tech.curemysinus.com
Open in
urlscan Pro
107.180.41.48
Malicious Activity!
Public Scan
Submission: On April 11 via automatic, source phishtank
Summary
This is the only time tech.curemysinus.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Google (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 107.180.41.48 107.180.41.48 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
1 | 2a00:1450:401... 2a00:1450:401b:802::2004 | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
1 | 46.4.115.108 46.4.115.108 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 163.47.178.208 163.47.178.208 | 24482 (SGGS-AS-A...) (SGGS-AS-AP SG.GS) | |
12 | 5 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-107-180-41-48.ip.secureserver.net
tech.curemysinus.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
curemysinus.com
tech.curemysinus.com |
32 KB |
1 |
postimg.org
s22.postimg.org |
167 KB |
1 |
cubeupload.com
u.cubeupload.com |
41 B |
1 |
google.com
www.google.com |
2 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
12 | 5 |
Domain | Requested by | |
---|---|---|
8 | tech.curemysinus.com |
tech.curemysinus.com
|
1 | s22.postimg.org |
tech.curemysinus.com
|
1 | u.cubeupload.com |
tech.curemysinus.com
|
1 | www.google.com |
tech.curemysinus.com
|
0 | . Failed |
tech.curemysinus.com
|
12 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.google.com Google Internet Authority G2 |
2017-03-29 - 2017-06-21 |
3 months | crt.sh |
u.cubeupload.com Let's Encrypt Authority X3 |
2017-04-02 - 2017-07-01 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://tech.curemysinus.com/ayo/index.php
Frame ID: 12488.1
Requests: 11 HTTP requests in this frame
Frame:
http://tech.curemysinus.com/ayo/index_files/google.htm
Frame ID: 12488.2
Requests: 1 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request 8- http://i.cubeupload.com/KZO7SH.png
- https://u.cubeupload.com/KZO7SH.png
- https://sync.1dmp.io/logo.gif?cid=3c966c52-6780-4375-a8ce-fb17bf4c426e&pid=w&ru=http%3A%2F%2Fs22%2Epostimg%2Eorg%2F8m0slmesh%2Fbgimage%2Ejpg%3Fnoredir%3D1&uid=ygOVfjsH_UHqs8M7Bsel1w&cs=1
- http://s22.postimg.org/8m0slmesh/bgimage.jpg?noredir=1
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index.php
tech.curemysinus.com/ayo/ |
19 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.htm
tech.curemysinus.com/ayo/index_files/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
google_logo_41.png
www.google.com/images/logos/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yahoo.jpg
tech.curemysinus.com/ayo/google/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gmail.jpg
tech.curemysinus.com/ayo/google/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hotmail.jpeg
tech.curemysinus.com/ayo/google/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aol.jpg
tech.curemysinus.com/ayo/google/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
other.jpg
tech.curemysinus.com/ayo/google/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
aol.jpg
./google/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
KZO7SH.png
u.cubeupload.com/ Redirect Chain
|
10 B 41 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
google.htm
tech.curemysinus.com/ayo/index_files/ Frame 1248 |
343 B 343 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bgimage.jpg
s22.postimg.org/8m0slmesh/ Redirect Chain
|
167 KB 167 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- .
- URL
- http://./google/aol.jpg
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Google (Online)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
.
s22.postimg.org
tech.curemysinus.com
u.cubeupload.com
www.google.com
.
107.180.41.48
163.47.178.208
2a00:1450:401b:802::2004
46.4.115.108
0802559db1375af3ff5caabba71acea1d6299f1a7fc64b6a5024f19cbd33b72f
160b67208ab0e5943c48f3bfaa711047a379214101b3bfc14432a4fa8e7dd837
18b1a78990b777ee6891b2b56c78a1daf2ca788948738aa8bec7ef08b3457580
3603470c6810b7995f4818ea16e59fb83925ccf97e8ce04f1b24b34180d2d46e
3e543cce18b7844ac9dedf6e30d988dca45b543208a870f775c7fe16fd796a9b
612b2f43e5f2bbbd00ebae2481db0ee2d6782921a0c29915759fd83e8a16b8f5
691b769a33e9fdb816f5094e96f5097db9e8a8724b13c04dc247f6189a51ad15
6d1cd328fe32ece8936ca381d4beef4ce706ff003d5ebee38d0510a07e33653c
a9cef4d58336842dc12848055c5e8d17a02b2fef3eec87e5ad171dc699d49d23
abf0b2298a80176a90479607995800b48a11aacc207b15a15d90ca8f1de3c449