mailtax-infdsk1.linkpc.net
Open in
urlscan Pro
138.68.88.1
Malicious Activity!
Public Scan
Submitted URL: https://t.co/aAtWzrdkLp?_kx=EpAUu9XLOxbEy_oK4TgNV9bvyE17itaijW5_mkBD3QT99XMQ3h_74qZ6C5gXvUwk.R7unB7
Effective URL: https://mailtax-infdsk1.linkpc.net/2e7fc7cb9bf8baacf29f1b7286976f53/6235309896929b904b7eabdd38e89235.xhtml
Submission: On September 06 via automatic, source phishtank — Scanned from DE
Effective URL: https://mailtax-infdsk1.linkpc.net/2e7fc7cb9bf8baacf29f1b7286976f53/6235309896929b904b7eabdd38e89235.xhtml
Submission: On September 06 via automatic, source phishtank — Scanned from DE
Summary
This website contacted 3 IPs
in 3 countries
across 3 domains to perform 18 HTTP transactions.
The main IP is 138.68.88.1, located in
Frankfurt am Main, Germany and
belongs to DIGITALOCEAN-ASN, US.
The main domain is mailtax-infdsk1.linkpc.net.
TLS certificate: Issued by R3 on September 3rd 2023. Valid for: 3 months.
This is the only time mailtax-infdsk1.linkpc.net was scanned on urlscan.io!
TLS certificate: Issued by R3 on September 3rd 2023. Valid for: 3 months.
This is the only time mailtax-infdsk1.linkpc.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: IRS (Government)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 104.244.42.69 104.244.42.69 | 13414 (TWITTER) (TWITTER) | |
| 1 1 | 103.198.69.53 103.198.69.53 | 138148 (MDRAS-AS-...) (MDRAS-AS-AP MULTI DOMAIN RESOURCES AND SERVICES) | |
| 1 18 | 138.68.88.1 138.68.88.1 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
| 18 | 3 |
1
103.198.69.53
(Malaysia)
ASN138148 (MDRAS-AS-AP MULTI DOMAIN RESOURCES AND SERVICES, MY)
PTR: cloud2.myduniahost.com
ASN138148 (MDRAS-AS-AP MULTI DOMAIN RESOURCES AND SERVICES, MY)
PTR: cloud2.myduniahost.com
| asaindustry.com.my |
18
138.68.88.1
(Frankfurt am Main, Germany)
ASN14061 (DIGITALOCEAN-ASN, US)
ASN14061 (DIGITALOCEAN-ASN, US)
| mailtax-infdsk1.linkpc.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 18 |
linkpc.net
1 redirects
mailtax-infdsk1.linkpc.net |
390 KB |
| 1 |
asaindustry.com.my
1 redirects
asaindustry.com.my |
100 B |
| 1 |
t.co
t.co — Cisco Umbrella Rank: 580 |
550 B |
| 18 | 3 |
| Domain | Requested by | |
|---|---|---|
| 18 | mailtax-infdsk1.linkpc.net |
1 redirects
t.co
mailtax-infdsk1.linkpc.net |
| 1 | asaindustry.com.my | 1 redirects |
| 1 | t.co | |
| 18 | 3 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-02-05 - 2024-02-05 |
a year | crt.sh |
| www.mailtax-infdsk1.linkpc.net R3 |
2023-09-03 - 2023-12-02 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://mailtax-infdsk1.linkpc.net/2e7fc7cb9bf8baacf29f1b7286976f53/6235309896929b904b7eabdd38e89235.xhtml
Frame ID: E360CC6D687C22DA1F9CB33EC185692E
Requests: 18 HTTP requests in this frame
Frame:
https://mailtax-infdsk1.linkpc.net/public/assets/main/saved_resource.html
Frame ID: 3FE00C9555DC406FA7CF5D8D5D5B9B38
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Get My PaymentPage URL History Show full URLs
- https://t.co/aAtWzrdkLp?_kx=EpAUu9XLOxbEy_oK4TgNV9bvyE17itaijW5_mkBD3QT99XMQ3h_74qZ6C5gXv... Page URL
-
https://asaindustry.com.my/?lokas
HTTP 302
https://mailtax-infdsk1.linkpc.net/?tuax HTTP 302
https://mailtax-infdsk1.linkpc.net/2e7fc7cb9bf8baacf29f1b7286976f53/6235309896929b904b7eabdd38e89235.xhtml Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://t.co/aAtWzrdkLp?_kx=EpAUu9XLOxbEy_oK4TgNV9bvyE17itaijW5_mkBD3QT99XMQ3h_74qZ6C5gXvUwk.R7unB7 Page URL
-
https://asaindustry.com.my/?lokas
HTTP 302
https://mailtax-infdsk1.linkpc.net/?tuax HTTP 302
https://mailtax-infdsk1.linkpc.net/2e7fc7cb9bf8baacf29f1b7286976f53/6235309896929b904b7eabdd38e89235.xhtml Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
aAtWzrdkLp
t.co/ |
254 B 550 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
6235309896929b904b7eabdd38e89235.xhtml
mailtax-infdsk1.linkpc.net/2e7fc7cb9bf8baacf29f1b7286976f53/ Redirect Chain
|
8 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.min.js
mailtax-infdsk1.linkpc.net/public/assets/main/ |
115 KB 116 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.js
mailtax-infdsk1.linkpc.net/public/assets/main/ |
4 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.css
mailtax-infdsk1.linkpc.net/public/assets/main/ |
152 KB 152 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-ui.min.css
mailtax-infdsk1.linkpc.net/public/assets/main/ |
31 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
irs.css
mailtax-infdsk1.linkpc.net/public/assets/main/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app.css
mailtax-infdsk1.linkpc.net/public/assets/main/ |
34 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app-error.css
mailtax-infdsk1.linkpc.net/public/assets/main/ |
786 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wmsp-shared-secrets.css
mailtax-infdsk1.linkpc.net/public/assets/main/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wmsp-results.css
mailtax-infdsk1.linkpc.net/public/assets/main/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
datepicker.css
mailtax-infdsk1.linkpc.net/public/assets/main/ |
21 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo.png
mailtax-infdsk1.linkpc.net/public/assets/main/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
irs_horiz_white.png
mailtax-infdsk1.linkpc.net/public/assets/main/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
saved_resource.html
mailtax-infdsk1.linkpc.net/public/assets/main/ Frame 3FE0 |
500 B 741 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
6235309896929b904b7eabdd38e89235.xhtml
mailtax-infdsk1.linkpc.net/2e7fc7cb9bf8baacf29f1b7286976f53/ |
615 B 939 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
19 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
6235309896929b904b7eabdd38e89235.xhtml
mailtax-infdsk1.linkpc.net/2e7fc7cb9bf8baacf29f1b7286976f53/ |
2 B 324 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
6235309896929b904b7eabdd38e89235.xhtml
mailtax-infdsk1.linkpc.net/2e7fc7cb9bf8baacf29f1b7286976f53/ |
46 B 369 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: IRS (Government)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture function| $ function| jQuery function| getCardType2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .t.co/ | Name: muc Value: 18533a7c-bd0a-4bce-ace6-002939cb7c1c |
|
| mailtax-infdsk1.linkpc.net/ | Name: PHPSESSID Value: 396351ac8b858d22b8e96d71a7259e0b |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=0 |
| X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
asaindustry.com.my
mailtax-infdsk1.linkpc.net
t.co
103.198.69.53
104.244.42.69
138.68.88.1
02ceea374fce34ce8272bb17a67fd862c8ff49eeb05938154570701ca7a62ea7
20360a53a4a4d077be9dd2f82d8f424ad950920b4e0ebe08d9d158e8742104a3
2654475fa841e842066edd524aab56ab83d44594a16128514bc99e58e9e1cfa8
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5d3238bdb8ee9440978b31fadb2af34965dca58b179a1225e13316d4c6cfd5e8
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
67228cde52385f31d4f0008bbce4159048e6cd1b7b07d061cef6e0f141e3cc48
8a228232ab34899db68f550416beba8c5efbcc142e5554f41fb7793908c65243
a2538e625a9042c2cd54e13cf52221fce1831dd12c5ca4cdac23137ac22e3010
a37f99488ccee9a9f71f6a09fd4a5a57725cff84a244cd3c0ac96c87285fe123
c091629a45d384695d3aa0fcea2210eab8edff323d8ecbf81e3a04fda820d7f4
c270883773a53da36d154ea13ce8ea8451489c25aabd20e60ef6eb65c4fe439d
c4abb35ccb93590308661b4dafacfe380c89aef07e2d94499d23f1637137bd1c
ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e
e2a82173e0e65eefeb0ad04c62d3c8fe8d6d2ddd8cf7d40bb4fafeeaa6be7631
e7a2d4665e70fe1cc83ed49890fa9ab1837302ef9be6278af1be6388f3b6b806
f72fb1a59643a7e8d67d4d1e2ab0d08d3a97ef2c3820fa26480886b24238ebb0
fd8245e841b019e192658b02f6d510112f6793dace36c4b29cc44ab2ab6179cd