prfa.mu
Open in
urlscan Pro
162.254.255.105
Public Scan
Submission: On December 13 via automatic, source openphish
Summary
TLS certificate: Issued by R3 on December 8th 2020. Valid for: 3 months.
This is the only time prfa.mu was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 162.254.255.105 162.254.255.105 | 55293 (A2HOSTING) (A2HOSTING) | |
1 | 3.106.43.170 3.106.43.170 | 16509 (AMAZON-02) (AMAZON-02) | |
12 | 2 |
ASN55293 (A2HOSTING, US)
PTR: server.asconcepts.net
prfa.mu |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-106-43-170.ap-southeast-2.compute.amazonaws.com
auth.trademe.co.nz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
prfa.mu
prfa.mu |
117 KB |
1 |
trademe.co.nz
auth.trademe.co.nz |
1 KB |
12 | 2 |
Domain | Requested by | |
---|---|---|
11 | prfa.mu |
prfa.mu
|
1 | auth.trademe.co.nz |
prfa.mu
|
12 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.prfa.mu R3 |
2020-12-08 - 2021-03-08 |
3 months | crt.sh |
auth.trademe.co.nz Amazon |
2020-10-15 - 2021-11-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://prfa.mu/wp-admin/network/trademeee33/82840878a42829a67bc3b6b0c43abfb3/+_yinka=.htm?ip=38.145.98.18
Frame ID: 5E3B2B0CC47515E5896876ACCA873CA7
Requests: 12 HTTP requests in this frame
Screenshot
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
+_yinka=.htm
prfa.mu/wp-admin/network/trademeee33/82840878a42829a67bc3b6b0c43abfb3/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
prfa.mu/wp-admin/network/trademeee33/82840878a42829a67bc3b6b0c43abfb3/imgs/ |
27 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site.css
prfa.mu/wp-admin/network/trademeee33/82840878a42829a67bc3b6b0c43abfb3/imgs/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
prfa.mu/ |
128 KB 25 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TradeMe.png
prfa.mu/wp-admin/network/trademeee33/82840878a42829a67bc3b6b0c43abfb3/imgs/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
prfa.mu/wp-admin/network/trademeee33/82840878a42829a67bc3b6b0c43abfb3/imgs/ |
208 KB 64 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
prfa.mu/wp-admin/network/trademeee33/82840878a42829a67bc3b6b0c43abfb3/imgs/ |
14 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-index.js
auth.trademe.co.nz/js/ |
917 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
StorySansWeb-Bold.woff
prfa.mu/wp-admin/network/trademeee33/82840878a42829a67bc3b6b0c43abfb3/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
StorySansWeb-Regular.woff
prfa.mu/wp-admin/network/trademeee33/82840878a42829a67bc3b6b0c43abfb3/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
StorySansWeb-Medium.woff
prfa.mu/wp-admin/network/trademeee33/82840878a42829a67bc3b6b0c43abfb3/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
StorySansWeb-Light.woff
prfa.mu/wp-admin/network/trademeee33/82840878a42829a67bc3b6b0c43abfb3/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
prfa.mu/ | Name: PHPSESSID Value: bda439c2c1908a781db16ec7d0c0c9ff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth.trademe.co.nz
prfa.mu
162.254.255.105
3.106.43.170
067281af636adff6c3214af752f7a80ccc1516180c839c89a73d734042e33e75
0a8fc839d66887b1959e1337a41955b1da5959de82a74fa178af735f3236aaf5
43670914bd2180eeeb0ac3e77afce11e067602c972ce4b26c92ab235888fafee
4da4c5bebab2e18fc6abbe1bdcb31faae0945b2629c8c64510eabdcc9d188dc9
87b05590c1307d2e8e3f7bb7c084a719840b78a406c5ee60ee9d254e76d55e6f
b7d7116682de2c36a68e4fcd76afc35d07d5137e377b2c268f4626d4e4b63932
c232e4c506dd6d69fa32ea37531d0a4bbf4cd3bc4ef03819335d951b5bc6a216
f583cf90a650cbff39018eb00b7262b6fba75ebb5df547745443e7811b48fe80