urlscan.io logo urlscan.io
SecurityTrails logo

maerskrent.com Open in urlscan Pro
163.181.92.202  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://maerskrent.com/
Effective URL: https://maerskrent.com/index/login/index.html
Submission Tags: @phish_report
Submission: On August 05 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 163.181.92.202, located in Frankfurt am Main, Germany and belongs to TAOBAO Zhejiang Taobao Network Co.,Ltd, CN. The main domain is maerskrent.com.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on April 27th 2023. Valid for: a year.
This is the only time maerskrent.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Maersk (Transportation)

Domain & IP information

IP Address AS Autonomous System
1 8 163.181.92.202 24429 (TAOBAO Zh...)
7 1
Apex Domain
Subdomains		 Transfer
8 maerskrent.com
maerskrent.com
167 KB
7 1
Domain Requested by
8 maerskrent.com 1 redirects maerskrent.com
7 1

This site contains no links.

Subject Issuer Validity Valid
maerskrent.com
Certum Domain Validation CA SHA2		 2023-04-27 -
2024-05-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://maerskrent.com/index/login/index.html
Frame ID: 1C8E81C9374878744A354A731E9998F3
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Member Login

Page URL History Show full URLs

  1. https://maerskrent.com/ HTTP 302
    https://maerskrent.com/index/login/index.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

166 kB
Transfer

388 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://maerskrent.com/ HTTP 302
    https://maerskrent.com/index/login/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
maerskrent.com/index/login/
Redirect Chain
  • https://maerskrent.com/
  • https://maerskrent.com/index/login/index.html
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://maerskrent.com/index/login/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.202 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine / PHP/7.4.33
Resource Hash
dbf4ee21df8505dc674b37caba7309f0f6df2907dd3c4bac1d830703a8fe63f0
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

ali-swift-global-savetime
1691266891
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 05 Aug 2023 20:21:31 GMT
eagleid
a3b55c9d16912668904982418e
server
Tengine
strict-transport-security
max-age=5184000
timing-allow-origin
*
vary
Accept-Encoding
via
cache2.l2de2[577,577,200-0,M], cache10.l2de2[578,0], ens-cache3.de5[581,580,200-0,M], ens-cache9.de5[583,0]
x-cache
MISS TCP_MISS dirn:-2:-2
x-powered-by
PHP/7.4.33
x-swift-cachetime
0
x-swift-savetime
Sat, 05 Aug 2023 20:21:31 GMT

Redirect headers

ali-swift-global-savetime
1691266890
cache-control
no-cache,must-revalidate
content-type
text/html; charset=utf-8
date
Sat, 05 Aug 2023 20:21:30 GMT
eagleid
a3b55c9d16912668898401467e
location
/index/login/index.html
server
Tengine
strict-transport-security
max-age=5184000
timing-allow-origin
*
via
cache21.l2de2[550,549,302-0,M], cache23.l2de2[551,0], ens-cache12.de5[554,553,302-0,M], ens-cache9.de5[557,0]
x-cache
MISS TCP_MISS dirn:-2:-2
x-powered-by
PHP/7.4.33
x-swift-cachetime
0
x-swift-savetime
Sat, 05 Aug 2023 20:21:30 GMT
style.css
maerskrent.com/static/index/css/ 		52 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maerskrent.com/static/index/css/style.css?v=1691266891
Requested by
Host: maerskrent.com
URL: https://maerskrent.com/index/login/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.202 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2ab63ffdba5723f6481e4ad89283d65244a8d83d098c037ef9aad0deea043aff
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://maerskrent.com/index/login/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
date
Sat, 05 Aug 2023 20:21:31 GMT
via
cache17.l2de2[700,700,200-0,M], cache12.l2de2[701,0], ens-cache9.de5[704,704,200-0,M], ens-cache9.de5[706,0]
content-encoding
br
age
0
x-swift-cachetime
2592000
x-cache
MISS TCP_MISS dirn:-2:-2
x-swift-savetime
Sat, 05 Aug 2023 20:21:31 GMT
last-modified
Sun, 30 Jul 2023 10:12:21 GMT
server
Tengine
etag
W/"64c63785-d1ef"
vary
Accept-Encoding, Accept-Encoding
ali-swift-global-savetime
1691266891
content-type
text/css
cache-control
max-age=43200
timing-allow-origin
*
eagleid
a3b55c9d16912668911813466e
expires
Sun, 06 Aug 2023 08:21:31 GMT
jquery-3.2.1.js
maerskrent.com/static/index/js/ 		272 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maerskrent.com/static/index/js/jquery-3.2.1.js
Requested by
Host: maerskrent.com
URL: https://maerskrent.com/index/login/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.202 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
19c2ff8384c14552104a2f7a5a830aef510669837d65fb0c20a9bee749e54b8b
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://maerskrent.com/index/login/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
date
Wed, 26 Jul 2023 14:51:57 GMT
via
cache3.l2de2[0,0,304-0,H], cache11.l2de2[2,0], ens-cache13.de5[0,0,200-0,H], ens-cache9.de5[1,0]
content-encoding
br
age
883774
x-swift-cachetime
2240716
x-cache
HIT TCP_MEM_HIT dirn:13:44786733
x-swift-savetime
Sun, 30 Jul 2023 16:26:41 GMT
last-modified
Sat, 23 Apr 2022 04:34:16 GMT
server
Tengine
etag
W/"626381c8-43f14"
vary
Accept-Encoding, Accept-Encoding
ali-swift-global-savetime
1690383117
content-type
application/javascript
cache-control
max-age=43200
timing-allow-origin
*
eagleid
a3b55c9d16912668911823470e
expires
Thu, 27 Jul 2023 02:51:57 GMT
function.js
maerskrent.com/static/index/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maerskrent.com/static/index/js/function.js
Requested by
Host: maerskrent.com
URL: https://maerskrent.com/index/login/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.202 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
cefa9b263de5b45dda41436fb928bd3ca804b874ae4b2bb6ef31e6664b33c947
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://maerskrent.com/index/login/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
date
Sat, 22 Jul 2023 06:52:04 GMT
via
cache16.l2de2[0,0,200-0,H], cache25.l2de2[1,0], ens-cache12.de5[0,0,200-0,H], ens-cache9.de5[2,0]
content-encoding
br
age
1258167
x-swift-cachetime
1961196
x-cache
HIT TCP_MEM_HIT dirn:12:598263139
x-swift-savetime
Sat, 29 Jul 2023 14:05:28 GMT
last-modified
Sun, 09 Jul 2023 09:53:32 GMT
server
Tengine
etag
W/"64aa839c-4ac7"
vary
Accept-Encoding, Accept-Encoding
ali-swift-global-savetime
1690008724
content-type
application/javascript
cache-control
max-age=43200
timing-allow-origin
*
eagleid
a3b55c9d16912668911823471e
expires
Sat, 22 Jul 2023 18:52:04 GMT
logo.svg
maerskrent.com/static/index/css/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maerskrent.com/static/index/css/imgs/logo.svg
Requested by
Host: maerskrent.com
URL: https://maerskrent.com/static/index/css/style.css?v=1691266891
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.202 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
3ef5c8838576142629c3689181d544e4dea1094c41148a780198bf62a8b3b93a
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://maerskrent.com/static/index/css/style.css?v=1691266891
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
date
Tue, 01 Aug 2023 08:44:25 GMT
via
cache26.l2de2[502,502,304-0,M], cache26.l2de2[503,0], ens-cache12.de5[0,0,200-0,H], ens-cache9.de5[2,0]
content-encoding
br
age
387427
x-swift-cachetime
2592000
x-cache
HIT TCP_MEM_HIT dirn:13:201782123
x-swift-savetime
Tue, 01 Aug 2023 08:44:25 GMT
last-modified
Tue, 13 Dec 2022 08:50:32 GMT
server
Tengine
etag
W/"63983cd8-4d5"
vary
Accept-Encoding
ali-swift-global-savetime
1690879465
content-type
image/svg+xml
timing-allow-origin
*
eagleid
a3b55c9d16912668921914941e
logoTitle.svg
maerskrent.com/static/index/css/imgs/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maerskrent.com/static/index/css/imgs/logoTitle.svg
Requested by
Host: maerskrent.com
URL: https://maerskrent.com/static/index/css/style.css?v=1691266891
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.202 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
6c0aae257f5a2999e27ca570b934c0ce20bb32da5a61050053cb6542897b457a
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://maerskrent.com/static/index/css/style.css?v=1691266891
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
date
Tue, 01 Aug 2023 08:44:25 GMT
via
cache11.l2de2[518,519,304-0,M], cache2.l2de2[520,0], ens-cache10.de5[0,0,200-0,H], ens-cache9.de5[1,0]
content-encoding
br
age
387427
x-swift-cachetime
2592000
x-cache
HIT TCP_MEM_HIT dirn:13:427903056
x-swift-savetime
Tue, 01 Aug 2023 08:44:25 GMT
last-modified
Tue, 13 Dec 2022 09:25:49 GMT
server
Tengine
etag
W/"6398451d-94f"
vary
Accept-Encoding
ali-swift-global-savetime
1690879465
content-type
image/svg+xml
timing-allow-origin
*
eagleid
a3b55c9d16912668921924943e
icon.png
maerskrent.com/static/index/css/imgs/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maerskrent.com/static/index/css/imgs/icon.png
Requested by
Host: maerskrent.com
URL: https://maerskrent.com/static/index/css/style.css?v=1691266891
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.92.202 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
a62ab079bf00fae41d00abd7c34af9a943ece066c4e756cdde6d05dc8b7c4e47
Security Headers
Name Value
Strict-Transport-Security max-age=5184000

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://maerskrent.com/static/index/css/style.css?v=1691266891
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=5184000
date
Tue, 01 Aug 2023 08:44:25 GMT
via
cache4.l2de2[511,512,304-0,M], cache9.l2de2[513,0], ens-cache13.de5[0,0,200-0,H], ens-cache9.de5[1,0]
age
387427
x-swift-cachetime
2592000
x-cache
HIT TCP_MEM_HIT dirn:12:450909417
x-swift-savetime
Tue, 01 Aug 2023 08:44:25 GMT
content-length
39696
last-modified
Tue, 31 Jan 2023 09:55:18 GMT
server
Tengine
etag
"63d8e586-9b10"
ali-swift-global-savetime
1690879465
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
eagleid
a3b55c9d16912668921924946e
expires
Thu, 31 Aug 2023 08:44:25 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Maersk (Transportation)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| rem function| ge function| copy function| profit function| getLink object| Gere object| obj object| rgBtn function| login

1 Cookies

Domain/Path Name / Value
maerskrent.com/ Name: PHPSESSID
Value: d64fb461ff295ef84e870c1f8f291bd8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=5184000