maerskrent.com
Open in
urlscan Pro
163.181.92.202
Malicious Activity!
Public Scan
Effective URL: https://maerskrent.com/index/login/index.html
Submission Tags: @phish_report
Submission: On August 05 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by Certum Domain Validation CA SHA2 on April 27th 2023. Valid for: a year.
This is the only time maerskrent.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Maersk (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 8 | 163.181.92.202 163.181.92.202 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
7 | 1 |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
maerskrent.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
maerskrent.com
1 redirects
maerskrent.com |
167 KB |
7 | 1 |
Domain | Requested by | |
---|---|---|
8 | maerskrent.com |
1 redirects
maerskrent.com
|
7 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
maerskrent.com Certum Domain Validation CA SHA2 |
2023-04-27 - 2024-05-26 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://maerskrent.com/index/login/index.html
Frame ID: 1C8E81C9374878744A354A731E9998F3
Requests: 7 HTTP requests in this frame
Screenshot
Page Title
Member LoginPage URL History Show full URLs
-
https://maerskrent.com/
HTTP 302
https://maerskrent.com/index/login/index.html Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://maerskrent.com/
HTTP 302
https://maerskrent.com/index/login/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.html
maerskrent.com/index/login/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
maerskrent.com/static/index/css/ |
52 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.js
maerskrent.com/static/index/js/ |
272 KB 99 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
function.js
maerskrent.com/static/index/js/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
maerskrent.com/static/index/css/imgs/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logoTitle.svg
maerskrent.com/static/index/css/imgs/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon.png
maerskrent.com/static/index/css/imgs/ |
39 KB 39 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Maersk (Transportation)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| rem function| ge function| copy function| profit function| getLink object| Gere object| obj object| rgBtn function| login1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
maerskrent.com/ | Name: PHPSESSID Value: d64fb461ff295ef84e870c1f8f291bd8 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=5184000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
maerskrent.com
163.181.92.202
19c2ff8384c14552104a2f7a5a830aef510669837d65fb0c20a9bee749e54b8b
2ab63ffdba5723f6481e4ad89283d65244a8d83d098c037ef9aad0deea043aff
3ef5c8838576142629c3689181d544e4dea1094c41148a780198bf62a8b3b93a
6c0aae257f5a2999e27ca570b934c0ce20bb32da5a61050053cb6542897b457a
a62ab079bf00fae41d00abd7c34af9a943ece066c4e756cdde6d05dc8b7c4e47
cefa9b263de5b45dda41436fb928bd3ca804b874ae4b2bb6ef31e6664b33c947
dbf4ee21df8505dc674b37caba7309f0f6df2907dd3c4bac1d830703a8fe63f0