dar-tunisia.com Open in urlscan Pro
46.105.57.169 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://url-shortener-fcc-.glitch.me/ycsFapj/
Effective URL:
https://dar-tunisia.com/.app/secure/signin?country.x=US&locale.x=en_US
Submission: On August 14 via manual (August 14th 2019, 3:25:25 pm UTC) from US

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 46.105.57.169, located in Saint-Ouen, France and belongs to OVH, FR. The main domain is dar-tunisia.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 8th 2019. Valid for: 3 months.

This is the only time dar-tunisia.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 2	54.165.156.139 54.165.156.139	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2606:4700::68... 2606:4700::6813:c597	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 9	46.105.57.169 46.105.57.169	16276 (OVH) (OVH)
10	3

2 54.165.156.139 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-165-156-139.compute-1.amazonaws.com

url-shortener-fcc-.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c597 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 46.105.57.169 (Saint-Ouen, France) 1 redirects

ASN16276 (OVH, FR)
PTR: cluster020.hosting.ovh.net

dar-tunisia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	dar-tunisia.com 1 redirects dar-tunisia.com	102 KB
2	glitch.me 1 redirects url-shortener-fcc-.glitch.me	5 KB
1	cloudflare.com cdnjs.cloudflare.com	3 KB
10	3

	Domain	Requested by
9	dar-tunisia.com	1 redirects url-shortener-fcc-.glitch.me dar-tunisia.com
2	url-shortener-fcc-.glitch.me	1 redirects
1	cdnjs.cloudflare.com	url-shortener-fcc-.glitch.me
10	3

This site contains no links.

Subject Issuer	Validity	Valid
glitch.com Amazon	`2019-01-20` - `2020-02-20`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months	crt.sh
dar-tunisia.com Let's Encrypt Authority X3	`2019-07-08` - `2019-10-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://dar-tunisia.com/.app/secure/signin?country.x=US&locale.x=en_US
Frame ID: F806B4C6FDCEB7CFAFB0A15B07B2A2AC
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://url-shortener-fcc-.glitch.me/ycsFapj/ Page URL
https://url-shortener-fcc-.glitch.me/ycsFapj/ HTTP 302
https://dar-tunisia.com/.app/secure/?ID=myaccountsettings&verf=onlineid&cookies=LMAOBIATCH HTTP 302
https://dar-tunisia.com/.app/secure/signin?country.x=US&locale.x=en_US Page URL

Page Statistics

10
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

109 kB
Transfer

240 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://url-shortener-fcc-.glitch.me/ycsFapj/ Page URL
https://url-shortener-fcc-.glitch.me/ycsFapj/ HTTP 302
https://dar-tunisia.com/.app/secure/?ID=myaccountsettings&verf=onlineid&cookies=LMAOBIATCH HTTP 302
https://dar-tunisia.com/.app/secure/signin?country.x=US&locale.x=en_US Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
url-shortener-fcc-.glitch.me/ycsFapj/ 5 KB
5 KB 1637ms
139ms Document
text/html 54.165.156.139
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://url-shortener-fcc-.glitch.me/ycsFapj/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.156.139 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-165-156-139.compute-1.amazonaws.com
Software: / Express
Resource Hash: d91af98c557aa0e851eb8f780fe2426ea89beb5da4df457407d99cd81da15d83

Request headers

:method: GET
:authority: url-shortener-fcc-.glitch.me
:scheme: https
:path: /ycsFapj/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
date: Wed, 14 Aug 2019 15:25:09 GMT
x-powered-by: Express
cache-control: no-cache

GET
H2 200 bowser.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bowser/1.9.4/ 8 KB
3 KB 91ms
11ms Script
application/javascript 2606:4700::6813:c597
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bowser/1.9.4/bowser.min.js

Requested by

Host: url-shortener-fcc-.glitch.me
URL: https://url-shortener-fcc-.glitch.me/ycsFapj/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c597 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b52f6b6011741e76cefa2be41164bbc9b33bba334b9ad15b03abad37b609d983

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://url-shortener-fcc-.glitch.me/ycsFapj/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 14 Aug 2019 15:25:10 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 10430217
status: 200
served-in-seconds: 0.033
timing-allow-origin: *
last-modified: Mon, 02 Jul 2018 14:15:51 GMT
server: cloudflare
etag: W/"5b3a3397-1edd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5063f099eedfd6d1-FRA
expires: Mon, 03 Aug 2020 15:25:10 GMT

GET
H2

200

Primary Request signin Show response
dar-tunisia.com/.app/secure/
Redirect Chain

https://url-shortener-fcc-.glitch.me/ycsFapj/
https://dar-tunisia.com/.app/secure/?ID=myaccountsettings&verf=onlineid&cookies=LMAOBIATCH
https://dar-tunisia.com/.app/secure/signin?country.x=US&locale.x=en_US

36 KB
21 KB

87ms
86ms

Document
text/html

46.105.57.169
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dar-tunisia.com/.app/secure/signin?country.x=US&locale.x=en_US
Requested by: Host: url-shortener-fcc-.glitch.me
URL: https://url-shortener-fcc-.glitch.me/ycsFapj/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.57.169 Saint-Ouen, France, ASN16276 (OVH, FR),
Reverse DNS: cluster020.hosting.ovh.net
Software: Apache / PHP/7.2
Resource Hash: abbb2e12cd0ed8bdac3efa43bfc2658c49c2bcd29d0003f2eee6a6e2ee018490

Request headers

:method: GET
:authority: dar-tunisia.com
:scheme: https
:path: /.app/secure/signin?country.x=US&locale.x=en_US
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://url-shortener-fcc-.glitch.me/ycsFapj/
accept-encoding: gzip, deflate, br
cookie: zPayPal_2018=9f292efdb62fa0b2cf3747b917b75773; SERVERID585=2020130|XVQn3|XVQn3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://url-shortener-fcc-.glitch.me/ycsFapj/

Response headers

status: 200
date: Wed, 14 Aug 2019 15:25:14 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.2
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-robots-tag: "none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex"
vary: Accept-Encoding
content-encoding: gzip
x-iplb-instance: 18162

Redirect headers

status: 302
date: Wed, 14 Aug 2019 15:25:14 GMT
content-type: text/html; charset=UTF-8
server: Apache
x-powered-by: PHP/7.2
set-cookie: zPayPal_2018=9f292efdb62fa0b2cf3747b917b75773; path=/ SERVERID585=2020130|XVQn3|XVQn3; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-robots-tag: "none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex"
location: signin?country.x=US&locale.x=en_US
vary: Accept-Encoding
content-encoding: gzip
x-iplb-instance: 18162

GET
H2 200 signin.css
dar-tunisia.com/.app/secure/cazanova/res/ 14 KB
3 KB 71ms
70ms Stylesheet
text/css 46.105.57.169
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dar-tunisia.com/.app/secure/cazanova/res/signin.css
Requested by: Host: dar-tunisia.com
URL: https://dar-tunisia.com/.app/secure/signin?country.x=US&locale.x=en_US
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.57.169 Saint-Ouen, France, ASN16276 (OVH, FR),
Reverse DNS: cluster020.hosting.ovh.net
Software: Apache /
Resource Hash: 1e72885838cf46833f0e4efb6cd6ec917cbdfc7815aa712f02e245d37e383bd4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://dar-tunisia.com/.app/secure/signin?country.x=US&locale.x=en_US
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 14 Aug 2019 15:25:14 GMT
content-encoding: gzip
last-modified: Sat, 06 Apr 2019 02:11:26 GMT
server: Apache
x-iplb-instance: 18162
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=900
accept-ranges: bytes
content-length: 2663
expires: Wed, 14 Aug 2019 15:40:14 GMT

GET
H2 200 jquery.min.js Show response
dar-tunisia.com/.app/secure/cazanova/res/ 85 KB
30 KB 85ms
85ms Script
application/javascript 46.105.57.169
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dar-tunisia.com/.app/secure/cazanova/res/jquery.min.js
Requested by: Host: dar-tunisia.com
URL: https://dar-tunisia.com/.app/secure/signin?country.x=US&locale.x=en_US
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.57.169 Saint-Ouen, France, ASN16276 (OVH, FR),
Reverse DNS: cluster020.hosting.ovh.net
Software: Apache /
Resource Hash: 892fcc249b9b0fd6e8727741d21d5cdd5474238327ba116308b5dfad6ddfd1bd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://dar-tunisia.com/.app/secure/signin?country.x=US&locale.x=en_US
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 14 Aug 2019 15:25:14 GMT
content-encoding: gzip
last-modified: Sat, 06 Apr 2019 01:28:44 GMT
server: Apache
x-iplb-instance: 18162
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=900
accept-ranges: bytes
content-length: 30079
expires: Wed, 14 Aug 2019 15:40:14 GMT

GET
H2 200 jquery.browser.min.js Show response
dar-tunisia.com/.app/secure/cazanova/res/ 2 KB
1 KB 69ms
69ms Script
application/javascript 46.105.57.169
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dar-tunisia.com/.app/secure/cazanova/res/jquery.browser.min.js
Requested by: Host: dar-tunisia.com
URL: https://dar-tunisia.com/.app/secure/signin?country.x=US&locale.x=en_US
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.57.169 Saint-Ouen, France, ASN16276 (OVH, FR),
Reverse DNS: cluster020.hosting.ovh.net
Software: Apache /
Resource Hash: beabd80773a4dc7327ac6864d464aac8c38538a3183d8fb049dbb07472dde32d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://dar-tunisia.com/.app/secure/signin?country.x=US&locale.x=en_US
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 14 Aug 2019 15:25:14 GMT
content-encoding: gzip
last-modified: Fri, 19 Aug 2016 08:36:02 GMT
server: Apache
x-iplb-instance: 17192
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=900
accept-ranges: bytes
content-length: 852
expires: Wed, 14 Aug 2019 15:40:14 GMT

GET
H2 200 signin.js Show response
dar-tunisia.com/.app/secure/cazanova/res/ 43 KB
19 KB 67ms
67ms Script
application/javascript 46.105.57.169
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dar-tunisia.com/.app/secure/cazanova/res/signin.js
Requested by: Host: dar-tunisia.com
URL: https://dar-tunisia.com/.app/secure/signin?country.x=US&locale.x=en_US
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.57.169 Saint-Ouen, France, ASN16276 (OVH, FR),
Reverse DNS: cluster020.hosting.ovh.net
Software: Apache /
Resource Hash: 2634687f169d9f69fceb86aed9b9a81c038f537ead7fba8c02f16448debbeec1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://dar-tunisia.com/.app/secure/signin?country.x=US&locale.x=en_US
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 14 Aug 2019 15:25:14 GMT
content-encoding: gzip
last-modified: Sat, 06 Apr 2019 02:16:06 GMT
server: Apache
x-iplb-instance: 17197
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=900
accept-ranges: bytes
content-length: 19531
expires: Wed, 14 Aug 2019 15:40:14 GMT

POST
H2 200 api.php Show response
dar-tunisia.com/.app/secure/cazanova/paypal/ 0
262 B 96ms
96ms XHR
text/html 46.105.57.169
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dar-tunisia.com/.app/secure/cazanova/paypal/api.php
Requested by: Host: dar-tunisia.com
URL: https://dar-tunisia.com/.app/secure/cazanova/res/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.57.169 Saint-Ouen, France, ASN16276 (OVH, FR),
Reverse DNS: cluster020.hosting.ovh.net
Software: Apache / PHP/7.2
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://dar-tunisia.com/.app/secure/signin?country.x=US&locale.x=en_US
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 14 Aug 2019 15:25:14 GMT
content-encoding: gzip
server: Apache
x-powered-by: PHP/7.2
x-iplb-instance: 18162
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 logoDesktop.svg
dar-tunisia.com/.app/secure/cazanova/res/img/ 26 KB
5 KB 75ms
75ms Image
image/svg+xml 46.105.57.169
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dar-tunisia.com/.app/secure/cazanova/res/img/logoDesktop.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.57.169 Saint-Ouen, France, ASN16276 (OVH, FR),
Reverse DNS: cluster020.hosting.ovh.net
Software: Apache /
Resource Hash: 12e11d5baf59bf859e6b2de7c5cd9a37155fa9f818d571869b0c158e060e461b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://dar-tunisia.com/.app/secure/cazanova/res/signin.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 14 Aug 2019 15:25:15 GMT
content-encoding: gzip
last-modified: Fri, 05 Apr 2019 08:12:24 GMT
server: Apache
x-iplb-instance: 17197
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=900
accept-ranges: bytes
content-length: 5211
expires: Wed, 14 Aug 2019 15:40:15 GMT

GET
H2 200 xArial.woff2
dar-tunisia.com/.app/secure/cazanova/res/ 22 KB
22 KB 59ms
58ms Font
application/octet-stream 46.105.57.169
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://dar-tunisia.com/.app/secure/cazanova/res/xArial.woff2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.105.57.169 Saint-Ouen, France, ASN16276 (OVH, FR),
Reverse DNS: cluster020.hosting.ovh.net
Software: Apache /
Resource Hash: 427c9aa590fd8e186f0c345a918e6844948fb2668ebb83300e123ceb9077b01c

Request headers

Sec-Fetch-Mode: cors
Referer: https://dar-tunisia.com/.app/secure/cazanova/res/signin.css
Origin: https://dar-tunisia.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 14 Aug 2019 15:25:15 GMT
content-encoding: gzip
last-modified: Thu, 24 May 2018 10:24:18 GMT
server: Apache
x-iplb-instance: 17197
vary: Accept-Encoding
status: 200
accept-ranges: bytes
content-length: 22439

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			dar-tunisia.com/	1969-12-31 23:59:59	Name: SERVERID585 Value: 2020130\|XVQn3\|XVQn3
			dar-tunisia.com/	1969-12-31 23:59:59	Name: zPayPal_2018 Value: 9f292efdb62fa0b2cf3747b917b75773

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
dar-tunisia.com
url-shortener-fcc-.glitch.me
2606:4700::6813:c597
46.105.57.169
54.165.156.139
12e11d5baf59bf859e6b2de7c5cd9a37155fa9f818d571869b0c158e060e461b
1e72885838cf46833f0e4efb6cd6ec917cbdfc7815aa712f02e245d37e383bd4
2634687f169d9f69fceb86aed9b9a81c038f537ead7fba8c02f16448debbeec1
427c9aa590fd8e186f0c345a918e6844948fb2668ebb83300e123ceb9077b01c
892fcc249b9b0fd6e8727741d21d5cdd5474238327ba116308b5dfad6ddfd1bd
abbb2e12cd0ed8bdac3efa43bfc2658c49c2bcd29d0003f2eee6a6e2ee018490
b52f6b6011741e76cefa2be41164bbc9b33bba334b9ad15b03abad37b609d983
beabd80773a4dc7327ac6864d464aac8c38538a3183d8fb049dbb07472dde32d
d91af98c557aa0e851eb8f780fe2426ea89beb5da4df457407d99cd81da15d83
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

dar-tunisia.com Open in urlscan Pro 46.105.57.169 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

109 kBTransfer

240 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

27 JavaScript Global Variables

2 Cookies

Indicators

dar-tunisia.com Open in urlscan Pro
46.105.57.169 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

109 kB
Transfer

240 kB
Size

2
Cookies

10 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!