www.meksankalip.com
Open in
urlscan Pro
188.132.179.144
Malicious Activity!
Public Scan
Effective URL: https://www.meksankalip.com/cra-arc/home/?cmd=www.ssaonline-account-service.com-update_submit&id=6e4cc8dfa733abda368118badbd...
Submission: On February 03 via manual from CA
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on November 9th 2020. Valid for: 3 months.
This is the only time www.meksankalip.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Canadian Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 27 | 188.132.179.144 188.132.179.144 | 20649 (ASFIBERSU...) (ASFIBERSUNUCU) | |
2 | 52.31.176.223 52.31.176.223 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.17.73.77 52.17.73.77 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 15.237.76.117 15.237.76.117 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 34.255.166.243 34.255.166.243 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a02:26f0:10c... 2a02:26f0:10c:59b::1e80 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
29 | 5 |
ASN20649 (ASFIBERSUNUCU, TR)
PTR: hostingl.fibersunucu.com.tr
meksankalip.com | |
www.meksankalip.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-176-223.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-73-77.eu-west-1.compute.amazonaws.com
canada.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
canada.sc.omtrdc.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-166-243.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
meksankalip.com
3 redirects
meksankalip.com www.meksankalip.com |
849 KB |
3 |
demdex.net
dpm.demdex.net canada.demdex.net |
2 KB |
1 |
adobedtm.com
assets.adobedtm.com |
12 KB |
1 |
everesttech.net
1 redirects
cm.everesttech.net |
517 B |
1 |
omtrdc.net
canada.sc.omtrdc.net |
320 B |
29 | 5 |
Domain | Requested by | |
---|---|---|
26 | www.meksankalip.com |
2 redirects
www.meksankalip.com
|
2 | dpm.demdex.net |
www.meksankalip.com
|
1 | assets.adobedtm.com |
www.meksankalip.com
|
1 | cm.everesttech.net | 1 redirects |
1 | canada.sc.omtrdc.net |
www.meksankalip.com
|
1 | canada.demdex.net |
www.meksankalip.com
|
1 | meksankalip.com | 1 redirects |
29 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.canada.ca |
apps5.ams-sga.cra-arc.gc.ca |
Subject Issuer | Validity | Valid | |
---|---|---|---|
webmail.meksankalip.com Let's Encrypt Authority X3 |
2020-11-09 - 2021-02-07 |
3 months | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2020-10-29 - 2021-11-29 |
a year | crt.sh |
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-08 - 2021-09-30 |
9 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.meksankalip.com/cra-arc/home/?cmd=www.ssaonline-account-service.com-update_submit&id=6e4cc8dfa733abda368118badbd6422d6e4cc8dfa733abda368118badbd6422d&session=6e4cc8dfa733abda368118badbd6422d6e4cc8dfa733abda368118badbd6422d
Frame ID: 9BC6F9B0E2E231C0F4E5E931075AFB1B
Requests: 26 HTTP requests in this frame
Frame:
https://www.meksankalip.com/cra-arc/home/cra_files/sig-blk-en.svg
Frame ID: 47D532A9AAA0F851C346E2641F8A4A8B
Requests: 1 HTTP requests in this frame
Frame:
https://canada.demdex.net/dest5.html?d_nsid=0
Frame ID: 985AE3F199937737837ABDC7016BB4EB
Requests: 1 HTTP requests in this frame
Frame:
https://www.meksankalip.com/cra-arc/home/cra_files/wmms-blk.svg
Frame ID: 9873694DB04D633B663C4E03BECCCF58
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://meksankalip.com/cra-arc/
HTTP 301
https://www.meksankalip.com/cra-arc/ HTTP 302
https://www.meksankalip.com/cra-arc/home?cmd=www.ssaonline-account-service.com-update_submit&id=6e4cc8df... HTTP 301
https://www.meksankalip.com/cra-arc/home/?cmd=www.ssaonline-account-service.com-update_submit&id=6e4cc8d... Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Terms and conditions
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Top of Page
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://meksankalip.com/cra-arc/
HTTP 301
https://www.meksankalip.com/cra-arc/ HTTP 302
https://www.meksankalip.com/cra-arc/home?cmd=www.ssaonline-account-service.com-update_submit&id=6e4cc8dfa733abda368118badbd6422d6e4cc8dfa733abda368118badbd6422d&session=6e4cc8dfa733abda368118badbd6422d6e4cc8dfa733abda368118badbd6422d HTTP 301
https://www.meksankalip.com/cra-arc/home/?cmd=www.ssaonline-account-service.com-update_submit&id=6e4cc8dfa733abda368118badbd6422d6e4cc8dfa733abda368118badbd6422d&session=6e4cc8dfa733abda368118badbd6422d6e4cc8dfa733abda368118badbd6422d Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 23- https://cm.everesttech.net/cm/dd?d_uuid=91677138693885961610043634304394766808 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YBqoggAAAEY1ax__
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
www.meksankalip.com/cra-arc/home/ Redirect Chain
|
15 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
timeout.js.download
www.meksankalip.com/cra-arc/home/cra_files/ |
12 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
en.min.js.download
www.meksankalip.com/cra-arc/home/cra_files/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.magnific-popup.min.js.download
www.meksankalip.com/cra-arc/home/cra_files/ |
21 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
satelliteLib-c2082deaf69c358c641c5eb20f94b615dd606662.js.download
www.meksankalip.com/cra-arc/home/cra_files/ |
195 KB 195 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
theme.min.css
www.meksankalip.com/cra-arc/home/cra_files/ |
288 KB 289 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
apps.css
www.meksankalip.com/cra-arc/home/cra_files/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
www.meksankalip.com/cra-arc/home/cra_files/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
amssUtils.js.download
www.meksankalip.com/cra-arc/home/cra_files/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s-code-contents-722625ca156c1c77875802d147e029edf6304536.js.download
www.meksankalip.com/cra_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js.download
www.meksankalip.com/cra-arc/home/cra_files/ |
82 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wet-boew.min.js.download
www.meksankalip.com/cra-arc/home/cra_files/ |
196 KB 196 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
theme.min.js.download
www.meksankalip.com/cra-arc/home/.cra_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
apps.js.download
www.meksankalip.com/cra-arc/home/cra_files/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
timeout.css
www.meksankalip.com/cra-arc/home/cra_files/ |
428 B 669 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
timeout.css
www.meksankalip.com/gol-ged/awsc/amss/pub/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
365 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-awesome.css
www.meksankalip.com/cra-arc/home/cra_files/font-awesome-4.7.0/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s-code-contents-722625ca156c1c77875802d147e029edf6304536.js.download
www.meksankalip.com/cra_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sig-blk-en.svg
www.meksankalip.com/cra-arc/home/cra_files/ Frame 47D5 |
10 KB 11 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
en.min.js
www.meksankalip.com/cra-arc/home/cra_files/i18n/ |
315 B 315 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
theme.min.js.download
www.meksankalip.com/cra-arc/home/.cra_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
dest5.html
canada.demdex.net/ Frame 985A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
canada.sc.omtrdc.net/ |
2 B 320 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=YBqoggAAAEY1ax__
dpm.demdex.net/ Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
wmms-blk.svg
www.meksankalip.com/cra-arc/home/cra_files/ Frame 9873 |
5 KB 5 KB |
Document
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
en.min.js
www.meksankalip.com/cra-arc/home/cra_files/i18n/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s-code-contents-722625ca156c1c77875802d147e029edf6304536.js
assets.adobedtm.com/caacec67651710193d2331efef325107c23a0145/ |
32 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
timeout.js
www.meksankalip.com/gol-ged/awsc/amss/pub/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Canadian Government (Government)47 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| awsc object| contextPath function| Visitor object| _satellite object| s_c_il number| s_c_in boolean| isNN function| autoTab function| isCanadianPostalCode function| containsElement function| getIndex function| cursorRestoration function| clearErrorFields function| clearAllFields function| setAutoComplete function| setClear function| clearErrorText function| decodeHtml object| submitBtn object| exitBtn boolean| submitted object| form function| $ function| jQuery object| Modernizr function| yepnope object| wb function| onYouTubeIframeAPIReady object| youTube function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| excl7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.demdex.net/ | Name: demdex Value: 91677138693885961610043634304394766808 |
|
.meksankalip.com/ | Name: AMCV_A90F2A0D55423F537F000101%40AdobeOrg Value: -330454231%7CMCIDTS%7C18662%7CMCMID%7C91669823390303498440042484873646182925%7CMCAAMLH-1612964610%7C6%7CMCAAMB-1612964610%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1612367010s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18669%7CvVersion%7C3.1.2 |
|
.meksankalip.com/ | Name: dtm_gpv_pu Value: www.meksankalip.com%2Fcra-arc%2Fhome%2F |
|
.meksankalip.com/ | Name: AMCVS_A90F2A0D55423F537F000101%40AdobeOrg Value: 1 |
|
.meksankalip.com/ | Name: dtm_gpv_pc Value: blank%20page%20creator |
|
.meksankalip.com/ | Name: dtm_gpv_pthl Value: blank%20theme |
|
.meksankalip.com/ | Name: dtm_gpv_pt Value: blank%20page%20title |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
canada.demdex.net
canada.sc.omtrdc.net
cm.everesttech.net
dpm.demdex.net
meksankalip.com
www.meksankalip.com
15.237.76.117
188.132.179.144
2a02:26f0:10c:59b::1e80
34.255.166.243
52.17.73.77
52.31.176.223
0792d5065b2f21dda9320d61527c0af92fb14282e465da8788c52dffa324a94c
0811e8008d9a3e00732c565409f79795827d47dc9411f52e4dc3066c3576bb01
312735d1664d0b3c3fba68ea4ac54021cbc6181e9a77264112d9017eab082dd3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
447a4a6c6d785d6fc009367d1fd835b3245114e3162a5dafe288ea54ffd7e0c7
5911b9613d255e8d218d0ebbb5527bb24a9d843c9be689deb05521b36725bb0f
6351e3c62b028077f26888bd5f3f75255ccdc4d0ee03de2a8abc1a643d885f65
6546c1da0b3bb7281610bd00b330ad5f6c8425bd0c7997f4feba08ddbd5e950e
667e31435709f66786104abe8c8fa3c8d2cf9eaf2a184f9025086b42f0417913
aa5000460efb2e67b39cec17aaa847742bc5becc9c2aea32fd635873dfc1191f
ae8dbee616013eaacb629a6da658da3782f7e8cccf3e2a129270ef8b6266461e
b25f13ec18abd6d2454915f18831ad8109a959a868003d6eebd8142d6950d7d7
d16ab310c2e18467d83f056fc38dfb40a0c309bd37b99833b4dfdcffff670542
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dc827f391db1b0a6917a1773e98731ab7901dd9897f0ad46c0f797f27f279487
df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3
e6f99c322f7bcc6248683811b5b1d3c21ca7308f844fb2f93825275c889c53f2
eae0e07ad74621b813a91b0ed4d1f78ab5f427239c9d5bc3aebf97c4760ec945
ede8178f5d7e3f8bafa83702d2c54ae6f6e3bfb12f8acda98d5181a63365c81f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629