forum-metal.com
Open in
urlscan Pro
82.165.25.137
Malicious Activity!
Public Scan
Submission: On February 23 via manual from IL
Summary
This is the only time forum-metal.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: DocuSign (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
6 | 82.165.25.137 82.165.25.137 | 8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48) | |
7 | 2 |
ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: s15954151.onlinehome-server.info
forum-metal.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
forum-metal.com
forum-metal.com |
30 KB |
0 |
uzone.id
Failed
cfs.uzone.id Failed |
|
7 | 2 |
Domain | Requested by | |
---|---|---|
6 | forum-metal.com |
forum-metal.com
|
0 | cfs.uzone.id Failed |
forum-metal.com
|
7 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://forum-metal.com/go/memberLogin/mobile/login.php
Frame ID: 18ACF2946EFE384E76CC1D585971F686
Requests: 7 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.php
forum-metal.com/go/memberLogin/mobile/ |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header.png
forum-metal.com/go/memberLogin/images/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer.png
forum-metal.com/go/memberLogin/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
g+.png
forum-metal.com/go/memberLogin/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
no%20account.png
forum-metal.com/go/memberLogin/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
button.png
forum-metal.com/go/memberLogin/images/ |
926 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
request
cfs.uzone.id/2fn7a2/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cfs.uzone.id
- URL
- http://cfs.uzone.id/2fn7a2/request?id=1&enc=9UwkxLgY9¶ms=4TtHaUQnUEiP6K%2fc5C582CL4NjpNgssKOB0xRk3OTg6jny0D8yMYdZmau%2f1HewhXwh0vnG6txlmBOxukWPAwQStxbyHRlespVqfRNUf9cHe8PReQ9yZ7xmRxp2y5Qo5H%2f3OhNqby0j4EfCZKXyX91j%2b5OSM3KR9BlMKOjP2ITw7o4AwZ2hRbHW%2bggjhmSHoeYDQhqubmcCmpglq5YUTrffUAmwk95bh1qQXHKwOeR3%2fwgUpx5MQc9RqRixiNM97al9ZyI4eQkI0oLAn35CheHbWunun7hwyhXauuHsmnuz1pFhJAvaey%2b%2faYgxapodB4Ed1N5BsVams3QzQK5n3ezojpjel57%2fX2IC3Ict7gzYz4ep1QXt85nLpPFDqZfL6%2f3BaGtWuOwBtEXVT%2fD1bMSFhnaM2FqGmvPl4nvWWhLbIhn%2bzDEM4tew%3d%3d&idc_r=24587036548&domain=forum-metal.com&sw=1600&sh=1200
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: DocuSign (Online)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| unhideBody function| netbro_cache_analytics function| sync function| requestCfs0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cfs.uzone.id
forum-metal.com
cfs.uzone.id
82.165.25.137
3a4b97b64db2be0485c1a224d2f846dfca51b2bcc6889a457c8d4d4beb5dad43
7ae694638bb670bd12e1976d78fbc9a2a632303bb508f2f6820bffdf0b03535f
7f106e5573f887dab541dfda3365cfc929e4b17b67e20d91906ea189b78d9279
9bcb977aff446cd516c15f0146f2c07a2ba29334b4fa740f6c84b3663f65b3de
ca8e128d1fb82ede5ebad9fd3fc80e453491dcf13f91d75753c266fa49ecfd5d
db1180b4694a667ab51b5c07972b7355c821249757001897609423da3fe1b9d0