bf798c948e4f19834017-88961bb5145e2815b2451521a18026d6.r86.cf1.rackcdn.com Open in urlscan Pro
2a02:26f0:64::210:6aa2 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://bf798c948e4f19834017-88961bb5145e2815b2451521a18026d6.r86.cf1.rackcdn.com/dyden/direct.html?osv=MacOS%2010.14%20Mojave&dom=t.macadlinkingout.com&lang=en&cep=rKGLQAz5JEH0v...
Submission: On May 24 via manual (May 24th 2019, 10:09:34 am UTC) from US

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 2a02:26f0:64::210:6aa2, located in Ascension Island and belongs to AKAMAI-ASN1, US. The main domain is bf798c948e4f19834017-88961bb5145e2815b2451521a18026d6.r86.cf1.rackcdn.com.

This is the only time bf798c948e4f19834017-88961bb5145e2815b2451521a18026d6.r86.cf1.rackcdn.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple (Online)

Domain & IP information

	IP Address	AS Autonomous System
5	2a02:26f0:64:... 2a02:26f0:64::210:6aa2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
9	2a02:26f0:64:... 2a02:26f0:64::210:6ae9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	3

5 2a02:26f0:64::210:6aa2 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

bf798c948e4f19834017-88961bb5145e2815b2451521a18026d6.r86.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:64::210:6ae9 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

bf798c948e4f19834017-88961bb5145e2815b2451521a18026d6.r86.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	rackcdn.com bf798c948e4f19834017-88961bb5145e2815b2451521a18026d6.r86.cf1.rackcdn.com	254 KB
1	googleapis.com ajax.googleapis.com	30 KB
15	2

	Domain	Requested by
14	bf798c948e4f19834017-88961bb5145e2815b2451521a18026d6.r86.cf1.rackcdn.com	bf798c948e4f19834017-88961bb5145e2815b2451521a18026d6.r86.cf1.rackcdn.com
1	ajax.googleapis.com	bf798c948e4f19834017-88961bb5145e2815b2451521a18026d6.r86.cf1.rackcdn.com
15	2

This site contains no links.

Subject Issuer	Validity	Valid
*.googleapis.com Google Internet Authority G3	`2019-05-07` - `2019-07-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://bf798c948e4f19834017-88961bb5145e2815b2451521a18026d6.r86.cf1.rackcdn.com/dyden/direct.html?osv=MacOS%2010.14%20Mojave&dom=t.macadlinkingout.com&lang=en&cep=rKGLQAz5JEH0v9Vlv83h8vEWB7xAsmZfKpUViMYW2WRlNvcTEajET7BQkiL8Y1WXyIfWbfKgzZLhh7e8ZybkJwiBqHzIUQD_hS3ahfi1hxY3s_YQbTOr26Y9zGwllF44NngLSFrjycuH4Al368Wq5_d6I3dSpXKbP2GZevvsKWSWn5RqhHHnqF91MXl8w2-JRz6P8t0TD-bbjiXk4_KYdczCl6GKqW8-hiWcDHxO1wSi0ENHHYcyNQLr0I4QucleBdb3Fid_ZGOPwYX1HZNnNg&zone=1806311-2924244871-0&country=IN&time=1558688157&cid=15586881572834608141059502894570338&acsc=100730442
Frame ID: 4E1A3043F8F2E9760B686C7170FF9EAC
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

15
Requests

7 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

284 kB
Transfer

352 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request direct.html Show response
bf798c948e4f19834017-88961bb5145e2815b2451521a18026d6.r86.cf1.rackcdn.com/dyden/ 7 KB
3 KB 18ms
11ms Document
text/html 2a02:26f0:64::210:6aa2
AKAMAI-ASN1

General

bf798c948e4f19834017-88961bb5145e2815b2451521a18026d6.r86.cf1.rackcdn.com Open in urlscan Pro 2a02:26f0:64::210:6aa2 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

15 Requests

7 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

284 kBTransfer

352 kBSize

0 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

39 JavaScript Global Variables

0 Cookies

Indicators

bf798c948e4f19834017-88961bb5145e2815b2451521a18026d6.r86.cf1.rackcdn.com Open in urlscan Pro
2a02:26f0:64::210:6aa2 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

7 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

284 kB
Transfer

352 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!