cu8.org
Open in
urlscan Pro
181.214.147.41
Malicious Activity!
Public Scan
Submission Tags: @phish_report
Submission: On October 19 via api from FI — Scanned from FI
Summary
This is the only time cu8.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Community Verdicts: Malicious — 1 votes Show Verdicts
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 181.214.147.41 181.214.147.41 | 15440 (BALTNETA ...) (BALTNETA Customers AS) | |
1 | 1 |
Domain | Requested by | |
---|---|---|
1 | cu8.org | |
1 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://cu8.org/track/3bKsPZ15DOMV1uooitwlnlg3ZMPWAAOSJENSUXI404512/20073j9
Frame ID: B7C1BB8A12CE8C2615571224D1B36CE4
Requests: 1 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
1 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
20073j9
cu8.org/track/3bKsPZ15DOMV1uooitwlnlg3ZMPWAAOSJENSUXI404512/ |
42 B 279 B |
Document
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Malicious
page.url
Submitted on
October 19th 2023, 12:10:09 am
UTC —
From United States
Threats:
Malware
Unwanted Software
Potentially Harmful Application
Comment: RUSSIAN SPYWARE: http://cu8.org/track/3bKsPZ15DOMV1uooitwlnlg3ZMPWAAOSJENSUXI404512/20073j9 sent by RUSSIAN MALNET using harvested emails and MALICIOUS websites: http://cu8.org https://t.co https://firebasestorage.googleapis.com https://urchingquest.com https://happyhalloween.click https://www.bcloudtrk.com http://houpin.ch http://uqoyfhyqtmgfnvakivuuaehnujrraweauv.makingstory.review https://st.hzcdn.com http://fenders.makeup https://noisygrip.com https://tinyurl.com/yvvrbc38
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cu8.org
181.214.147.41
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629