chineseflreworks.com
Open in
urlscan Pro
202.75.32.73
Malicious Activity!
Public Scan
Submission: On October 14 via automatic, source openphish
Summary
This is the only time chineseflreworks.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: LinkedIn (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 202.75.32.73 202.75.32.73 | 17971 (TMVADS-AP...) (TMVADS-AP TM-VADS DC Hosting) | |
16 | 2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
3 | 2a02:26f0:6c0... 2a02:26f0:6c00:299::25eb | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a05:f500:10:... 2a05:f500:10:101::b93f:9101 | 14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation) | |
1 2 | 2.16.186.51 2.16.186.51 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 2 | 185.40.235.209 185.40.235.209 | 36236 (NETACTUATE) (NETACTUATE - NetActuate) | |
27 | 7 |
ASN17971 (TMVADS-AP TM-VADS DC Hosting, MY)
PTR: ptr.opteron-server.net
chineseflreworks.com |
ASN14413 (LINKEDIN - LinkedIn Corporation, US)
www.linkedin.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-51.deploy.static.akamaitechnologies.com
b.scorecardresearch.com |
ASN36236 (NETACTUATE - NetActuate, Inc, US)
PTR: tagserver2.otp.hv.prod
radar.cedexis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
licdn.com
static.licdn.com |
249 KB |
4 |
linkedin.com
platform.linkedin.com www.linkedin.com |
14 KB |
3 |
chineseflreworks.com
chineseflreworks.com |
48 KB |
2 |
cedexis.com
1 redirects
radar.cedexis.com |
322 B |
2 |
scorecardresearch.com
1 redirects
b.scorecardresearch.com |
947 B |
27 | 5 |
Domain | Requested by | |
---|---|---|
18 | static.licdn.com |
chineseflreworks.com
static.licdn.com |
3 | platform.linkedin.com |
chineseflreworks.com
static.licdn.com |
3 | chineseflreworks.com |
static.licdn.com
|
2 | radar.cedexis.com |
1 redirects
chineseflreworks.com
|
2 | b.scorecardresearch.com | 1 redirects |
1 | www.linkedin.com |
static.licdn.com
|
27 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.linkedin.com |
press.linkedin.com |
blog.linkedin.com |
developer.linkedin.com |
business.linkedin.com |
learning.linkedin.com |
mobile.linkedin.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.licdn.com DigiCert SHA2 Secure Server CA |
2016-02-16 - 2019-04-17 |
3 years | crt.sh |
This page contains 2 frames:
Primary Page:
http://chineseflreworks.com/l1k3d/
Frame ID: 0AFD2ABE13F142D3D8437CBEA9354020
Requests: 26 HTTP requests in this frame
Frame:
http://radar.cedexis.com/1539279173/radar.html?customer-id=11326
Frame ID: 3EE922DE7CD4E365D437D6B9DD074FCB
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Google Analytics (Analytics) Expand
Detected patterns
- env /^gaGlobal$/i
Page Statistics
61 Outgoing links
These are links going to different origins than the main page.
Title: Forgot password?
Search URL Search Domain Scan URL
Title: User Agreement
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Cookie Policy
Search URL Search Domain Scan URL
Title: A
Search URL Search Domain Scan URL
Title: B
Search URL Search Domain Scan URL
Title: C
Search URL Search Domain Scan URL
Title: D
Search URL Search Domain Scan URL
Title: E
Search URL Search Domain Scan URL
Title: F
Search URL Search Domain Scan URL
Title: G
Search URL Search Domain Scan URL
Title: H
Search URL Search Domain Scan URL
Title: I
Search URL Search Domain Scan URL
Title: J
Search URL Search Domain Scan URL
Title: K
Search URL Search Domain Scan URL
Title: L
Search URL Search Domain Scan URL
Title: M
Search URL Search Domain Scan URL
Title: N
Search URL Search Domain Scan URL
Title: O
Search URL Search Domain Scan URL
Title: P
Search URL Search Domain Scan URL
Title: Q
Search URL Search Domain Scan URL
Title: R
Search URL Search Domain Scan URL
Title: S
Search URL Search Domain Scan URL
Title: T
Search URL Search Domain Scan URL
Title: U
Search URL Search Domain Scan URL
Title: V
Search URL Search Domain Scan URL
Title: W
Search URL Search Domain Scan URL
Title: X
Search URL Search Domain Scan URL
Title: Y
Search URL Search Domain Scan URL
Title: Z
Search URL Search Domain Scan URL
Title: More
Search URL Search Domain Scan URL
Title: Browse by country/region
Search URL Search Domain Scan URL
Title: Sign Up
Search URL Search Domain Scan URL
Title: Help Center
Search URL Search Domain Scan URL
Title: About
Search URL Search Domain Scan URL
Title: Press
Search URL Search Domain Scan URL
Title: Blog
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Developers
Search URL Search Domain Scan URL
Title: Talent
Search URL Search Domain Scan URL
Title: Marketing
Search URL Search Domain Scan URL
Title: Sales
Search URL Search Domain Scan URL
Title: Learning
Search URL Search Domain Scan URL
Title: Learning
Search URL Search Domain Scan URL
Title: Jobs
Search URL Search Domain Scan URL
Title: Salary
Search URL Search Domain Scan URL
Title: Mobile
Search URL Search Domain Scan URL
Title: ProFinder
Search URL Search Domain Scan URL
Title: Members
Search URL Search Domain Scan URL
Title: Jobs
Search URL Search Domain Scan URL
Title: Pulse
Search URL Search Domain Scan URL
Title: Companies
Search URL Search Domain Scan URL
Title: Salaries
Search URL Search Domain Scan URL
Title: Universities
Search URL Search Domain Scan URL
Title: Top Jobs
Search URL Search Domain Scan URL
Title: User Agreement
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Community Guidelines
Search URL Search Domain Scan URL
Title: Cookie Policy
Search URL Search Domain Scan URL
Title: Copyright Policy
Search URL Search Domain Scan URL
Title: Guest Controls
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- http://b.scorecardresearch.com/b?c1=2&c2=6402952&c3=&c4=&c5=&c6=&c15=&ns__t=1539489153289&ns_c=UTF-8&c8=LinkedIn%3A%20Log%20In%20or%20Sign%20Up&c7=http%3A%2F%2Fchineseflreworks.com%2Fl1k3d%2F&c9= HTTP 302
- http://b.scorecardresearch.com/b2?c1=2&c2=6402952&c3=&c4=&c5=&c6=&c15=&ns__t=1539489153289&ns_c=UTF-8&c8=LinkedIn%3A%20Log%20In%20or%20Sign%20Up&c7=http%3A%2F%2Fchineseflreworks.com%2Fl1k3d%2F&c9=
- http://radar.cedexis.com/1/11326/radar.html HTTP 302
- http://radar.cedexis.com/1539279173/radar.html?customer-id=11326
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
chineseflreworks.com/l1k3d/ |
47 KB 47 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js
static.licdn.com/scds/concat/common/ |
9 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css
static.licdn.com/scds/concat/common/ |
14 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js
static.licdn.com/scds/concat/common/ |
11 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5c1gkgcvsf6dyn9e1sibwbera
static.licdn.com/sc/h/ |
39 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
com.linkedin.jet-static%3Ajet-static%2B1.0.27%2B%2Fjet-1.0.27%2Fvendor%2Fstacktrace-noamd.min.js
static.licdn.com/sc/f/ |
5 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
com.linkedin.jet-static%3Ajet-static%2B1.0.27%2B%2Fjet-1.0.27%2Flibs%2Fxhr.min.js
static.licdn.com/sc/f/ |
968 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cwn0a0e7hog2i33c88ucrvot5
static.licdn.com/sc/h/ |
8 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3qk7aqkysw7gz575y2ma1e5ky
static.licdn.com/sc/h/ |
24 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
19dd5wwuyhbk7uttxpuelttdg
static.licdn.com/sc/h/ |
70 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js
static.licdn.com/scds/concat/common/ |
45 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js
static.licdn.com/scds/concat/common/ |
16 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
71upozbw7t6agbzwl4oog1xlh,27ftp26z6dvrdcg640xdatntb,edz16jejjqcx42fe0m2ca4nx9
static.licdn.com/sc/h/ |
66 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js
static.licdn.com/scds/concat/common/ |
10 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js
static.licdn.com/scds/concat/common/ |
604 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics.js
platform.linkedin.com/js/ |
26 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
track
chineseflreworks.com/li/ |
325 B 517 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js
static.licdn.com/scds/concat/common/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
tracking
www.linkedin.com/mob/ |
0 2 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
b2
b.scorecardresearch.com/ Redirect Chain
|
0 248 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
radar.html
radar.cedexis.com/1539279173/ Frame 3EE9 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
px.js
platform.linkedin.com/js/ |
35 B 461 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
64xk850n3a8uzse6fi11l3vmz
static.licdn.com/sc/h/ |
139 KB 139 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
95o6rrc5ws6mlw6wqzy0xgj7y
static.licdn.com/sc/h/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5koy91fjbrc47yhwyzws65ml7
static.licdn.com/sc/h/ |
653 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
px.js
platform.linkedin.com/js/ |
35 B 461 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
track
chineseflreworks.com/li/ |
325 B 517 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: LinkedIn (Social Network)31 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| LI object| metas object| liTrackClient undefined| externalTracking function| initJet object| track object| jet object| preLibErrQueueHandler function| printStackTrace object| xhr object| __li__lix_registry__ object| dust object| t8 object| play object| sc object| xmessage undefined| jSecureOriginal function| require object| LIModules undefined| jSecure object| __li__config_registry__ object| __li__i18n_registry__ object| globalNav string| GoogleAnalyticsObject function| ga undefined| RumTracking object| __core-js_shared__ object| TrackingTwo object| gaplugins object| gaGlobal object| abp0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
b.scorecardresearch.com
chineseflreworks.com
platform.linkedin.com
radar.cedexis.com
static.licdn.com
www.linkedin.com
185.40.235.209
2.16.186.51
202.75.32.73
2a02:26f0:6c00:28c::25ea
2a02:26f0:6c00:296::25ea
2a02:26f0:6c00:299::25eb
2a05:f500:10:101::b93f:9101
02ade95e66c0093447856e93b58ac338fb8503779dd1b3213254554750b24809
0358eb7e4c2b0d13a1cd8077c708df7dc6ea02b376f88c7a8d2f014ae8a798b5
069d84e6eea128aceb4b895c238b20b92ed287320ff22b665aabe1dfef9dce2b
0b61e4779b2463fd2cc0970a8863921ec137113ed8dca37ce7df92570441e66a
1cc63b3144ac41aac2a87c41270f8cd6573e43833706ef3d2f906bf438df21d9
21c1cba99589f609273fd1a2642326a74326696e3d5df08b31c6a7aa08f7669b
22efb437807cb4b863943eb83a66fdcd793de9c635235465b08ad825251e4b4e
3c4babdba95111f624076f53eda535f731ec2db0396cde029253e5a87c78911b
40a1da8784ef2e69b6eba94a961db9748d079184b01266110917d98f40f09dba
6c66517000417fab138f43b9926bcad36afdc0422c9331b7b8935d89714105d1
6ce4b4502fc800c7b0231f5a8f5aae34e62e29ba16c30292a2a46501a9b6102e
7082beece2b33a3168640c2a6f9ce68d6eb89332c174aac145039d0741654859
779e6f64994afd63f7f3a9bdda69693df4a8315156567c1aa6daa8d1ebc87dd5
77a372d3061907bef0b08cad72fe65243fb3d4660486a1c98ddefcf68897e722
7c9955228fae7a06ed57f358f793cc75ba0eb169562baadd013d4a99b08cc092
8664fd528a3cca8b19eee5199a69dc6f59751a28da5142928f5ec6672b5d5186
8aebaec1ffd57cd1ec169547dab9c75e456e4ca8c507e21d888d7c39ac0739be
bdbb5ffd824142cbd8fb5974a8eb8592742eb1995209d49d4d4611198589ee16
c6c800ef65d05e8128e73a2ccd1db4587cf71387d08d22beb40b42be136469b5
cc893248993ef34d4f73b0941fe78ef107d16253cdc422b9429dd5a84968193e
ceaeb9ba062f1878ea554d2c999f64da775a4c646175d33a35fa3beb90231ba1
d63a992d6df8ca628eb7e728fbad3a461c20cd8a3f4452c6804881f715af556a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855