![](/screenshots/512d0695-94d4-4bd7-bfbe-4ea6f78b7ca7.png)
00000069.com
Open in
urlscan Pro
172.67.161.102
Malicious Activity!
Public Scan
Effective URL: https://00000069.com/vocb/docusrl.html
Submission: On July 08 via api from US — Scanned from DE
Summary
TLS certificate: Issued by WE1 on June 25th 2024. Valid for: 3 months.
This is the only time 00000069.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Cloudflare (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 15 | 172.67.161.102 172.67.161.102 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
00000069.com
3 redirects
00000069.com |
49 KB |
13 | 1 |
Domain | Requested by | |
---|---|---|
15 | 00000069.com |
3 redirects
00000069.com
|
13 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
00000069.com WE1 |
2024-06-25 - 2024-09-23 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://00000069.com/vocb/docusrl.html
Frame ID: 110E9B46FAACD0A6CB533BA8C22D36F9
Requests: 9 HTTP requests in this frame
Frame:
https://00000069.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/191f93ebdf8e/main.js
Frame ID: 1A971079BD2593A0B2ED8CAD45C7B186
Requests: 2 HTTP requests in this frame
Frame:
https://00000069.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/191f93ebdf8e/main.js
Frame ID: 79B4E4799EBCA6855BB61C72FA9F043D
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/512d0695-94d4-4bd7-bfbe-4ea6f78b7ca7.png)
Page Title
403 ForbiddenPage URL History Show full URLs
-
http://00000069.com/vocb/docusrl.html
HTTP 307
https://00000069.com/vocb/docusrl.html Page URL
-
https://00000069.com/cdn-cgi/phish-bypass?atok=w4k0V3e12KL2QgHXMhTnI6Jot_gwnPf6_wUVOmgCs98-172047...
HTTP 301
https://00000069.com/vocb/docusrl.html Page URL
- https://00000069.com/vocb/docusrl.html Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://00000069.com/vocb/docusrl.html
HTTP 307
https://00000069.com/vocb/docusrl.html Page URL
-
https://00000069.com/cdn-cgi/phish-bypass?atok=w4k0V3e12KL2QgHXMhTnI6Jot_gwnPf6_wUVOmgCs98-1720472354-0.0.1.1-%2Fvocb%2Fdocusrl.html
HTTP 301
https://00000069.com/vocb/docusrl.html Page URL
- https://00000069.com/vocb/docusrl.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://00000069.com/vocb/docusrl.html HTTP 307
- https://00000069.com/vocb/docusrl.html
- https://00000069.com/cdn-cgi/phish-bypass?atok=w4k0V3e12KL2QgHXMhTnI6Jot_gwnPf6_wUVOmgCs98-1720472354-0.0.1.1-%2Fvocb%2Fdocusrl.html HTTP 301
- https://00000069.com/vocb/docusrl.html
- https://00000069.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://00000069.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/191f93ebdf8e/main.js
- https://00000069.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://00000069.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/191f93ebdf8e/main.js
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
docusrl.html
00000069.com/vocb/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cf.errors.css
00000069.com/cdn-cgi/styles/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-exclamation.png
00000069.com/cdn-cgi/images/ |
452 B 634 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
00000069.com/ |
6 KB 7 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
docusrl.html
00000069.com/vocb/ Redirect Chain
|
19 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
docusrl.html
00000069.com/vocb/ |
0 896 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
00000069.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/191f93ebdf8e/ Frame 1A97 Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
00000069.com/ |
6 KB 7 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
docusrl.html
00000069.com/vocb/ |
1 KB 936 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
8a02ff4d097d9110
00000069.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 1A97 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
00000069.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/191f93ebdf8e/ Frame 79B4 Redirect Chain
|
8 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
00000069.com/ |
548 B 625 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
8a02ff4e9b079110
00000069.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 79B4 |
0 673 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- 00000069.com
- URL
- https://00000069.com/cdn-cgi/challenge-platform/h/b/jsd/r/8a02ff4d097d9110
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Cloudflare (Online)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 016 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
00000069.com/ | Name: 5UwSy6-NwXWUdmRAXJDFIPHavGA Value: GSOAWecbrXhZYSkIzMJnTly469E |
|
00000069.com/ | Name: mCA6-pVvnlt5dtZmAjcc4lMBonA Value: 1720472343 |
|
00000069.com/ | Name: CZX5QczYpKuISPfa0e2Uc6139to Value: 1720558743 |
|
00000069.com/ | Name: P_wmkkXiRTSGKIFRGw8eDRFbVGQ Value: ctmHUkfjkgWNNnWyZRWpfWEJykE |
|
.00000069.com/ | Name: __cf_mw_byp Value: w4k0V3e12KL2QgHXMhTnI6Jot_gwnPf6_wUVOmgCs98-1720472354-0.0.1.1-/vocb/docusrl.html |
|
00000069.com/ | Name: OG5znvtbTiK1bUqLfGjcUrTPw8s Value: 6rsGP4E1sKdDgErxaZzcMRUYdmE |
|
00000069.com/ | Name: FcZIGZsnqjfilbNSHtYUOUBZupc Value: 1720472318 |
|
00000069.com/ | Name: S6cGok2z00iolkmdyIL8hbkDaWw Value: 1720558718 |
|
00000069.com/ | Name: uH7OsncsjgSae1f0SHyrNuVxwTo Value: 7xtzVwJIg0dQ9RB4e8icAeyS13o |
|
00000069.com/ | Name: IoQnCOF-bhULJ52xJwHFMX9MxIU Value: 4Ic7P6Vf_wV9yENLS26iSckb1oY |
|
00000069.com/ | Name: p1eZ_eokX2TLu4WsW6zSHLM_qpw Value: 92sElsyoJ0b50sw1c9dWvofQlmI |
|
00000069.com/ | Name: H6um7BLlOKacZp4Q4gQWa4LMYt8 Value: 1720472358 |
|
00000069.com/ | Name: 9cNNa9N_m7Cw2dVmva8tv9IipfE Value: 1720558758 |
|
00000069.com/ | Name: ldmkeI1rt423BrpVIpQWUhNVSbg Value: nwMfPDH_1ixGjnnPpXacfh1ogd8 |
|
00000069.com/ | Name: ZdbrnHhgAcyy5K66uJnJ-jmJBII Value: 1rIMxEmA0TRNUIFZ-Mnq78Emyfc |
|
.00000069.com/ | Name: cf_clearance Value: UcS6V9WMDj5bwE283MVuW2f7.4QgnTyYMRn0s7kqYZc-1720472358-1.0.1.1-5n6MJ.GrXEWGmCIADkl6X2ggxf3BdNBjUP8K_qD5EA9dIpk1CvD5HR.98nIb3aeCLGh1G8_ssydaMI.B_AIvGw |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
00000069.com
00000069.com
172.67.161.102
10110a0d5369fd3f6f7caa142a261adfebd8fff600985f8be71f4880859959ed
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
53313444acad13c7f0abbd815bb4f98a2022010181cbe0a1f0a33b33b1a6ba5e
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
c228a4dd972b554aa76486eaea9c15b0435247e65f4e0e157cbed27844fcb292
d948f1a0f423a3d246e9989be5ca24db6f58573165d96935195859c74987b7dd
da5fc825ad1badd5f9f2f21bca8323bd225a1419d2cff7de82511959abcacda0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016