adflyk.com
Open in
urlscan Pro
54.38.123.245
Malicious Activity!
Public Scan
Submission Tags: @jcybersec_
Submission: On June 10 via api from GB
Summary
This is the only time adflyk.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Vkontakte (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 54.38.123.245 54.38.123.245 | 16276 (OVH) (OVH) | |
3 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
adflyk.com
adflyk.com |
365 KB |
3 | 1 |
Domain | Requested by | |
---|---|---|
3 | adflyk.com |
adflyk.com
|
3 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://adflyk.com/xauth/6537781
Frame ID: 5041DEF0C5519D38DE406935B36D3593
Requests: 6 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
3 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
6537781
adflyk.com/xauth/ |
73 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts_cnt.css
adflyk.com/assets/go/css/ |
470 KB 355 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
adflyk.com/assets/go/img/ |
462 B 786 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
62 KB 62 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
62 KB 62 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
62 KB 62 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Vkontakte (Social Network)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| watch1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
adflyk.com/ | Name: PHPSESSID Value: fdgfu5q8i28limn9vqrd3e0pn0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adflyk.com
54.38.123.245
5efafd26d85f9d6c3340aa7b81aff0a4d9fe27d8f9ec9885565afb9fa2097d91
7274d450ff709e09bf4a9ef26028f433eeaae8f19cce8835a139ff3f8a95aac1
761c95dd192a81733d024d9f644d9b531c358f0f0ea83e9fd6211b6bd424873d
9ed3b75ee974cee1b874efdd97754a70cccff67c0e73214dbf86b339ea41c947
a7dedd1dd24ac0ca3aea423ab09b6dc87b345f1bee3c3c8c3dd69a7b98f39ef3
cc7b26ac53700f78f8a452be6d14f14943e88dceb14edf64cddceba6e66f3f5e