maersk-dc-vote.cf
Open in
urlscan Pro
70.39.184.114
Malicious Activity!
Public Scan
Effective URL: http://maersk-dc-vote.cf/index.xhtml
Submission: On August 02 via manual from GB
Summary
This is the only time maersk-dc-vote.cf was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 3 | 70.39.184.114 70.39.184.114 | 3257 (GTT-BACKB...) (GTT-BACKBONE GTT) | |
9 | 2a03:2880:f12... 2a03:2880:f12d:84:face:b00c:0:14c9 | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
1 | 2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK - Facebook) | |
2 | 8.37.228.128 8.37.228.128 | 54994 (QUANTILNE...) (QUANTILNETWORKS - QUANTIL NETWORKS INC) | |
14 | 4 |
ASN32934 (FACEBOOK - Facebook, Inc., US)
z-m-static.xx.fbcdn.net |
ASN32934 (FACEBOOK - Facebook, Inc., US)
facebook.com |
ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US)
www.wapka.mobi |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
fbcdn.net
z-m-static.xx.fbcdn.net |
12 KB |
3 |
maersk-dc-vote.cf
1 redirects
maersk-dc-vote.cf |
5 KB |
2 |
wapka.mobi
www.wapka.mobi |
29 KB |
1 |
facebook.com
facebook.com |
209 B |
14 | 4 |
Domain | Requested by | |
---|---|---|
9 | z-m-static.xx.fbcdn.net |
maersk-dc-vote.cf
|
3 | maersk-dc-vote.cf |
1 redirects
maersk-dc-vote.cf
|
2 | www.wapka.mobi |
maersk-dc-vote.cf
|
1 | facebook.com |
maersk-dc-vote.cf
|
14 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
wap.maersk-dc-vote.cf |
goo.gl |
res.apk.vidmate.net |
www.vidmate.com |
vidmate.en.uptodown.com |
www.9apps.com |
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://maersk-dc-vote.cf/index.xhtml
Frame ID: DF5BB1EBC7C70020BA3FBC8A121B4507
Requests: 14 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://maersk-dc-vote.cf/
HTTP 302
http://maersk-dc-vote.cf/index.xhtml Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
Title: Create your own WAP site (Wapka.Mobi)
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Telugu Movie
Search URL Search Domain Scan URL
Title: Download the best Android apps on Uptodown
Search URL Search Domain Scan URL
Title: Download Android App for Free
Search URL Search Domain Scan URL
Title: Shareit
Search URL Search Domain Scan URL
Title: Teen Patti
Search URL Search Domain Scan URL
Title: IMO
Search URL Search Domain Scan URL
Title: Phone
Search URL Search Domain Scan URL
Title: UC Browser
Search URL Search Domain Scan URL
Title: 9Apps
Search URL Search Domain Scan URL
Title: Vidmate
Search URL Search Domain Scan URL
Title: New Apps
Search URL Search Domain Scan URL
Title: Android Games
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://maersk-dc-vote.cf/
HTTP 302
http://maersk-dc-vote.cf/index.xhtml Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
index.xhtml
maersk-dc-vote.cf/ Redirect Chain
|
11 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
maersk-dc-vote.cf/ |
2 B 204 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
QzsHSoWJZTl.css
z-m-static.xx.fbcdn.net/rsrc.php/v3/y2/l/0,cross/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
sgo1lNRn61R.css
z-m-static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
Iw5lWhazCuE.css
z-m-static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
RWAN3d_LMcN.css
z-m-static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/ |
1 KB 585 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
RBqhrCAtVN0.css
z-m-static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
8-joHCSQf4h.css
z-m-static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
zr6BrWCawRw.css
z-m-static.xx.fbcdn.net/rsrc.php/v3/y2/l/0,cross/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
WKi_U9o1QdR.css
z-m-static.xx.fbcdn.net/rsrc.php/v3/yj/l/0,cross/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
hsts-pixel.gif
facebook.com/security/ |
43 B 209 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
starhalo.png
www.wapka.mobi/pictures/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
in_banner_320x50_2.png
www.wapka.mobi/pictures/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
_oEuhC7SNbB.png
z-m-static.xx.fbcdn.net/rsrc.php/v3/yC/r/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| envFlush object| Env0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
facebook.com
maersk-dc-vote.cf
www.wapka.mobi
z-m-static.xx.fbcdn.net
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f12d:84:face:b00c:0:14c9
70.39.184.114
8.37.228.128
03596cb2eb660361267037e352084251b06ad8845b864a792afe007e8418e2df
320709c726fb66be91c2aa3e84171ff32ebfac42e17a9367cd5f86ae99b26281
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
82eff072e86f7d0447ef6e13939d00829c1446a5597301e1ba88d19799c19dad
83b68bcb97fba04f9d378ecbad0d7d699425afabee4d70cf2b270c043bbd8660
d704cde4bd0ced1fc25d8c47abc033cd3c9cf15f4f0179166e60c08d3fe7a788
e2bc6eddd330f2e4e34aeea46ae3e482e52c25c0334adaf0164df819593ff0c4