ergonomicrisk.tk
Open in
urlscan Pro
158.69.240.164
Malicious Activity!
Public Scan
Submission: On October 22 via api from CA
Summary
This is the only time ergonomicrisk.tk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Email (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 158.69.240.164 158.69.240.164 | 16276 (OVH) (OVH) | |
2 | 2a00:1450:400... 2a00:1450:4001:80b::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
6 | 2 |
ASN15169 (GOOGLE - Google LLC, US)
encrypted-tbn1.gstatic.com | |
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
ergonomicrisk.tk
ergonomicrisk.tk |
21 KB |
1 |
google-analytics.com
www.google-analytics.com |
17 KB |
1 |
gstatic.com
encrypted-tbn1.gstatic.com |
5 KB |
6 | 3 |
Domain | Requested by | |
---|---|---|
4 | ergonomicrisk.tk |
ergonomicrisk.tk
|
1 | www.google-analytics.com |
ergonomicrisk.tk
|
1 | encrypted-tbn1.gstatic.com |
ergonomicrisk.tk
|
6 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.google.com Google Internet Authority G3 |
2018-10-02 - 2018-12-25 |
3 months | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2018-10-02 - 2018-12-25 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://ergonomicrisk.tk/Private%20Online%20PDF/
Frame ID: 06DECB1CCA5BB7C15BCA2AFDD743A674
Requests: 6 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- http://www.google-analytics.com/ga.js HTTP 307
- https://www.google-analytics.com/ga.js
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
ergonomicrisk.tk/Private%20Online%20PDF/ |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
images
encrypted-tbn1.gstatic.com/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
destination_6459423e6d3287c0279b9a95fd98206b.jpg
ergonomicrisk.tk/Private%20Online%20PDF/images/ |
17 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background.jpg
ergonomicrisk.tk/Private%20Online%20PDF/ |
350 B 350 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
grayBars.gif
ergonomicrisk.tk/images/ |
336 B 336 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ga.js
www.google-analytics.com/ Redirect Chain
|
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Email (Online)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| email_Submit function| password_Submit string| gaJsHost object| _gat object| _gaq0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
encrypted-tbn1.gstatic.com
ergonomicrisk.tk
www.google-analytics.com
158.69.240.164
2a00:1450:4001:80b::200e
1165c774002fbd0bf6bd26c70a2f26dc3a472a50b86800d01722b1d8a00eed23
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
30191280dc4c3a43f3f3fefa3698eef441974c66cea0f977debb335ec12255d8
9e737cb9ecb13030f9c8d405544aaace5fa1b62122395f16d87a921058f19c62
aaa4f9be5a083328ea535e5d36745bc38fc34c09d8097a50a2010a93dded0dce
f25f4c1aa7e6efba999899ff58da45d21e7d25f409240123965645a6b17ac38f