maerskvip.vc
Open in
urlscan Pro
47.246.23.164
Malicious Activity!
Public Scan
Effective URL: https://maerskvip.vc/index/login/index.html
Submission: On March 29 via manual from CA — Scanned from CA
Summary
TLS certificate: Issued by Certum Domain Validation CA SHA2 on February 22nd 2023. Valid for: a year.
This is the only time maerskvip.vc was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Maersk (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 10 | 47.246.23.164 47.246.23.164 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
8 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
maerskvip.vc
2 redirects
maerskvip.vc |
687 KB |
8 | 1 |
Domain | Requested by | |
---|---|---|
10 | maerskvip.vc |
2 redirects
maerskvip.vc
|
8 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
maerskvip.vc Certum Domain Validation CA SHA2 |
2023-02-22 - 2024-03-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://maerskvip.vc/index/login/index.html
Frame ID: 3C87EC15EC03B8E3399EF63DBBD396A7
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
A.P. Moller - Maersk GroupPage URL History Show full URLs
-
http://maerskvip.vc/
HTTP 301
https://maerskvip.vc/ HTTP 302
https://maerskvip.vc/index/login/index.html Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://maerskvip.vc/
HTTP 301
https://maerskvip.vc/ HTTP 302
https://maerskvip.vc/index/login/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.html
maerskvip.vc/index/login/ Redirect Chain
|
33 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
maerskvip.vc/static/index/css/ |
46 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.js
maerskvip.vc/static/index/js/ |
272 KB 272 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ethers-v4.min.js
maerskvip.vc/static/index/js/ |
296 KB 297 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
function.js
maerskvip.vc/static/index/js/ |
18 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
maerskvip.vc/static/index/css/imgs/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logoTitle.svg
maerskvip.vc/static/index/css/imgs/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon.png
maerskvip.vc/static/index/css/imgs/ |
39 KB 39 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Maersk (Transportation)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery function| setImmediate function| clearImmediate object| ethers function| rem function| ge function| copy function| profit function| getLink object| Gere object| obj object| rgBtn function| login2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
maerskvip.vc/index/login | Name: thinkphp_show_page_trace Value: 0|0 |
|
maerskvip.vc/ | Name: PHPSESSID Value: 02569f5201fb4fa085972b43e9f454f9 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=5184000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
maerskvip.vc
47.246.23.164
19c2ff8384c14552104a2f7a5a830aef510669837d65fb0c20a9bee749e54b8b
2ab7e527af5bb124b8b6613bfccee03351438ea06d548465c8fb14457645b6b3
2f426ca96f459f9229cf53665db2de4ec82d15ce49f767915378d87f733ccf9a
3ef5c8838576142629c3689181d544e4dea1094c41148a780198bf62a8b3b93a
6c0aae257f5a2999e27ca570b934c0ce20bb32da5a61050053cb6542897b457a
83171ce6831197c0f77fd1ab8b4795a6064b60f0376341672e2e989a5b2cef19
846f676a751142fccaed31408d0ba2be2769208c71987a41a374b2855c90d71d
a62ab079bf00fae41d00abd7c34af9a943ece066c4e756cdde6d05dc8b7c4e47
b8008eb8d82cfea22256d35a342e83f6840a95ab67017f2de64d471a3bedb967
d442a7c24d28092ce0747e6044da50141ca16fa5292bab04d68a9bbed08016c4