www.wazalendosaccos.or.tz
Open in
urlscan Pro
67.225.129.56
Malicious Activity!
Public Scan
Submission: On November 22 via automatic, source openphish
Summary
This is the only time www.wazalendosaccos.or.tz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: eBay (E-commerce)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 67.225.129.56 67.225.129.56 | 32244 (LIQUIDWEB) (LIQUIDWEB - Liquid Web) | |
6 | 95.101.245.130 95.101.245.130 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 2400:cb00:204... 2400:cb00:2048:1::6813:c266 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
15 | 3 |
ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US)
PTR: alpha.kilihost.com
www.wazalendosaccos.or.tz |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-101-245-130.deploy.akamaitechnologies.com
secureir.ebaystatic.com | |
securepics.ebaystatic.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
wazalendosaccos.or.tz
www.wazalendosaccos.or.tz |
105 KB |
6 |
ebaystatic.com
secureir.ebaystatic.com securepics.ebaystatic.com |
57 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com |
3 KB |
15 | 3 |
Domain | Requested by | |
---|---|---|
8 | www.wazalendosaccos.or.tz |
www.wazalendosaccos.or.tz
|
4 | secureir.ebaystatic.com |
www.wazalendosaccos.or.tz
|
2 | securepics.ebaystatic.com |
www.wazalendosaccos.or.tz
|
1 | cdnjs.cloudflare.com |
www.wazalendosaccos.or.tz
|
15 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.ebay.com Symantec Class 3 Secure Server CA - G4 |
2017-06-15 - 2018-06-16 |
a year | crt.sh |
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2017-11-04 - 2018-05-13 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://www.wazalendosaccos.or.tz/verification-ebay/payment.php?df4cc48c24121eeede
Frame ID: 14212.1
Requests: 15 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
payment.php
www.wazalendosaccos.or.tz/verification-ebay/ |
8 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
g.css
www.wazalendosaccos.or.tz/verification-ebay/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2cpsgtcwge2dva00zx101huoueo.css
secureir.ebaystatic.com/rs/v/ |
58 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
n.css
www.wazalendosaccos.or.tz/verification-ebay/css/ |
23 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pyx5lsk03u32bo4fkm54wngl4mi.js
secureir.ebaystatic.com/rs/v/ |
92 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fxxj3ttftm5ltcqnto1o4baovyl.png
secureir.ebaystatic.com/rs/v/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
step2payment.png
www.wazalendosaccos.or.tz/verification-ebay/images/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
masterVisaDiscoverAmex_127x22.gif
securepics.ebaystatic.com/aw/pics/register/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
security_code.png
securepics.ebaystatic.com/aw/pics/register/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.1.0.min.js
www.wazalendosaccos.or.tz/verification-ebay/lib/js/ |
84 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.maskedinput.js
cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
card.js
www.wazalendosaccos.or.tz/verification-ebay/lib/js/ |
92 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iss.png
www.wazalendosaccos.or.tz/verification-ebay/images/ |
27 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap-responsive.css
www.wazalendosaccos.or.tz/verification-ebay/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
imgbg.jpg
secureir.ebaystatic.com/pictures/aw/pics/cmp/ds3/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: eBay (E-commerce)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| card function| Payment function| Card0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
secureir.ebaystatic.com
securepics.ebaystatic.com
www.wazalendosaccos.or.tz
2400:cb00:2048:1::6813:c266
67.225.129.56
95.101.245.130
1988a085c38cf9fe398c8b39ab6219cb88b1c2948b10d790f97390ae313df909
19ab756b8f26d4d98b121135c3343c6cc02c831cd05ac1877b2399e63d95bd59
2407da53ba31f3cb4a003427cc25a3d639dda886535e05c30b93021d842e9eb8
31427c55a241b9ed4e079c26dadca55a537cfebbf4a72b4b09f708fc8739fdf9
5440e48584e47738479ccd905576e9ddf2097d07b6c7ba81dda6eeb13b1d4af0
56821074d8a4e6fb0c88d615e47d8ff55700b1f027431dba1f31f1d6be1a3a91
74d6db7f1bf9f38e8cc4409291c063bffa3cdc1177e14ab6048ede62694777dc
7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020
7f7798c8febb6e7f06781ec53e93ba700892dffccb6acdc4d11d699500d05377
88b8ba1d7913f80b78d57502ddcd2e03241109a7e68ff3ea4f166dc82daeaab4
92c7c481861741bcba1a04732978763eda212c4c4ce1e51440f07ed89b7f18ea
ab7d4336089693e7da293f095ea745c7c464a74d277bdceace190e6f257af1f3
b054c21c769e6e73a3f3f2e51ff27783043d87f8c4cb963c0554b33010fa3efc
dcf73508cbf7c06894020c26ec3f541f83d307af21825e0f29824f4aa73e1ce4