urlscan.io logo urlscan.io
SecurityTrails logo

www-drv.com Open in urlscan Pro
198.199.115.54  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
Submission: On August 05 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 20 HTTP transactions. The main IP is 198.199.115.54, located in San Francisco, United States and belongs to DIGITALOCEAN-ASN - Digital Ocean, Inc., US. The main domain is www-drv.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on October 5th 2016. Valid for: a year.
This is the only time www-drv.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
12 198.199.115.54 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
1 216.16.234.128 14472 (ATRIA)
2 180.250.66.131 17974 (TELKOMNET...)
2 2a00:1450:400... 15169 (GOOGLE)
20 6
12    198.199.115.54 (San Francisco, United States)

ASN14061 (DIGITALOCEAN-ASN - Digital Ocean, Inc., US)
PTR: ijk.tw
www-drv.com
1    2a00:1450:4001:811::2001 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
doc-0o-5g-docs.googleusercontent.com
1    216.16.234.128 (Waterloo, Canada)

ASN14472 (ATRIA - RCP, CA)
www.huntsvillelibrary.ca
2    180.250.66.131 (Bogor, Indonesia)

ASN17974 (TELKOMNET-AS2-AP PT Telekomunikasi Indonesia, ID)
PTR: 131.subnet180-250-66.speedy.telkom.net.id
cfs2.uzone.id
2    2a00:1450:4001:811::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google-analytics.com
Domain Requested by
12 www-drv.com www-drv.com
2 www.google-analytics.com www-drv.com
2 cfs2.uzone.id www-drv.com
1 www.huntsvillelibrary.ca www-drv.com
1 doc-0o-5g-docs.googleusercontent.com www-drv.com
0 cfs.u-ad.info Failed www-drv.com
0 www.facebook.com Failed www-drv.com
20 7

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
Subject Issuer Validity Valid
www-drv.com
COMODO RSA Domain Validation Secure Server CA		 2016-10-05 -
2017-10-05		 a year crt.sh
*.googleusercontent.com
Google Internet Authority G2		 2017-07-25 -
2017-10-17		 3 months crt.sh
*.uzone.id
COMODO RSA Domain Validation Secure Server CA		 2016-01-27 -
2019-01-26		 3 years crt.sh
*.google-analytics.com
Google Internet Authority G2		 2017-07-25 -
2017-10-17		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
Frame ID: 8834.1
Requests: 20 HTTP requests in this frame

Frame: http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fapps%2Fapplication.php%3Fid%3D56531631380&layout=standard&show_faces=true&width=2000&action=like&colorscheme=light&height=1000
Frame ID: 8834.2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

20
Requests

85 %
HTTPS

40 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

75 kB
Transfer

238 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request 9
  • https://drive.google.com/uc?id=0B84zo9MRvzAlcEVCUy10T0w0aGc
  • https://doc-0o-5g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/g349ui8nf1m087ch5ab9qhl88mdu6skt/1501941600000/10098282640079461970/*/0B84zo9MRvzAlcEVCUy10T0w0aGc

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/ 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.199.115.54 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - Digital Ocean, Inc., US),
Reverse DNS
ijk.tw
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
fd353c3e9b4912c976f23ac936c0017ec62b91d4701659ecc3679b3f779f0431

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 05 Aug 2017 15:35:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Aug 2017 10:54:09 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
b83289b621add426afdf77e661466afa
Vary
Accept-Encoding
Content-Type
text/html;charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
5140
k7LsZ6Kzebp.css
www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/css/ 		2 KB
747 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/css/k7LsZ6Kzebp.css
Requested by
Host: www-drv.com
URL: https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.199.115.54 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - Digital Ocean, Inc., US),
Reverse DNS
ijk.tw
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8440eff1a8ab22fb1a5ee0861c2913be96342ed3235b3b28bb5c295cbd706d23

Request headers

Referer
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 05 Aug 2017 15:35:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Aug 2017 10:54:28 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
394d75e27494c1a0007d5dcb059fc695
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
747
RdxXuLZOwAp.css
www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/css/ 		105 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/css/RdxXuLZOwAp.css
Requested by
Host: www-drv.com
URL: https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.199.115.54 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - Digital Ocean, Inc., US),
Reverse DNS
ijk.tw
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
3cb38c0015ac502e1101a8619a73aa550758c6c8764487287cbc59ef8cb14f82

Request headers

Referer
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 05 Aug 2017 15:35:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Aug 2017 10:54:28 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
91ec01022fef3c95ce26ca252cc991b6
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
28780
INa-j1hStsU.css
www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/css/ 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/css/INa-j1hStsU.css
Requested by
Host: www-drv.com
URL: https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.199.115.54 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - Digital Ocean, Inc., US),
Reverse DNS
ijk.tw
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
cd8fb946ef1c5efd94bfe1507eb7a9fbf3e6737ff2085da1b5728a06cfb4bf9e

Request headers

Referer
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 05 Aug 2017 15:35:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Aug 2017 10:54:28 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
a25340addac53da79d6f918efd041477
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
6755
diMQkJ1Odg6.css
www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/css/diMQkJ1Odg6.css
Requested by
Host: www-drv.com
URL: https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.199.115.54 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - Digital Ocean, Inc., US),
Reverse DNS
ijk.tw
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
71262a119250662e3964e7a7095df56ee35b8b0102e9bb5ba63c779ed7b01721

Request headers

Referer
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 05 Aug 2017 15:35:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Aug 2017 10:54:26 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
7d2957dfb44a0ebb7c701067e4a7b62b
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1271
1Vv4bii7bxR.css
www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/css/1Vv4bii7bxR.css
Requested by
Host: www-drv.com
URL: https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.199.115.54 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - Digital Ocean, Inc., US),
Reverse DNS
ijk.tw
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
06337152ac163e643d15926d44a76e00007fc052b6608a2de1d9571c4d85ab78

Request headers

Referer
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 05 Aug 2017 15:35:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Aug 2017 10:54:26 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
ac4afa049a0d06a184d972d9de359bd6
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
3959
IFFDgrjmTDl.css
www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/css/ 		1 KB
752 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/css/IFFDgrjmTDl.css
Requested by
Host: www-drv.com
URL: https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.199.115.54 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - Digital Ocean, Inc., US),
Reverse DNS
ijk.tw
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
6c19a05a0eb40122d548ace01bec8f6902aa60df27f8e3caafecb76e84ecf518

Request headers

Referer
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 05 Aug 2017 15:35:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Aug 2017 10:54:26 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
bfa640ced4e8d95fcb7bb458e45c69ab
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
752
1j-MOx9XPgA.css
www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/css/1j-MOx9XPgA.css
Requested by
Host: www-drv.com
URL: https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.199.115.54 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - Digital Ocean, Inc., US),
Reverse DNS
ijk.tw
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
a23faaf3c17c98031799d70ccff8d24f8510922e6a50ea319e93951a416aede2

Request headers

Referer
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 05 Aug 2017 15:35:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Aug 2017 10:54:25 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
42b829fa4a6a485adb7861fe5f524d3b
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
1305
VLogo77go.css
www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/css/ 		341 B
215 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/css/VLogo77go.css
Requested by
Host: www-drv.com
URL: https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.199.115.54 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - Digital Ocean, Inc., US),
Reverse DNS
ijk.tw
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
5cc83fcd3aa16ffcf007f81a43e8618639bbccc9ca174059a3696111cd413421

Request headers

Referer
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 05 Aug 2017 15:35:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Aug 2017 10:54:30 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
ca4dc43d674c88ad2ca313088490e857
Vary
Accept-Encoding
Content-Type
text/css;charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
215
QSUIFyb0MPk.js
www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/css/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/css/QSUIFyb0MPk.js
Requested by
Host: www-drv.com
URL: https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.199.115.54 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - Digital Ocean, Inc., US),
Reverse DNS
ijk.tw
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
29c829169f16b3ef04548b1283f299affccb5a9aea7f1e36557baba80d9d72ed

Request headers

Referer
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 05 Aug 2017 15:35:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Aug 2017 10:54:28 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
ac528c5e3ba8e9a18fb3b121f7a17282
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
3434
0B84zo9MRvzAlcEVCUy10T0w0aGc
doc-0o-5g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/g349ui8nf1m087ch5ab9qhl88mdu6skt/1501941600000/10098282640079461970/*/
Redirect Chain
  • https://drive.google.com/uc?id=0B84zo9MRvzAlcEVCUy10T0w0aGc
  • https://doc-0o-5g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/g349ui8nf1m087ch5ab9qhl88mdu6skt/1501941600000/10098282640079461970/*/0B84zo9MRvzAlcEVCUy10T0w0aGc
 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doc-0o-5g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/g349ui8nf1m087ch5ab9qhl88mdu6skt/1501941600000/10098282640079461970/*/0B84zo9MRvzAlcEVCUy10T0w0aGc
Requested by
Host: www-drv.com
URL: https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:811::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
UploadServer /
Resource Hash
06843a9f0ddc5fed3d1fb0d420195a43f5cd9be2209c3c889bc214ee5bb5657b

Request headers

Referer
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Sat, 05 Aug 2017 15:35:59 GMT
access-control-allow-methods
GET,OPTIONS
server
UploadServer
access-control-allow-headers
Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, GData-Version, google-cloud-resource-prefix, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, Slug, Transfer-Encoding, Want-Digest, x-chrome-connected, X-ClientDetails, X-GData-Client, X-GData-Key, X-Goog-Api-Client, X-Goog-AuthUser, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, X-Goog-Visitor-Id, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Ariane-Xsrf-Token, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Goog-Meeting-Botguardid, X-Goog-Meeting-Debugid, X-Goog-Meeting-Token, X-Client-Data, X-Sfdc-Authorization
status
200
x-guploader-uploadid
AEnB2UpNElLFyfZWJCtHBLYN9H0m4NdWjkMEks-8IhW_VV1b6Vpjfo33A7Ihavz_RhiNKvPbymA6X9g_L2rlbzQha5KeueROEkHrel2poZlpD40EcDQqTrM
x-goog-hash
crc32c=lGzmmA==
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=0
access-control-allow-credentials
false
content-disposition
inline;filename="fbsecurity.png";filename*=UTF-8''fbsecurity.png
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
10801
expires
Sat, 05 Aug 2017 15:35:59 GMT

Redirect headers

pragma
no-cache
date
Sat, 05 Aug 2017 15:35:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
status
302
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://support.google.com/accounts/answer/151657?hl=en for more info.", CP="This is not a P3P policy! See https://support.google.com/accounts/answer/151657?hl=en for more info."
location
https://doc-0o-5g-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/g349ui8nf1m087ch5ab9qhl88mdu6skt/1501941600000/10098282640079461970/*/0B84zo9MRvzAlcEVCUy10T0w0aGc
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
301
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
icon.png
www.huntsvillelibrary.ca/en/eservices/resources/eLearning/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.huntsvillelibrary.ca/en/eservices/resources/eLearning/icon.png
Requested by
Host: www-drv.com
URL: https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
Protocol
HTTP/1.1
Server
216.16.234.128 Waterloo, Canada, ASN14472 (ATRIA - RCP, CA),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET, ASP.NET
Resource Hash
602400c3750c075687855adce98ee0d028b8f07615b13c923ec42e06e81ac480
Security Headers
Name Value
X-Frame-Options SAMEORIGIN, ALLOW-FROM http://catalogue.huntsvillelibrary.ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 05 Aug 2017 15:35:56 GMT
Cache-Control
private
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET, ASP.NET
Content-Length
5358
X-Frame-Options
SAMEORIGIN, ALLOW-FROM http://catalogue.huntsvillelibrary.ca
Content-Type
text/html; charset=utf-8
wd.js
www-drv.com/inc/ 		515 B
378 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www-drv.com/inc/wd.js
Requested by
Host: www-drv.com
URL: https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.199.115.54 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - Digital Ocean, Inc., US),
Reverse DNS
ijk.tw
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
8db857f9f197b428bda35e16c18557d6362958b320ef32e6808249679034f631

Request headers

Referer
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 05 Aug 2017 15:35:56 GMT
Content-Encoding
gzip
Last-Modified
Sun, 11 Dec 2016 14:31:40 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"203-54362d86b9102-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
378
like.php
www.facebook.com/plugins/ Frame 8834 		0
0
logo.png
www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/css/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/css/logo.png
Requested by
Host: www-drv.com
URL: https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.199.115.54 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN - Digital Ocean, Inc., US),
Reverse DNS
ijk.tw
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
44dd67c60935aeeb90d72487d4b7e504e6bd5a037c91ba26d2ef6071f5579737

Request headers

Referer
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/css/VLogo77go.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Sat, 05 Aug 2017 15:35:56 GMT
Server
Apache/2.4.18 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
3863
Content-Type
text/html; charset=UTF-8
request
cfs.u-ad.info/cfspushadsv2/ 		0
0
request
cfs2.uzone.id/cfspushadsv2/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cfs2.uzone.id/cfspushadsv2/request?id=1&enc=telkom2&params=4TtHaUQnUEiP6K%2fc5C582ECSaLdwqSpn1PQRF6ZGJ%2brQOhUUyMy3LC9QEp1LACfXa6J3dH%2fzseAZmX8SBNoRqb7M3KIl%2fYHZ17UQ%2fxdpVTE9dSjxc3hUuhQ3bT82iPKKTgZmvX5a94CGs8WTJ13xmY205sUhL2kJOFXiPYggpmW%2b9%2b2jcwWLFVK7mg7Djkygzf1Likqk3AZ6UaFsgMj3ywvAvJM7IwS1wA9hQTlxJhc54BzAXgFxC0yONgNSPKe%2fikxmveMEy8FskzADn%2bzPWCNdMaahRYB3fo157PRGLx0SwbuizR%2fgm2NmI%2biysB1nfbTcU7w3FPItlr%2buTH2TII4URqPbhdoArdkDgI7jgcDLO%2fgJpcJuF%2bNvb9jQkd6zMXlhh%2bldd4fwbgUvhMLQfOL%2f6WarRu2sTzFaqY84pTAIKF2VtrTziNBWCZ4aLo1ZQ4T%2f4RN4PLPyn0qc97HxClOv%2fCWTR2RBLYts3INtkmd%2fRzNCUkRIMCnUnVs3p3KEP9aJQeETYjRztY%2bibfvmzBdP4k7VBv3xNC6g01OpfMy%2bDKQE0gAWqYUkxYh9y25f&idc_r=61976591584&domain=www-drv.com&sw=1600&sh=1200
Requested by
Host: www-drv.com
URL: https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
180.250.66.131 Bogor, Indonesia, ASN17974 (TELKOMNET-AS2-AP PT Telekomunikasi Indonesia, ID),
Reverse DNS
131.subnet180-250-66.speedy.telkom.net.id
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1

Request headers

Referer
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 05 Aug 2017 15:33:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Accept-Encoding
Strict-Transport-Security
max-age=1
Content-Type
text/html
X-Fastcgi-Cache
MISS
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
0
request
cfs2.uzone.id/cfspushadsv2/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cfs2.uzone.id/cfspushadsv2/request?id=1&enc=telkom2&params=4TtHaUQnUEiP6K%2fc5C582ECSaLdwqSpna%2b1yoDJzh76MCBIuOp7DSK3xSNNN1gm2St4txeQWrG00iTwYrdZmdwF4qIgJouwEwF6MudihRx2xNRhJRvUw2EaUsPCTwmUxhA0gx9VJycts8229FLiTEq77fQpvA4%2bLxIBmvXohABftColBstSnoKQ8664Co9wH2qbn0uH02JB7F2lmur8V1UVqhKqbQWHllVk%2b%2bOac%2bsq0ULzc6uzNbVWtVrRZECK3XiG64gtfOOGT8PdMnNtgJQEkzIRShi2RdDlpHTmiwZDlIOsghKs45fGnRw%2b%2b0iTuKiwO8cgmHuI2ASIXSNR5iLx56ewLAYIcwZwv8BC8pNI1LQe0WH7WTm2PPQdcmKLyyf5ajBVafXAipTiM2c%2fOndgMOD5LWjl9JFGQ8U0ZesxQAJ23yGv3r2gi52u%2f9UK8lO6FlvJiWnj6il826Sot5WzDaCLctiGPFlk0p7LENnI3JLNqYPvLSNjY7ICoPwdnC3qzI787LLxA%2fCfAgjepv3gWx0%2bGruHM&idc_r=88429332985&domain=www-drv.com&sw=1600&sh=1200
Requested by
Host: www-drv.com
URL: https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
180.250.66.131 Bogor, Indonesia, ASN17974 (TELKOMNET-AS2-AP PT Telekomunikasi Indonesia, ID),
Reverse DNS
131.subnet180-250-66.speedy.telkom.net.id
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1

Request headers

Referer
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 05 Aug 2017 15:33:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Accept-Encoding
Strict-Transport-Security
max-age=1
Content-Type
text/html
X-Fastcgi-Cache
MISS
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
0
analytics.js
www.google-analytics.com/ 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www-drv.com
URL: https://www-drv.com/inc/wd.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:811::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
86a91c5efc8a8bc3cdb5630040f43ce896adde299660951a2d3ceb278d693ac6
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 01 Aug 2017 03:25:32 GMT
server
Golfe2
age
1007
date
Sat, 05 Aug 2017 15:19:09 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
13249
expires
Sat, 05 Aug 2017 17:19:09 GMT
collect
www.google-analytics.com/r/ 		35 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j58&a=240251791&t=pageview&_s=1&dl=https%3A%2F%2Fwww-drv.com%2Fsite%2Fvwhjvpdlyhp4uz2ckduxsa%2Fpage%2Findex.html&ul=en-us&de=UTF-8&dt=Facebook&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABI~&jid=1951768636&gjid=1273574124&cid=746347585.1501947357&tid=UA-85417367-1&_gid=1959099625.1501947357&_r=1&cd1=site%2Fvwhjvpdlyhp4uz2ckduxsa&z=369868243
Requested by
Host: www-drv.com
URL: https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:811::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www-drv.com/site/vwhjvpdlyhp4uz2ckduxsa/page/index.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 05 Aug 2017 15:35:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fapps%2Fapplication.php%3Fid%3D56531631380&layout=standard&show_faces=true&width=2000&action=like&colorscheme=light&height=1000
Domain
cfs.u-ad.info
URL
https://cfs.u-ad.info/cfspushadsv2/request?id=1&enc=telkom2&params=4TtHaUQnUEiP6K%2fc5C582Ltpw5OIinlRzTN45TEb7SgaoNzYAu%2b17DvV55T7UnP7mTx43LyWkcy9gmrAhdkQUGBdSfeE%2bnEFPkOOyvQ78RlTdCxeultvrfxTdsWRENSQf7zO1QSGIxRDv7nZJrawHQRQxcWENuJzj9lPvG8D87XTqj8AvXV8nIPh7%2fiNp%2bCm2P%2fEyRsfkEWuKIV%2b%2fOkTzFvMATsxKKqA9r5EJwbrqtTqJWXdt%2fCc%2bL2pAVO3DOEjndubZpc%2fbHTzVUBgfp2UK%2bjohgY54m3%2f7scPZl5gkiaCnkZuunUidARE223qKzlZoTMzYWFk5udrC9%2bnh6nT%2fW5V1KobAK%2b5rK6mFYtqUEUp%2fKNwaWkXSeOVenYTSUVbT3vQOPjb3lpQIliz6Bv5lg5RcLTP85BL9DLskbdwxUYI8%2bn%2fOA4AwDMTKawKXuJIpyyYxrDVJ9yV48RkaIzdGDwqrEQEWSN3lu4DQgBDszuc9DPlNC7ZcUvhzOTBjsCd2iVyKD841JsfKQJp4vk0k1%2bedhJ8K%2fahcSx4GSCbCgwzz%2bSO5pb6rp0vkdGlWOKpuuvV5cEE8FKRnwVlH9H%2byUu8uI%2bQ2UT%2bNEama7vuakHBg8Uq%2fKWs5RTPEUxqH8Y4O7nKJkQOln4QLvb%2ffaHuz%2f%2buCKfcmjLqUz5hPVGcSvL3dMh5r1m4iAGsOlG12iiWaMFhl73MeSlRE0m6MgDQDKm4hNbXmJ3eMvz7xbkYOXQ%3d&idc_r=88457684376&domain=www-drv.com&sw=1600&sh=1200

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cfs.u-ad.info
cfs2.uzone.id
doc-0o-5g-docs.googleusercontent.com
www-drv.com
www.facebook.com
www.google-analytics.com
www.huntsvillelibrary.ca
cfs.u-ad.info
www.facebook.com
180.250.66.131
198.199.115.54
216.16.234.128
2a00:1450:4001:811::2001
2a00:1450:4001:811::200e
06337152ac163e643d15926d44a76e00007fc052b6608a2de1d9571c4d85ab78
06843a9f0ddc5fed3d1fb0d420195a43f5cd9be2209c3c889bc214ee5bb5657b
29c829169f16b3ef04548b1283f299affccb5a9aea7f1e36557baba80d9d72ed
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3cb38c0015ac502e1101a8619a73aa550758c6c8764487287cbc59ef8cb14f82
44dd67c60935aeeb90d72487d4b7e504e6bd5a037c91ba26d2ef6071f5579737
5cc83fcd3aa16ffcf007f81a43e8618639bbccc9ca174059a3696111cd413421
602400c3750c075687855adce98ee0d028b8f07615b13c923ec42e06e81ac480
6c19a05a0eb40122d548ace01bec8f6902aa60df27f8e3caafecb76e84ecf518
71262a119250662e3964e7a7095df56ee35b8b0102e9bb5ba63c779ed7b01721
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8440eff1a8ab22fb1a5ee0861c2913be96342ed3235b3b28bb5c295cbd706d23
86a91c5efc8a8bc3cdb5630040f43ce896adde299660951a2d3ceb278d693ac6
8db857f9f197b428bda35e16c18557d6362958b320ef32e6808249679034f631
a23faaf3c17c98031799d70ccff8d24f8510922e6a50ea319e93951a416aede2
cd8fb946ef1c5efd94bfe1507eb7a9fbf3e6737ff2085da1b5728a06cfb4bf9e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd353c3e9b4912c976f23ac936c0017ec62b91d4701659ecc3679b3f779f0431