskLin etag W/"61b0a84e-1336c" content-type application/javascript cache-control max-age=2592000 expires Fri, 11 Feb 2022 00:31:39 GMT
GET H2	200	plugins.js Show response russel-boat.ownwebsite.com/userfiles/templates/urban/assets/plugins/mw-ui/assets/ui/plugins/js/	181 KB 47 KB	34ms 34ms	XHR application/javascript	194.42.98.31 ZONAT-AS
General Check archive.org Show headers Download Go to Full URL https://russel-boat.ownwebsite.com/userfiles/templates/urban/assets/plugins/mw-ui/assets/ui/plugins/js/plugins.js?mwv=1.2.10 Requested by Host: russel-boat.ownwebsite.com URL: https://russel-boat.ownwebsite.com/apijs_combined?mwv=1.2.10 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.42.98.31 , Luxembourg, ASN213183 (ZONAT-AS, LU), Reverse DNS plesk1.ownwebsite.com Software nginx / PleskLin Resource Hash `2204292bef4016d845b317755a5d305f10033f8763ff5294f72f9df37ebc773f` Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer https://russel-boat.ownwebsite.com/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:31:39 GMT content-encoding br last-modified Thu, 11 Nov 2021 11:50:36 GMT server nginx x-powered-by PleskLin etag W/"618d038c-2d448" content-type application/javascript cache-control max-age=2592000 expires Fri, 11 Feb 2022 00:31:39 GMT
GET H2	200	materialdesignicons.min.css russel-boat.ownwebsite.com/userfiles/modules/microweber/css/fonts/materialdesignicons/css/	225 KB 35 KB	36ms 36ms	Stylesheet text/css	194.42.98.31 ZONAT-AS
General Check archive.org Show headers Download Go to Full URL https://russel-boat.ownwebsite.com/userfiles/modules/microweber/css/fonts/materialdesignicons/css/materialdesignicons.min.css?mwv=1.2.10 Requested by Host: russel-boat.ownwebsite.com URL: https://russel-boat.ownwebsite.com/apijs_combined?mwv=1.2.10 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.42.98.31 , Luxembourg, ASN213183 (ZONAT-AS, LU), Reverse DNS plesk1.ownwebsite.com Software nginx / PleskLin Resource Hash `a20895084ce79c6c034a046e97df80c5642283e0da4cdaf92ffd96c97646a7bf` Request headers Accept-Language de-DE,de;q=0.9 Referer https://russel-boat.ownwebsite.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:31:39 GMT content-encoding br last-modified Wed, 08 Dec 2021 12:42:54 GMT server nginx x-powered-by PleskLin etag W/"61b0a84e-385e7" content-type text/css cache-control max-age=2592000 expires Fri, 11 Feb 2022 00:31:39 GMT
GET H3	200	Rene%20Bieder%20%20Milliard%20SemiBold.woff fonts.cdnfonts.com/s/28732/	34 KB 35 KB	65ms 44ms	Font font/woff	2606:4700:3031::ac43:ac24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.cdnfonts.com/s/28732/Rene%20Bieder%20%20Milliard%20SemiBold.woff Requested by Host: fonts.cdnfonts.com URL: https://fonts.cdnfonts.com/css/milliard Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ac24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cdea5224234cba5e6e6c20c78d638298e9aa931ff8ab52edd3d8e82e21e33bc5` Request headers Referer https://fonts.cdnfonts.com/css/milliard Origin https://russel-boat.ownwebsite.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:31:39 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3422 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 34904 last-modified Mon, 23 Sep 2019 13:21:58 GMT server cloudflare etag "8858-593384de72980" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQRJ3gEBMUWnJa7U2UNcDvLBU%2FUfU8erP9f5mYkIe2jmRTnQADxkpx%2BQrsQBWlWFS8fVsz8H%2FHFo4xQQZ29DuWDxaPzjuK9NiZS9uSjFI5oNp%2Bf3xFATpIp2I409jocaqkUGghvY6QOQegjUTv6%2Fz5Y%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes cf-ray 6cc248810ed76963-FRA
GET H3	200	Rene%20Bieder%20%20Milliard%20Book.woff fonts.cdnfonts.com/s/28732/	31 KB 32 KB	42ms 28ms	Font font/woff	2606:4700:3031::ac43:ac24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.cdnfonts.com/s/28732/Rene%20Bieder%20%20Milliard%20Book.woff Requested by Host: fonts.cdnfonts.com URL: https://fonts.cdnfonts.com/css/milliard Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ac24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0979e9d53cd57bc9b84d00544337db11fe391f4bc6eb57735bd29f3e770a4d9a` Request headers Referer https://fonts.cdnfonts.com/css/milliard Origin https://russel-boat.ownwebsite.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:31:39 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3422 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 31628 last-modified Mon, 23 Sep 2019 13:21:59 GMT server cloudflare etag "7b8c-593384df66bc0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8L5eZ%2FlI%2Fm9SqB8amEhDNf2qtuJUYa1IexXKvuGiL1i4dpXEf9g1xXNxxPnI1MneoBBUHlKbeWgHMep3KLdbDgA5%2F1y7w3GMM9cCd6r4Lr7XbTEAbL1IbKnGt5FPtL4oXVqzykuijKiPxmXmPah74M%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes cf-ray 6cc248810ed86963-FRA
GET H2	200	fitty.min.js Show response russel-boat.ownwebsite.com/userfiles/modules/microweber/api/libs/fitty/dist/	5 KB 2 KB	27ms 27ms	XHR application/javascript	194.42.98.31 ZONAT-AS
General Check archive.org Show headers Download Go to Full URL https://russel-boat.ownwebsite.com/userfiles/modules/microweber/api/libs/fitty/dist/fitty.min.js?mwv=1.2.10 Requested by Host: russel-boat.ownwebsite.com URL: https://russel-boat.ownwebsite.com/apijs_combined?mwv=1.2.10 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.42.98.31 , Luxembourg, ASN213183 (ZONAT-AS, LU), Reverse DNS plesk1.ownwebsite.com Software nginx / PleskLin Resource Hash `766854f30a51aef1ddf6ce6c746d9031f66e5cbda2adda7dfdddba1224e8d5bf` Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Referer https://russel-boat.ownwebsite.com/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:31:39 GMT content-encoding br last-modified Wed, 08 Dec 2021 12:42:54 GMT server nginx x-powered-by PleskLin etag W/"61b0a84e-15d4" content-type application/javascript cache-control max-age=2592000 expires Fri, 11 Feb 2022 00:31:39 GMT
GET H2	200	materialdesignicons-webfont.woff2 russel-boat.ownwebsite.com/userfiles/modules/microweber/css/fonts/materialdesignicons/fonts/	270 KB 270 KB	26ms 26ms	Font font/woff2	194.42.98.31 ZONAT-AS
General Check archive.org Show headers Download Go to Full URL https://russel-boat.ownwebsite.com/userfiles/modules/microweber/css/fonts/materialdesignicons/fonts/materialdesignicons-webfont.woff2?v=5.0.45 Requested by Host: russel-boat.ownwebsite.com URL: https://russel-boat.ownwebsite.com/userfiles/modules/microweber/css/fonts/materialdesignicons/css/materialdesignicons.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.42.98.31 , Luxembourg, ASN213183 (ZONAT-AS, LU), Reverse DNS plesk1.ownwebsite.com Software nginx / PleskLin Resource Hash `4d7cdc283f4c2434a60e4d640b6f6c76c6bfae5464c20aa1fb3ea89bfb52ad7f` Request headers Referer https://russel-boat.ownwebsite.com/userfiles/modules/microweber/css/fonts/materialdesignicons/css/materialdesignicons.min.css Origin https://russel-boat.ownwebsite.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:31:39 GMT last-modified Wed, 08 Dec 2021 12:42:54 GMT server nginx x-powered-by PleskLin etag "61b0a84e-43758" content-type font/woff2 accept-ranges bytes content-length 276312
GET H3	200	Rene%20Bieder%20%20Milliard%20Medium.woff fonts.cdnfonts.com/s/28732/	34 KB 34 KB	22ms 22ms	Font font/woff	2606:4700:3031::ac43:ac24 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fonts.cdnfonts.com/s/28732/Rene%20Bieder%20%20Milliard%20Medium.woff Requested by Host: fonts.cdnfonts.com URL: https://fonts.cdnfonts.com/css/milliard Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ac24 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0b690f3450151574e728be9546870af1d4fc58d08d42d18c6755ac9a3ac1acb3` Request headers Referer https://fonts.cdnfonts.com/css/milliard Origin https://russel-boat.ownwebsite.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 12 Jan 2022 00:31:39 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3422 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 34592 last-modified Mon, 23 Sep 2019 13:22:01 GMT server cloudflare etag "8720-593384e14f040" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLK5vJ0A5HbhOcUenr5s3M3GkFNvpDVEsgYTMpd3ZhkGX%2F9wfVF4Dh0eKRKjRQKmU8An1MJ%2Fbr1aCwHoqp9T%2Briilt3juHHArC8IJzwgtJ1XBmSCWaodPyj3oxDi8UbGXWQJDXKxn%2BTSa5SNzL%2FFUak%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes cf-ray 6cc248815f396963-FRA
GET H2	200	csrf Show response russel-boat.ownwebsite.com/	52 B 358 B	103ms 103ms	XHR application/json	194.42.98.31 ZONAT-AS
General Check archive.org Show headers Download Go to Full URL https://russel-boat.ownwebsite.com/csrf?_=1641947499509 Requested by Host: russel-boat.ownwebsite.com URL: https://russel-boat.ownwebsite.com/apijs_combined?mwv=1.2.10 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.42.98.31 , Luxembourg, ASN213183 (ZONAT-AS, LU), Reverse DNS plesk1.ownwebsite.com Software nginx / PHP/7.4.27, PleskLin Resource Hash `6a1c6d9c0a299591bfcaf6f7670c8b5275e8f31d86ab38237852152a03e38b0a` Request headers Accept / Referer https://russel-boat.ownwebsite.com/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 12 Jan 2022 00:31:41 GMT content-encoding br server nginx x-powered-by PHP/7.4.27, PleskLin content-type application/json cache-control must-revalidate, no-cache, no-store, private expires -1
POST H2	200	pingstats Show response russel-boat.ownwebsite.com/api/	18 B 343 B	203ms 203ms	XHR text/javascript	194.42.98.31 ZONAT-AS
General Check archive.org Show headers Download Go to Full URL https://russel-boat.ownwebsite.com/api/pingstats Requested by Host: russel-boat.ownwebsite.com URL: https://russel-boat.ownwebsite.com/apijs_combined?mwv=1.2.10 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.42.98.31 , Luxembourg, ASN213183 (ZONAT-AS, LU), Reverse DNS plesk1.ownwebsite.com Software nginx / PHP/7.4.27, PleskLin Resource Hash `565c8752b768d86b8c83e618c2b65b990c8213f0c588b12ab9b522e339ca7e51` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://russel-boat.ownwebsite.com/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 12 Jan 2022 00:31:43 GMT content-encoding br server nginx x-powered-by PHP/7.4.27, PleskLin content-type text/javascript; charset=UTF-8 cache-control max-age=0, must-revalidate, no-cache, no-store, private expires -1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			russel-boat.ownwebsite.com/	1970-01-20 00:05:54	Name: laravel_session Value: X9DzEV1VZFa4WB7yItBvLuS35EjPFHyYyZxXSEAv
			russel-boat.ownwebsite.com/	1970-01-20 08:51:23	Name: csrf-token-data Value: %7B%22value%22%3A%22fMXv84z1O1eaoBlbLAxWTOk6dE2UJ1LR2Nj0yssa%22%2C%22expiry%22%3A1641948401210%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.cdnfonts.com
russel-boat.ownwebsite.com
194.42.98.31
2606:4700:3031::ac43:ac24
01d14794c80ee0c629039d8ff2606ea53d9455de2049bd499d783da38a20935b
0979e9d53cd57bc9b84d00544337db11fe391f4bc6eb57735bd29f3e770a4d9a
0a1fd172d51f2c4fb8096e7bbe64ecb05ccc73233f82b68af0ccaae78f37a5c4
0b690f3450151574e728be9546870af1d4fc58d08d42d18c6755ac9a3ac1acb3
2204292bef4016d845b317755a5d305f10033f8763ff5294f72f9df37ebc773f
4d7cdc283f4c2434a60e4d640b6f6c76c6bfae5464c20aa1fb3ea89bfb52ad7f
5643ecdf55b054207a7d3c99b3fcc8259a4c7070a33600c29017d642ab7e65b8
565c8752b768d86b8c83e618c2b65b990c8213f0c588b12ab9b522e339ca7e51
61ff5cde291bec4be06746e02c181296ee397d2e62371d4dcdc2c489748bf527
6a1c6d9c0a299591bfcaf6f7670c8b5275e8f31d86ab38237852152a03e38b0a
75407612846faa50c7a083ba0e59923f6f2a12e8804ad144c4dd4cd95004a187
766854f30a51aef1ddf6ce6c746d9031f66e5cbda2adda7dfdddba1224e8d5bf
9c313d5faa42e19623898cd2d2402cbaed7649ee65606fd9310ec4c2092acbd5
a20895084ce79c6c034a046e97df80c5642283e0da4cdaf92ffd96c97646a7bf
a28e1e833ddb6448aaecb274016c54e33d3ff6a9ff7ac4039ad274b52df1ee09
a4143f83db2c7fdced75b69e41fa3eabaf9a2fd753ef9b4a8438f654a1a3b8cf
b8a3733a9beff0eee3e072775a658f49789030ce18946267c618c65db60d545e
bb5d30e2d06613772a3b6e3ab29723989eddbcea3b9e6e4897b1ed452417e0eb
cdea5224234cba5e6e6c20c78d638298e9aa931ff8ab52edd3d8e82e21e33bc5
d270f135da7365b170a00fcbe48e46062ffb14790046007c02d1612ad61274e3
d3faf2d5a5660d3b14b0e5375ab5eb8754ad77d8f53ca456835f101fefca9545
de6f953ea7440b102c37751289cfd123de29556e2e91cfc98a30d57f61df9083

russel-boat.ownwebsite.com Open in urlscan Pro 194.42.98.31 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

1095 kBTransfer

2735 kBSize

2 Cookies

1 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

48 JavaScript Global Variables

2 Cookies

Indicators

russel-boat.ownwebsite.com Open in urlscan Pro
194.42.98.31 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1095 kB
Transfer

2735 kB
Size

2
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!